Read the following whitepaper to learn:
1. The top 5 vulnerabilities for most data breaches in the Retail industry
2. Where do most attackers come from? And what motivates them?
3. The 3 essential parts of a security strategy to protect from intrusions
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
Businesses and governments alike are experiencing an alarming rate of malicious activity from both external and internal actors.
Not surprisingly, mission-critical mainframe applications make for desirable targets with large repositories of enterprise customer sensitive data. Mainframe environments are increasingly at risk opening accesses through the internet, mobile initiatives, big data initiatives, social initiatives, and more to drive the business forward. Additionally, there are some security challenges that are specific to the mainframe - traditional protection methods are no longer enough, insider threats are also on the rise, mainframe environments could be more vulnerable with reliance on privilege users to administer security, silo-ed mainframe IT management, limited ownership visibility, and lack of uniformed security management across the enterprise.
View this on-demand webcast to learn more about specific mainframe data protection challenges, top tips for protecting sensitive data, and key data protection capabilities that you should consider to address these challenges.
Register here for the playback: https://event.on24.com/wcc/r/1461947/D9664CC82EC641AA58D35462DB703470
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
What could cybersecurity look like in the cognitive era? Organizations are facing a number of well-known security challenges and these challenges are leading to gaps in intelligence, speed, and accuracy when it comes to threats and incidents. The gaps can’t be addressed by simply scaling up legacy processes and infrastructure – new approaches are needed, and cognitive security solutions may help address these gaps. IBM conducted a survey of over 700 security professionals leaders and practitioners from 35 countries, representing 18 industries to get a sense for what challenges they are facing, how they are being addressed, and how they view cognitive security solutions as a potential powerful new tool.
Join us as Diana Kelley, Executive Security Advisor in IBM Security, and David Jarvis, Functional Research Lead for CIO and Cybersecurity in the IBM Institute for Business Value, discuss findings from the 2016 Cybersecurity Study “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System” This webinar will cover an overview of the study findings, including:
Security challenges, shortcomings and what security leaders are doing about them
Views on cognitive security solutions – how they might help, readiness to implement and what might be holding them back
What those that are ready to implement cognitive enabled security today are thinking and doing
Security Trends in the Retail IndustryIBM Security
View on demand webinar: https://securityintelligence.com/events/security-trends-in-the-retail-industry/
In 2014, significant threats and massive breaches made front-page news on a regular basis, and those that hit retailers seemed to be the ones that jumped to mind first. This may have been due, in part, to a sizable uptick in the number of cyber attacks against US retailers versus the prior year. In 2015 however, the cybercrime focus has shifted to online retailers and smaller businesses. With large retailers tightening security controls and safer chip cards coming into use, hackers are turning their sights to online transactions and smaller retail targets to capture consumer credit card data.
Join us as Nick Bradley, Practice Leader of the Threat Research Group at IBM Security, and Michelle Alvarez, Threat Researcher and Editor for IBM Managed Security Services, discuss findings from two recently-published reports on the threat landscape in the retail industry: IBM 2015 Cyber Security Intelligence Index for Retail, and Security trends in the retail industry, an IBM X-Force Research Managed Security Services report. This webinar will cover:
- An overview of security events, attacks, and incidents in the retail industry
- Attack trends over Black Friday-Cyber Monday, including 2015 data
- Who the attackers are, where the attacks are happening and what types of attacks are most commonly used
- The number of records compromised, and where the weak points are in retailer networks
- How cyber criminals are responding to the introduction of chip cards
How to Improve Threat Detection & Simplify Security OperationsIBM Security
Over 74% of global enterprise security professionals rate improving security monitoring as a top priority. Monitoring must be done efficiently within a security operations center (SOC) to combat increased threats and a limited supply of trained security analysts.
While the vendor landscape for security solutions is rapidly evolving, many early point solutions and first generation SIEMs are not keeping pace with the changing needs of security operations. A new class of platforms has emerged that combine advanced analytics and flexible deployment options. Join this exclusive webinar featuring Forrester Research to learn:
Characteristics of modern security platforms that have evolved from point solutions and basic SIEMs
Criteria to consider when evaluating vendors and solutions
The advantages of an integrated security platform that incorporates cognitive capabilities and augmented intelligence
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
Understand the impact of today's security breaches by attending our June 26th webinar which will discuss the 2017 Ponemon Cost of a Data Breach study.
Join Ponemon Institute and IBM Security Services on June 26th for a webinar discussing the impact of today’s security breaches based on the latest release of the 2017 Cost of Data Breach Study.
Register for IBM Security Services Webinar highlighting Ponemon Institute 2017 Cost of Data Breach Study The 12th annual Cost of Data Breach Study conducted by Ponemon Institute and sponsored by IBM Security Services calculates the real costs, implications and probabilities of security breaches faced by global organizations.
This webinar will present global findings highlighting trends across 11 countries and 2 regions. Attendees will have access to industry experts for live Q/A and will walk away with key insights, cost reducing strategies, investments and proactive best practices to reduce impact to their businesses in preparation for the next breach.
Join IBM Security Services and Larry Ponemon, founder of the Ponemon Institute, as he walks through the results and methodology of the 2017 Cost of Data Breach Study.
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
Businesses and governments alike are experiencing an alarming rate of malicious activity from both external and internal actors.
Not surprisingly, mission-critical mainframe applications make for desirable targets with large repositories of enterprise customer sensitive data. Mainframe environments are increasingly at risk opening accesses through the internet, mobile initiatives, big data initiatives, social initiatives, and more to drive the business forward. Additionally, there are some security challenges that are specific to the mainframe - traditional protection methods are no longer enough, insider threats are also on the rise, mainframe environments could be more vulnerable with reliance on privilege users to administer security, silo-ed mainframe IT management, limited ownership visibility, and lack of uniformed security management across the enterprise.
View this on-demand webcast to learn more about specific mainframe data protection challenges, top tips for protecting sensitive data, and key data protection capabilities that you should consider to address these challenges.
