Cybersecurity

Cloud Computing: Raytheon to Plow $1.7 Billion Into New Cyber Venture

Grazed from WSJ. Author: Doug Cameron.

Raytheon Co. is betting it can leverage the cybersecurity skills it honed for the U.S. military and intelligence agencies to sell to banks and retailers, investing almost $1.7 billion to establish a stand-alone business in an area where its defense peers have struggled to make money.

The company on Monday said it would buy control of Websense Inc. from private-equity firm Vista Partners LLC. Raytheon said Austin, Texas-based Websense, which has 21,000 data-security clients, half of them overseas, will form the core of a new cyber joint venture with forecast sales of $500 million this year and margins of around 20%...

How best to manage Cloud security

Grazed from SeaCoastOnline.  Author: MJ Shoer.

Moving business systems to the Cloud offers a lot of positives for most businesses. However, there are risks that need to be clearly understood so you don’t accidentally make your IT infrastructure more complicated to secure.As more businesses fall under some form of regulation, federal, state or local, you have to be aware of compliance requirements.

You also have to be prepared for audits, especially the unexpected kind. What I’m talking about here are not financial audits, but regulatory audits where officials come to your business and review your security policies and practices, specifically as they relate to how your team accesses your various systems and your ability to continue operations should those systems become unavailable. In the current climate, this is mostly focused on business with some form of consumer business as opposed to businesses that solely do business with other businesses, but expect that to change...

Cloud Infographic – Path Of A Cyber Attacker

Grazed from CloudTweaks.  Author: Editorial Staff.

We’ve covered a fair bit of infosec here on CloudTweaks over the years. It’s an important area for all regardless of if you’re a consumer or a business.

Security expert and consultant – Chetan Soni, discusses some of the security issues and tools to consider as part of your business plan: “Cloud computing has become a business solution for many organizational problems. But there are security risks involved with using cloud servers: service providers generally only take responsibility of keeping systems up, and they neglect security at many ends. Therefore, it is important that clouds are properly penetration (pen) tested and secured to ensure proper security of user data…”

Cyber Incident Response: What To Do When Cloud Bites Back

Grazed from CCI. Author: Nick Pollard.

The technology increases efficiency by removing the need for physical infrastructure, but cloud contracts can present significant practical obstacles to incident response (IR) strategies. When a security incident happens, the speed at which the breach is identified is integral. The faster the response, the more quickly infectious malware can be halted, access stopped, sensitive data protected, and the threat remediated.

This makes a significant difference in controlling risk, costs, and exposure. But in a cloud world, the challenge arises when a company wants access to the servers that infrastructure is based on. Often, data centre providers will not allow a business to get into these, making it impossible to know where the attack is coming from...

Cloud Computing: What's the Cost of a Cyberattack?

Grazed from CFO. Author: David M. Katz.

In a February editorial about the buildup of cyberattacks between the United States and Iran, The New York Times quoted President Obama’s observation that, compared with conventional weaponry, cyberweapons provide “no clear line between offense and defense.” Thus, getting into the enemy’s networks to exploit its weakness and disable its ability to attack you is both offense and defense.

Citing “major banks, Sony Pictures Entertainment, [and] an electrical utility,” the newspaper observed that such recent examples reveal that even corporate computer systems once considered impregnable are vulnerable to attack. In the borderless world of information technology, in fact, computer-security specialists and corporate risk managers have begun working on the assumption that it’s impossible for companies to keep their networks completely free from penetration...

Cloud Computing: 3 Reasons Apple Is Pushing for NSA Spying Reforms

Grazed from TechCheatSheet.  Author: Nathanael Arnold.

Earlier this week, Apple and several other major U.S. tech companies renewed their calls for the U.S. government to reform its controversial electronic surveillance programs. In an open letter addressed to President Barack Obama, NSA Director Admiral Rogers, Attorney General Eric Holder, and several prominent members of Congress, Apple and dozens of other signatories urged the government to end the bulk data collection practices that were authorized under Section 215 of the USA Patriot Act.

As noted in the letter, Section 215 of the USA Patriot Act is used as the legal basis for the NSA’s bulk collection of electronic communications metadata. The letter also asked the government to institute “transparency and accountability mechanisms for both government and company reporting” for decisions made by the secret Foreign Intelligence Surveillance Court...

Cloud Computing: The Increasing Cybersecurity Attack Surface

Grazed from NetworkWorld. Author: Jon Oltsik.

I just read a good Wall Street Journal blog by Ben DiPietro titled, Speed of Tech Change a Threat to Cybersecurity. His main point is that while organizations are adopting new technologies like cloud computing, mobile computing, and applications based upon the Internet of Things (IoT), they continue to address cybersecurity risks, controls, and oversight with legacy tools and processes.

This creates a mismatch where cyber-adversaries have a distinct offensive advantage over a potpourri of assorted legacy enterprise security defenses. I couldn’t agree more Ben but it may be worse than you think as this discrepancy has been going on for years. In a 2012 research survey, ESG asked security professionals to describe the impact of numerous new IT initiatives on infosec operations and management at their organizations (note: I am an ESG employee). The research indicated that:...

Read more from the source @ http://www.networkworld.com/article/2899086/cisco-subnet/the-increasing-cybersecurity-attack-surface.html

Cloud Computing: Most Cyber Attacks Occur From This Common Vulnerability

Grazed from Business2Community.  Author: Tim Clark.

As you read this, hackers are working diligently to uncover avenues, inroads and byroads to get into your confidential corporate data. I know what you’re thinking. You’ve heard this all before, your company isn’t vulnerable and you already took care of it. Are you sure?

Time for a reality check. Even if you figured out how to plug holes in your networks, the hackers may be gaining access through applications and solutions. Sure, many organizations have significant network security in place but it’s not enough as 84% of all cyber-attacks are happening on the application layer...

Cloud Computing: Rise of the cybermen - A guide to neutralising 2015’s most dangerous security threats

Grazed from ITProPortal.  Author: Wieland Alge.

Recent speeches by UK Prime Minister, David Cameron, and US President Barack Obama demonstrate that cyber security is still a huge concern for national governments.  We should be in no doubt that another raft of counter-measures is being considered at national and international levels.

However, those in charge of IT security in the business community are not necessarily taking their cue from world leaders to re-evaluate their own policies and ensure they are still offering protection from the kind of cyber attacks that are likely to occur in 2015...

Cloud Computing: Top 3 CIO Challenges in 2015: Security, Downtime and Talent

Grazed from LogicWorks.  Author: Editorial Staff.

What are the top CIO challenges in 2015? According to a survey reported yesterday on CIO.com, security, downtime, and staffing top the list of workplace issues “keeping CIOs up at night.”

No surprises there. After a flurry of recent high-profile cyber-attacks and internal security breaches, the majority of CIO executives will ramp up the security and availability of their systems in 2015, according to the report. Unfortunately, this often means that teams are scrambling to finish a checklist of CIO security concerns to patch up the most immediate vulnerabilities, rather than taking a longer view and building rigorous and monitored security practices into all layers of their IT deployments...