Register here for the playback: https://event.on24.com/wcc/r/1461947/D9664CC82EC641AA58D35462DB703470
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
What could cybersecurity look like in the cognitive era? Organizations are facing a number of well-known security challenges and these challenges are leading to gaps in intelligence, speed, and accuracy when it comes to threats and incidents. The gaps can’t be addressed by simply scaling up legacy processes and infrastructure – new approaches are needed, and cognitive security solutions may help address these gaps. IBM conducted a survey of over 700 security professionals leaders and practitioners from 35 countries, representing 18 industries to get a sense for what challenges they are facing, how they are being addressed, and how they view cognitive security solutions as a potential powerful new tool.
Join us as Diana Kelley, Executive Security Advisor in IBM Security, and David Jarvis, Functional Research Lead for CIO and Cybersecurity in the IBM Institute for Business Value, discuss findings from the 2016 Cybersecurity Study “Cybersecurity in the Cognitive Era: Priming Your Digital Immune System” This webinar will cover an overview of the study findings, including:
Security challenges, shortcomings and what security leaders are doing about them
Views on cognitive security solutions – how they might help, readiness to implement and what might be holding them back
What those that are ready to implement cognitive enabled security today are thinking and doing
Security Trends in the Retail IndustryIBM Security
View on demand webinar: https://securityintelligence.com/events/security-trends-in-the-retail-industry/
In 2014, significant threats and massive breaches made front-page news on a regular basis, and those that hit retailers seemed to be the ones that jumped to mind first. This may have been due, in part, to a sizable uptick in the number of cyber attacks against US retailers versus the prior year. In 2015 however, the cybercrime focus has shifted to online retailers and smaller businesses. With large retailers tightening security controls and safer chip cards coming into use, hackers are turning their sights to online transactions and smaller retail targets to capture consumer credit card data.
Join us as Nick Bradley, Practice Leader of the Threat Research Group at IBM Security, and Michelle Alvarez, Threat Researcher and Editor for IBM Managed Security Services, discuss findings from two recently-published reports on the threat landscape in the retail industry: IBM 2015 Cyber Security Intelligence Index for Retail, and Security trends in the retail industry, an IBM X-Force Research Managed Security Services report. This webinar will cover:
- An overview of security events, attacks, and incidents in the retail industry
- Attack trends over Black Friday-Cyber Monday, including 2015 data
- Who the attackers are, where the attacks are happening and what types of attacks are most commonly used
- The number of records compromised, and where the weak points are in retailer networks
- How cyber criminals are responding to the introduction of chip cards
How to Improve Threat Detection & Simplify Security OperationsIBM Security
Over 74% of global enterprise security professionals rate improving security monitoring as a top priority. Monitoring must be done efficiently within a security operations center (SOC) to combat increased threats and a limited supply of trained security analysts.
While the vendor landscape for security solutions is rapidly evolving, many early point solutions and first generation SIEMs are not keeping pace with the changing needs of security operations. A new class of platforms has emerged that combine advanced analytics and flexible deployment options. Join this exclusive webinar featuring Forrester Research to learn:
Characteristics of modern security platforms that have evolved from point solutions and basic SIEMs
Criteria to consider when evaluating vendors and solutions
The advantages of an integrated security platform that incorporates cognitive capabilities and augmented intelligence
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
Understand the impact of today's security breaches by attending our June 26th webinar which will discuss the 2017 Ponemon Cost of a Data Breach study.
Join Ponemon Institute and IBM Security Services on June 26th for a webinar discussing the impact of today’s security breaches based on the latest release of the 2017 Cost of Data Breach Study.
Register for IBM Security Services Webinar highlighting Ponemon Institute 2017 Cost of Data Breach Study The 12th annual Cost of Data Breach Study conducted by Ponemon Institute and sponsored by IBM Security Services calculates the real costs, implications and probabilities of security breaches faced by global organizations.
This webinar will present global findings highlighting trends across 11 countries and 2 regions. Attendees will have access to industry experts for live Q/A and will walk away with key insights, cost reducing strategies, investments and proactive best practices to reduce impact to their businesses in preparation for the next breach.
Join IBM Security Services and Larry Ponemon, founder of the Ponemon Institute, as he walks through the results and methodology of the 2017 Cost of Data Breach Study.
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
According to the latest research from cyber security firm, Kamino, 45% of financial advisers had experienced a cyber incident last year.
Julian Plummer, founder of Kamino, delves into why cyber security is a very real issue for financial advisers and their clients, and the types of cyber incidents that are impacting the financial planning industry. He also provides easy to implement measures to help you improve the cyber security of your practice.
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
View On-Demand Webinar: https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&referrer=&eventid=1139921&sessionid=1&key=993ECF370F9F3C594E6E3F44A0FA6BA2®Tag=13522&sourcepage=register
2015 was peppered with mega-breaches of highly sensitive data like personal health information and private bedroom behaviors. and companies of all sizes need to pay attention to security basics to stop the infiltration of attackers and protect their data.
Cybercriminals’ targets are now bigger and their rewards greater as they fine-tune efforts to obtain and leverage higher value data than years’ past.
New attack techniques like mobile overlay malware are gaining, while “classic” attacks like DDoS and POS malware continue to be effective due to lackluster practice in security fundamentals.
Malware leaps across target countries are indicative of increasing sophistication and organization in cybercrime rings.
In the 2016 edition of the IBM X-Force Threat Intelligence Report, IBM security research experts examine the macro trends that affected the industry, what to expect in 2016, and recommendations on how you can protect your digital assets.
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
View on-demand presentation: http://securityintelligence.com/events/ibm-2015-cyber-security-intelligence-index/
The cyber threat landscape is increasing in complexity and frequency. Organizations that have historically not been the target of cyber attacks now make headline news with large data losses and compromised transactions. Organizations need a clear point of view on how to respond to these threats, and one that incorporates not only the relevant technology but also the organizational changes needed.
Nick Bradley, Practice Leader of the IBM Threat Research Group and the X-Force Threat Analysis Team, and Nick Coleman, Global Head Cyber Security Intelligence Services outline what organizations need to do now and in the future to stay ahead of the growing cyber security threat.
Cybercrime Threat Landscape: Cyber Criminals Never SleepIBM Security
A Glimpse into the Cybercrime Underground
In this session, Trusteer’s senior fraud prevention strategist, Etay Maor, will dive into the latest tools, techniques and threats developed and utilized by cybercriminals. The presentation will include a market overview of the latest offerings from the criminal underground, with a deep dive into some of the techniques discussed by cybercriminals, and review how they manifest as real attacks with real examples and case studies. A share of the presentation will also be dedicated to possible mitigation strategies and techniques.
During this webinar you will learn about:
- New malware attack and evasion techniques
- The latest underground offerings on the “fraud as a service” market
- The latest rumors and discussions around malware and malware authors from the underground
- Real-time intelligence and adaptable counter measures
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
View on-demand: http://bit.ly/1OLCGgd
Cybersecurity incidents have significant impact beyond the IT organization, representing a significant risk to ongoing business continuity and reputation, and requiring heightened engagement across the entire executive team. Common wisdom is that security leaders need to speak in ways the business will understand, but what does that really mean? And how does the business side of an organization view security? To answer these questions, IBM conducted a survey of over 700 C-Suite executives - excluding the CISO - from 28 countries, across 18 industries - to understand any patterns, as well as any differing or aligning attitudes on cybersecurity. 60 percent of respondents are located in mature markets and 40 percent from emerging markets. Participants spanned traditional C-Suite roles, from CEOs and Board members to CFOs, Chief Risk Officers, CMOs, COOs, Human Resource executives, Chief Compliance Officers and Legal Counsel.
View this webinar to hear Diana Kelley, Executive Security Advisor in IBM Security, and Carl Nordman, Functional Research Lead for CFO and Cybersecurity in the IBM Institute for Business Value, discuss findings from the 2015 C-Suite Cybersecurity Study "Securing the C-Suite - Cybersecurity Perspectives from the Boardroom and C-Suite."
This webinar will cover an overview of the study findings, including:
C-Suite views of the risks and actors - Is the C-Suite view aligned with security reality?
IT and business alignment / collaboration- Who's engaged and who's not?
The tone from the top on external collaboration and sharing of incident information
Characteristics of more "Cyber-Secure" companies based on C-Suite responses to what their organization has accomplished
Symantec Intelligence Report - October 2014Symantec
The number of spear phishing attacks per day continues to trend downward over the last twelve months, coming in at 45 per day in October. Of the attachments used in such email-based attacks, the .doc attachment type comprised 62.5 percent and .exe attachments made up 14.4 percent. Of the industries attacked, the category of Finance, Insurance, and Real Estate received 28 percent of all spear phishing attempts in the month of October, followed by Manufacturing at 17 percent.
The largest data breach that was disclosed in October took place back in July. This breach had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households, plus information on an additional seven million small businesses.
In the Mac threat landscape, OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks. OSX.Okaz is an adware program that may modify browser homepage and search settings.
Finally, ransomware as a whole continues to decline as the year progresses. However, the amount of crypto-style ransomware seen continues to increase. This particularly aggressive form of ransomware made up 55 percent of all ransomware in the month of October.
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
Everyone should now understand that no bank or financial institution is immune from cyber risk. Many are now ready to move forward with improving their cyber risk posture but do not know what to do next or how to prioritize their resources. Recognizing that cybersecurity is an overall business risk issue that must be properly managed to comply with many laws and regulations governing banks and financial institutions, this presentation will provide a strategy for how to better understand and manage such risks by:
(1) Providing an overview of the legal and regulatory framework;
(2) Examining the most likely real-world risks; and
(3) Providing strategies for how to manage such risks, including cyber insurance and the development and implementation of an appropriate cyber risk management program (which is not as difficult as it sounds).
Shawn E. Tuma, cybersecurity and data privacy attorney at Spencer Fane, LLP, delivered the presentation titled Cybersecurity: Cyber Risk Management for Banks & Financial Institutions (and Attorneys Who Represent Them) at the Southwest Association of Bank Counsel 42nd Annual Convention on September 20, 2018 (formerly, Texas Association of Bank Counsel).
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistMatthew Rosenquist
Cybersecurity is a difficult and serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone.
Peering into the future of cybersecurity provides valuable insights around the challenges and opportunities. The industry is changing rapidly and attackers seem to always be one step ahead. Organizations must not only address what is ongoing, but also prepare for how cyber-threats will maneuver in the future.
The 2016 Cybersecurity Predictions presentation showcases the cause-and-effect relationships and provides insights and perspectives of the forthcoming challenges the industry is likely to face and how we can be better prepared for it.
Presentation by Larry Clinton, President of the Internet Security Alliance (ISA) to the 66th Annual Fowler Seminar on Oct 12 2012 titled Evolution of the Cyber Threat - A Unified Systems Approach.
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
Hundreds of companies, and the most demanding Federal agencies rely on DMI for Mobile Security services and solutions. And with more than 500,000 devices under management, we know how to do it right.
Now we’ve distilled 9 years of Mobile Security best practices into a white paper you can download. The paper lays out a smart, sensible approach to managing mobile risk without unnecessary cost and business disruption.
Please be our guest and check out the white paper. You’ll learn:
How to identify and protect against the threats that matter the most
What to do about “the hottest new technologies”
How to get the most protection for the least cost and disruption
The key differences and similarities between Mobile and traditional cybersecurity
- See more at: http://dminc.com/solutions/enterprise-mobility-services/mobilesecuritywp/#sthash.yTptNZRw.dpuf
Information Security in Retail & Consumer GoodsAlfonso Gadea
It’s a chilly Saturday afternoon in November and Amanda needs some clothes. She starts by going to Rita’s blog -Rita is one of the most influential fashion bloggers around- to see the latest trends...
Author: Dr. Alvaro Arenas. A publication fostered, under the direction of Alfonso Gadea, by IE Foundation and Ernst & Young.
Retail data breaches can have a serious impact on profitability and the costs of a cybersecurity incident may impact the C-Suite as well as consumer trust.
Tripwire’s chief technology officer Dwayne Melançon (@ThatDwayne) and vice president of security products at IDC Charles Kolodgy (@ckolodgy_idc) discuss the current retail cyber threat landscape with a focus on strategies to mitigate the cybersecurity risks and reduce the costs of potential security breaches, including:
- How to identify the early stages of a data breach
- Why point-of-sale and other business-critical systems require a different approach to data security
- How retailers can use the Top 20 Critical Security Controls to make businesses ‘unattractive’ to cybercriminals
- Qualified attendees will earn one CPE credit for participation in this webcast
A recording of the webcast that accompanies this slide deck can be found here: http://www.tripwire.com/register/retail-security-closing-the-threat-gap/
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
According to the latest research from cyber security firm, Kamino, 45% of financial advisers had experienced a cyber incident last year.
Julian Plummer, founder of Kamino, delves into why cyber security is a very real issue for financial advisers and their clients, and the types of cyber incidents that are impacting the financial planning industry. He also provides easy to implement measures to help you improve the cyber security of your practice.
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...IBM Security
View On-Demand Webinar: https://event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&referrer=&eventid=1139921&sessionid=1&key=993ECF370F9F3C594E6E3F44A0FA6BA2®Tag=13522&sourcepage=register
2015 was peppered with mega-breaches of highly sensitive data like personal health information and private bedroom behaviors. and companies of all sizes need to pay attention to security basics to stop the infiltration of attackers and protect their data.
Cybercriminals’ targets are now bigger and their rewards greater as they fine-tune efforts to obtain and leverage higher value data than years’ past.
New attack techniques like mobile overlay malware are gaining, while “classic” attacks like DDoS and POS malware continue to be effective due to lackluster practice in security fundamentals.
Malware leaps across target countries are indicative of increasing sophistication and organization in cybercrime rings.
In the 2016 edition of the IBM X-Force Threat Intelligence Report, IBM security research experts examine the macro trends that affected the industry, what to expect in 2016, and recommendations on how you can protect your digital assets.
Key Findings from the 2015 IBM Cyber Security Intelligence IndexIBM Security
View on-demand presentation: http://securityintelligence.com/events/ibm-2015-cyber-security-intelligence-index/
The cyber threat landscape is increasing in complexity and frequency. Organizations that have historically not been the target of cyber attacks now make headline news with large data losses and compromised transactions. Organizations need a clear point of view on how to respond to these threats, and one that incorporates not only the relevant technology but also the organizational changes needed.
Nick Bradley, Practice Leader of the IBM Threat Research Group and the X-Force Threat Analysis Team, and Nick Coleman, Global Head Cyber Security Intelligence Services outline what organizations need to do now and in the future to stay ahead of the growing cyber security threat.
Cybercrime Threat Landscape: Cyber Criminals Never SleepIBM Security
A Glimpse into the Cybercrime Underground
In this session, Trusteer’s senior fraud prevention strategist, Etay Maor, will dive into the latest tools, techniques and threats developed and utilized by cybercriminals. The presentation will include a market overview of the latest offerings from the criminal underground, with a deep dive into some of the techniques discussed by cybercriminals, and review how they manifest as real attacks with real examples and case studies. A share of the presentation will also be dedicated to possible mitigation strategies and techniques.
During this webinar you will learn about:
- New malware attack and evasion techniques
- The latest underground offerings on the “fraud as a service” market
- The latest rumors and discussions around malware and malware authors from the underground
- Real-time intelligence and adaptable counter measures
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
View on-demand: http://bit.ly/1OLCGgd
Cybersecurity incidents have significant impact beyond the IT organization, representing a significant risk to ongoing business continuity and reputation, and requiring heightened engagement across the entire executive team. Common wisdom is that security leaders need to speak in ways the business will understand, but what does that really mean? And how does the business side of an organization view security? To answer these questions, IBM conducted a survey of over 700 C-Suite executives - excluding the CISO - from 28 countries, across 18 industries - to understand any patterns, as well as any differing or aligning attitudes on cybersecurity. 60 percent of respondents are located in mature markets and 40 percent from emerging markets. Participants spanned traditional C-Suite roles, from CEOs and Board members to CFOs, Chief Risk Officers, CMOs, COOs, Human Resource executives, Chief Compliance Officers and Legal Counsel.
View this webinar to hear Diana Kelley, Executive Security Advisor in IBM Security, and Carl Nordman, Functional Research Lead for CFO and Cybersecurity in the IBM Institute for Business Value, discuss findings from the 2015 C-Suite Cybersecurity Study "Securing the C-Suite - Cybersecurity Perspectives from the Boardroom and C-Suite."
This webinar will cover an overview of the study findings, including:
C-Suite views of the risks and actors - Is the C-Suite view aligned with security reality?
IT and business alignment / collaboration- Who's engaged and who's not?
The tone from the top on external collaboration and sharing of incident information
Characteristics of more "Cyber-Secure" companies based on C-Suite responses to what their organization has accomplished
Symantec Intelligence Report - October 2014Symantec
The number of spear phishing attacks per day continues to trend downward over the last twelve months, coming in at 45 per day in October. Of the attachments used in such email-based attacks, the .doc attachment type comprised 62.5 percent and .exe attachments made up 14.4 percent. Of the industries attacked, the category of Finance, Insurance, and Real Estate received 28 percent of all spear phishing attempts in the month of October, followed by Manufacturing at 17 percent.
The largest data breach that was disclosed in October took place back in July. This breach had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households, plus information on an additional seven million small businesses.
In the Mac threat landscape, OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks. OSX.Okaz is an adware program that may modify browser homepage and search settings.
Finally, ransomware as a whole continues to decline as the year progresses. However, the amount of crypto-style ransomware seen continues to increase. This particularly aggressive form of ransomware made up 55 percent of all ransomware in the month of October.
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
Everyone should now understand that no bank or financial institution is immune from cyber risk. Many are now ready to move forward with improving their cyber risk posture but do not know what to do next or how to prioritize their resources. Recognizing that cybersecurity is an overall business risk issue that must be properly managed to comply with many laws and regulations governing banks and financial institutions, this presentation will provide a strategy for how to better understand and manage such risks by:
(1) Providing an overview of the legal and regulatory framework;
(2) Examining the most likely real-world risks; and
(3) Providing strategies for how to manage such risks, including cyber insurance and the development and implementation of an appropriate cyber risk management program (which is not as difficult as it sounds).
Shawn E. Tuma, cybersecurity and data privacy attorney at Spencer Fane, LLP, delivered the presentation titled Cybersecurity: Cyber Risk Management for Banks & Financial Institutions (and Attorneys Who Represent Them) at the Southwest Association of Bank Counsel 42nd Annual Convention on September 20, 2018 (formerly, Texas Association of Bank Counsel).
Top 10 cybersecurity predictions for 2016 by Matthew RosenquistMatthew Rosenquist
Cybersecurity is a difficult and serious endeavor which over time strives to find a balance in managing the security of computing capabilities to protect the technology which connects and enriches the lives of everyone.
Peering into the future of cybersecurity provides valuable insights around the challenges and opportunities. The industry is changing rapidly and attackers seem to always be one step ahead. Organizations must not only address what is ongoing, but also prepare for how cyber-threats will maneuver in the future.
The 2016 Cybersecurity Predictions presentation showcases the cause-and-effect relationships and provides insights and perspectives of the forthcoming challenges the industry is likely to face and how we can be better prepared for it.
Presentation by Larry Clinton, President of the Internet Security Alliance (ISA) to the 66th Annual Fowler Seminar on Oct 12 2012 titled Evolution of the Cyber Threat - A Unified Systems Approach.
Mobile Security: 5 Steps to Mobile Risk ManagementDMIMarketing
Hundreds of companies, and the most demanding Federal agencies rely on DMI for Mobile Security services and solutions. And with more than 500,000 devices under management, we know how to do it right.
Now we’ve distilled 9 years of Mobile Security best practices into a white paper you can download. The paper lays out a smart, sensible approach to managing mobile risk without unnecessary cost and business disruption.
Please be our guest and check out the white paper. You’ll learn:
How to identify and protect against the threats that matter the most
What to do about “the hottest new technologies”
How to get the most protection for the least cost and disruption
The key differences and similarities between Mobile and traditional cybersecurity
- See more at: http://dminc.com/solutions/enterprise-mobility-services/mobilesecuritywp/#sthash.yTptNZRw.dpuf
Information Security in Retail & Consumer GoodsAlfonso Gadea
It’s a chilly Saturday afternoon in November and Amanda needs some clothes. She starts by going to Rita’s blog -Rita is one of the most influential fashion bloggers around- to see the latest trends...
Author: Dr. Alvaro Arenas. A publication fostered, under the direction of Alfonso Gadea, by IE Foundation and Ernst & Young.
Retail data breaches can have a serious impact on profitability and the costs of a cybersecurity incident may impact the C-Suite as well as consumer trust.
Tripwire’s chief technology officer Dwayne Melançon (@ThatDwayne) and vice president of security products at IDC Charles Kolodgy (@ckolodgy_idc) discuss the current retail cyber threat landscape with a focus on strategies to mitigate the cybersecurity risks and reduce the costs of potential security breaches, including:
- How to identify the early stages of a data breach
- Why point-of-sale and other business-critical systems require a different approach to data security
- How retailers can use the Top 20 Critical Security Controls to make businesses ‘unattractive’ to cybercriminals
- Qualified attendees will earn one CPE credit for participation in this webcast
A recording of the webcast that accompanies this slide deck can be found here: http://www.tripwire.com/register/retail-security-closing-the-threat-gap/
Emerald works closely with CyberArk's Nick Baglin to hire leading sales talent for the EMEA region. Check out why CyberArk use Emerald for their EMEA hiring requirements
Delivering Apache Hadoop for the Modern Data Architecture Hortonworks
Join Hortonworks and Cisco as we discuss trends and drivers for a modern data architecture. Our experts will walk you through some key design considerations when deploying a Hadoop cluster in production. We'll also share practical best practices around Cisco-based big data architectures and Hortonworks Data Platform to get you started on building your modern data architecture.
Welcome to the API Economy: Developing Your API StrategyMuleSoft
View the recording of this webinar: http://www.mulesoft.com/webinars/esb/welcome-api-economy
Learn more about our Anypoint Platform for APIs: https://www.mulesoft.com/platform/api
Gartner predicts 75% of Fortune 500 enterprises will open an API by 2014. In this new API economy, those without an API strategy will be left behind. What does this mean for you and your business? Join Ross Mason, MuleSoft Founder, for a discussion on key API trends and what you can do in this New Enterprise era to unlock competitive advantage for your organization.
Questions discussed:
What has changed with APIs?
What is the API economy and how did we get here?
How are APIs transforming enterprises?
What are key API trends my organization should be planning for?
How can APIs make my business more competitive?
Secrets to managing your Duty of Care in an ever- changing world.
How well do you know your risks?
Are you keeping up with your responsibilities to provide Duty of Care?
How well are you prioritising Cybersecurity initiatives?
Liability for Cybersecurity attacks sits with Executives and Board members who may not have the right level of technical security knowledge. This session will outline what practical steps executives can take to implement a Cybersecurity Roadmap that is aligned with its strategic objectives.
Led by Krist Davood, who has spent over 28 years implementing secure mission critical systems for executives. Krist is an expert in protecting the interconnectedness of technology, intellectual property and information systems, as evidenced through his roles at The Good Guys, Court Services Victoria and Schiavello.
The seminar will cover:
• Fiduciary responsibility
• How to efficiently deal with personal liability and the threat of court action
• The role of a Cybersecurity Executive Dashboard and its ability to simplify risk and amplify informed decision making
• How to identify and bridge the gap between your Cybersecurity Compliance Rating and the threat of court action
Before the Breach: Using threat intelligence to stop attackers in their tracks- Mark - Fullbright
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
Ways To Protect Your Company From Cybercrimethinkwithniche
The Federal Bureau of Investigation FBI saw a 217 percent increase in Cybercrime Reporting between 2008 and 2021. Last year, losses reached almost $7 billion. This is due to a highly skilled cyber-threat supply network that empowers threat actors with limited know-how and limited resources to put at risk personal, economic, and national security.
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
Small business e-commerce websites make an excellent target for malicious attacks. Small businesses do not have the resources needed to effectively deal with attacks. Large and some mid-size organization have teams that are dedicated to dealing with security incidents and preventing future attacks. Most small businesses do not have the capabilities of dealing with incidents the way large organizations do. Security of e-commerce websites is essential for compliance with laws and regulations as well as gaining and maintaining the trust of consumers, partners and stakeholders. Many security standards have been established by various organizations to help guide security of small business servers, however, many of those standards or guidelines are too costly or time consuming. This paper1 will discuss how attacks are carried out and how a small business can effectively secure their networks with minimum cost.
Top 10 Methods to Prevent Cyber Attacks in 2023.pdfMobibizIndia1
When on the one hand, the technology world is growing beyond any boundaries, companies across industries are welcoming these trending technologies. They are incorporating them into their businesses to stay ahead of their competitors in this scenario. In this phase, you cannot overlook the importance of cybersecurity solutions to safeguard the crucial data stored in your internal process.
Internet, Cyber-attacks and threats are becoming more prevalent. This Infographic explains the current state, and things to consider for yourself and your business.
The 7 Colors provide a comprehensive approach to information security by covering various dimensions and considerations. Each color represents a specific aspect that organizations need to address to ensure robust protection of their information assets.
Cybersecurity- What Retailers Need To KnowShantam Goel
The retail industry is favorite among cyber-attackers due to a large number of payment transactions on a regular basis. Protect your retail business from cyber-attacks. Cybersecurity is a major concern for retailers that need to be advanced with time.
Analytics facilitates a cohesive banding together of the organization for execution-oriented
organizational alignment, enterprise agility and better performance enabling action. Smarter
decisions result leading to superior performance.
Organizations who are looking to work faster and with greater agility often look to a private cloud as a solution. Not only can a private cloud improve data security, but it can also make better use of your existing IT resources. Unless you’re using Platform as a Service (PaaS), you’re not getting the full value out of your private cloud implementation. IBM’s Private Modular Cloud removes the bottlenecks that result from manual setups of middleware provisioning.
1. IBM Sales and Distribution
White Paper
Retail
The challenge of digital security
What will it take for retailers to protect themselves?
2. 2 The challenge of digital security
With disastrous data breaches too often
in the headlines, retail executives need
to re-think the dangers of today’s
digital environment. What are the best
ways to protect the business in the face
of fast-evolving threats?
Keeping one step ahead of attackers will
require a combination of measures,
including robust system defenses, analytics
to spot intruders fast, and the ability to react
quickly whenever an intrusion occurs.
In the last year, some of the world’s most prominent retailers
have suffered the most devastating data security failures
ever. The fallout from these episodes has been enormously
damaging, both in direct financial costs as well as in terms
of customer trust and goodwill: one major retailer hit by an
attack saw a 46% reduction in its profits during the quarter
following its breach.
1
The perpetrators of such attacks are becoming more and
more sophisticated, and the scale and destructiveness of their
intrusions is growing dramatically. It’s no exaggeration to say
that the damage that can now be inflicted by a major security
failure can approach the financial and reputational damage an
airline might suffer from a serious accident. It’s quite possible
that we will see a retailer go out of business someday due to an
attack that causes a disastrous breach.
In the face of such a dangerous landscape, many retailers are
now taking additional steps to address the issue of security:
implementing stronger defenses, rethinking process controls,
and working with law enforcement to investigate intrusion
attempts. But are these efforts enough? What are the best
ways to safeguard against digital security failures? How can
management be confident that the choices it is making in this
regard are as effective–and cost-efficient–as they can be?
At IBM, we’re convinced that the retail industry should address
the challenge of digital security in a long-term, strategic way,
using a multi-layered approach:
• Anticipate security threats that are likely to manifest in the future,
and put in place defenses in depth, to minimize the likelihood of a
successful attack.
• Use advanced, automated detection mechanisms to detect patterns
and catch incipient intrusions before they get far.
• Establish a culture of informed vigilance with regard to security,
and be prepared to react swiftly and effectively to arrest attacks.
In this white paper, we describe the long-term nature of the
digital security challenge, the array of defenses and practices
that are likely to be most effective in protecting a retailer from
attack, and how retailers should approach this area of concern
within the context of the many other business priorities that
vie for executive attention.
A fast-moving target: the evolving
nature of digital security threats
The realm of digital security is, by its nature, something of
an open-ended arms race between system and data defenses
on the one hand and creative, highly persistent attackers on the
other. There will likely never be any point at which one side
“wins” conclusively– each successful defense strategy or attack
plan simply changes the game to a degree and raises the bar for
the next round of attack-and-defend.
3. IBM Sales and Distribution 3
And let’s be clear: security is not the same as compliance.
Simply being compliant with protocols like PCI-DSS doesn’t
remotely assure that an enterprise is, in fact, well-defended
against attack.
It’s a safe assumption that, at any given moment, numerous
intrusion attempts are underway against every major retailer.
This is a demonstrated fact: retail is one of the top five
most-targeted industries in terms of the volume of attacks and
attempted intrusions.2
All retailers should assume that they are
continuously subject to hacking attempts, and that these efforts
are becoming more frequent and more sophisticated over time.
For criminals, retailers can be quite a low-risk and high-profit
target. Many of these intruders are located in countries and
jurisdictions that have minimal law enforcement with regard
to cybercrime, making attackers largely immune to arrest and
punishment. And in the case of one of the most commonly
sought targets for theft–consumer credit card data–there is
a well-established global black market where such data is
bought and sold on hundreds of websites, allowing successful
perpetrators to profit instantly from their attacks.
Pervasive connectivity opens many
new avenues of attack
The retail industry’s inherent exposure to security risk
is increasing steadily, for many reasons. Most obvious is the
vastly increased pervasiveness of network connectivity, as
more and more sensitive information is held on networked
and distributed systems that are accessible to a widening array
of entry points. The broad adoption of mobile applications
by retailers adds many other new points of vulnerability.
Enterprise applications and data must, in some cases, be made
accessible to employee-owned mobile devices. Then add
today’s complex supply chains, where more access and data is
given to vendors and external partners, and where global
expansion may require retailers to expand distribution of their
own information around the world.
In short, everything is becoming more connected, and the
Internet is becoming ever more vital to the functioning of
global society and the global economy. With this comes untold
benefits and efficiencies, but also some insidious risks and
dangers. The recent Heartbleed incident has drawn attention
to our heavy reliance on–and the vulnerability of–some of
the basic building blocks of the Internet. Heartbleed worked
by compromising OpenSSL, which is used to secure sensitive
pages and transactions by over half of the world’s websites.
The nature of today’s cyber attackers
“Inside jobs” are always a concern, but the sheer
number of external attackers is larger (see Fig. 1). And as
mentioned, many of these groups and individuals are located
in jurisdictions where they may be virtually immune to
prosecution or punishment.
Figure 1: The majority of attacks originate outside the enterprise.
Source: IBM Security Services Cyber Security Intelligence Index. IBM Corporation.
July, 2013.
Security threats: Types of attackers
Outsiders
Combination
Malicious insiders
Inadvertent actor
56%
22%
17%
5%
0% 60%
20% 40%
4. 4 The challenge of digital security
Many intrusion attempts are executed by attackers who are
operating opportunistically, to exploit “doors left unlocked.”
These are still remarkably common and they can make life easy
for criminals: they include basic security lapses caused by lack
of discipline and poor adherence to process controls, as well
as system misconfigurations that can remain unrecognized and
uncorrected for an extended time (see Fig. 2).
A smaller but still substantial number of intrusion attempts are
the result of sustained, concentrated efforts to gain knowledge
of a company’s systems and controls, so that the perpetrators
can employ an informed approach–using malware or another
method–to thwart these controls. Their objective may be
to gain access, steal data, or sometimes go even further, such
as taking clandestine control of specific systems (see Fig. 3).
First things first: addressing the
most common vulnerabilities
Let’s first take a look at the most common failure points that
let intruders gain easy entry. Attackers prefer to hit wherever
security is weakest and where it will take the least effort to steal
something valuable.
According to the IBM Cyber Security Intelligence Index, these
are the five most common vulnerabilities that attackers exploit.
A retailer that takes steps to address these weak spots will close
the door on a wide range of intrusions that would otherwise
likely be successful:
1. End user didn’t think before clicking to open
an email or website
This is still painfully common, and needs to be addressed
primarily by effective process controls and an informed culture
of vigilance.
Figure 2: Opportunistic hacking still accounts for about half of all
intrusion attempts
Source: IBM Security Services Cyber Security Intelligence Index. IBM Corporation.
July, 2013.
Figure 3: Malware and sustained system probes are the tactics used most
often by attackers
Source: IBM Security Services Cyber Security Intelligence Index. IBM Corporation.
July, 2013.
Attacker motivation
0% 60%
20% 40%
Opportunistic
Industrial espionage,
financial crime,
terrorism, data theft
Dissatisfaction
with employer/job
Social activism,
civil disobedience
Other
49%
23%
15%
7%
6%
38%
20%
15%
12%
9%
2%
0% 20% 40%
Methods used by attackers
Malicious code
Software created to disrupt systems,
gain unauthorized access or gather
information about the system under attack
Sustained probe/scan
Reconaissance activity for gathering
information about targeted systems
Unathorized access
Suspicious activity
Access or credentials abuse
Denial of service
5. IBM Sales and Distribution 5
2. Weak or default passwords in use
Again, processes and internal controls are central here, and
can be reinforced by advanced system security to consistently
enforce password standards.
3. Insecure configurations
Attackers are always probing to discover misconfigurations
that have inadvertently created open-ended security holes.
This issue must be addressed through a combination of
greater vigilance in process controls and improved testing
during the process of system configuration, as well as by the
use of analytics to detect and report irregular activity that
could indicate an intrusion that is taking advantage of a
system misconfiguration.
4. Use of legacy or unpatched hardware or software
As with #3 above, attackers are always probing to find lapses
of this kind. This issue has to be addressed in a similar manner,
through improved process controls and through analytics to
detect irregular activity.
5. Lack of basic network security protection
and segmentation
Too often, existing controls and defined safe practices are
simply ignored or disregarded, as security takes a back seat
to other priorities. Retailers need to institutionalize critical
practices around network protection and data-access security,
and take proactive steps to monitor and ensure adherence.
Beyond the basics: crafting a
retail security strategy in depth
Given the ongoing evolution of the tactics used in intrusion
attempts, it’s important for retailers to keep in mind not just
the methods that have been used in the recent past, but also
the patterns that suggest the shape that defenses will need to
take in the future.
IBM’s recommended enterprise security strategy relies on
three key elements. Each must be robustly implemented to
establish effective defenses in depth:
• Advanced system security, to provide defense at every network
access point, with intelligent security fences to impede
breaches and isolate threats, supplemented by defenses to
protect each type of sensitive data.
• The use of advanced analytics as a weapon, to continuously
scan for and detect patterns that may indicate an intrusion,
so these can be brought to management’s attention and
contained before they do serious harm.
• Effective process controls and rapid response mechanisms, to
enforce good habits regarding digital security, to establish
a culture of informed vigilance, and to enable quick action
when a breach does occur.
These three layers of protection can be consistently effective
in frustrating intruders and mitigating attacks. When
employed in a thorough and consistent manner, they can help
to address future security issues through early detection,
removal and remedy.
Advanced system security: defending
at every network access point
Barriers at access points are designed to keep intruders
off the network. These are the first line of defense against
external attack.
We choose to use the term network access point defense here,
rather than perimeter defense, because “perimeter” may suggest
a single boundary line that one might intuitively equate with
the boundaries of the enterprise. But in today’s interconnected
environment, a retailer’s secured network can extend far
beyond this to include elements that are the responsibility of
suppliers, contractors, business partners, employees and others.
For this reason, in order to effectively secure the network,
attention must be paid to each of these access points and each
must be secured by an appropriate defense.
6. 6 The challenge of digital security
Accounting for every network access point is becoming
more challenging as the shape and interconnectedness of
the digital world gets more complex. To cite an example
of a relatively recent development that can have an impact
here: connected applications may extend to mobile platforms,
hybrid clouds, and into arenas like Infrastructure-as-a-Service
(IaaS) and virtual data centers. When combined with the
emerging “Internet of Things”–the widening range of
network-connected devices–this represents more avenues for
intrusion and attack. Since connected apps are frequently
updated and repaired via automatic patches that might contain
a virus or other malware, this represents another source
of danger.
Attackers who find their way onto any given component
on a network can conceivably find a way to get to seemingly
unrelated components–even the “crown jewels” of the
enterprise. The 2013 breach at Target highlights how
important it is to secure every access point–even those outside
the enterprise itself. In this incident, the attackers were
apparently able to use the stolen credentials of one of Target’s
heating/air-
conditioning contractors to work their way onto
the retailer’s store network, eventually succeeding in stealing
a huge quantity of customer credit card data from their
POS systems.
3
News accounts indicate that the initial intrusion happened
several months before the mass theft of data was executed.
The intruders were apparently confident enough that they
chose to lie in wait for several months, until the massive
burst of shopping activity over the U.S. Thanksgiving Day
weekend gave them the opening to steal a vastly larger trove
of sensitive customer financial data. The thieves were able to
maneuver across Target’s systems until they were in position
to use malware now known as KAPTOXA/BlackPOS to pull
decrypted credit card data from Target’s store POS systems.
4
The bottom line here is that retailers need to take careful
inventory of all their network access points and assess the risk
posed by each. Then, the appropriate defenses and controls
must be implemented and enforced. At the same time, a
process must be put in place to review this inventory of access
points on a regular basis, to identify changes and additions.
The widening array of network access points
To give a sense for the range of access points a retailer must
identify and secure, at a minimum these will likely include:
• Point-of-sale (POS) terminals in stores
• Mobile POS access points
• Customer-facing e-commerce websites
• Links with each third-party vendor, supply-chain vendor,
ecosystem partner and contractor
• Employee-facing access points—including those that
may utilize employee-owned mobile devices—and the
social workplace
• Links to connected data centers via the cloud
• Links to financial institutions and payment processors
• Links to managed service providers
• Links to delivery services
• Links to all other contractors who are provided with
network access
• B2B, intranet and extranet portals
• In-store wireless routers, kiosks and networks
• The expanding “Internet of Things”: IP-based printers,
IP-linked surveillance cameras and similar devices
7. IBM Sales and Distribution 7
Data security: protecting valuables inside the enterprise
If effectively implemented and maintained, network access
point defenses will keep most intruders from penetrating a
retailer’s systems. But there will be intrusion attempts that
make their way past these defenses. The second line of access
defense, therefore, is specific protection for each form of
sensitive data.
Although customer credit card data has been the target of
many of the most damaging recent intrusions, retailers need
to consider the entire range of data they hold that merits
protection (see Fig. 4).
The process that must be followed here requires identifying
every kind of data that needs protection and then every
instance of such data that must be secured. These protections
might take the form of access and port restrictions,
strengthened encryption methods, tokenized data vaults,
selective network segregation, identity management and other
barriers. The goal must be to maintain the access that
is required to conduct business smoothly, while frustrating
unauthorized or suspicious access attempts.
Figure 4: Retailers hold a broad range of information that could be damaging if exposed.
Categories of sensitive data requiring protection
Type
Customer data
Employee data
Enterprise financial data
Pricing/strategy data
Vendor data
Inventory data
Product data
Location data
Potential damage from a successful breach/theft
Trust Competitiveness Bottom line
High
High
Medium
Medium
Medium
Medium
Medium
Medium
High
Medium
High
High
High
High
High
High
High
Medium
High
High
High
High
Medium
Medium
A South Korean multi-channel retailer addresses
endpoint security to ensure business continuity
This retailer, who markets its products through cable
television, web, catalog and other channels, suffered a
damaging outage that interrupted their business in 2012.
An issue was their reliance on infrastructure that lacked
appropriate security controls.
IBM Security Services evaluated their environment
and recommended Geni Networks Genian NAC software to
guard against viruses and malevolent network traffic, as
well as Symantec Data Loss Prevention software to protect
critical information.
By establishing more effective endpoint controls and
safeguards for data, this retailer has significantly reduced the
risk of business interruption, as well as the risk of a serious
data breach
8. 8 The challenge of digital security
Using analytics as a weapon: detecting and
blocking intruders before they get far
Access-point and data-specific safeguards notwithstanding,
every retailer should expect that at least a few intruders will
make it past both these barriers. For that reason, analytics
must be in place to watch for patterns that could indicate an
intruder in the system and to issue alerts so counteractions
can be taken quickly.
Analytics therefore represents the proactive counterpart to
defensive access-point barriers. While many intrusion attempts
will be defeated, the prudent approach is to assume that barrier
walls can never be high enough. The questions then become,
“How quickly can we identify and counter each successful
entry?” and “Will we be able spot intruders immediately,
before harm is done, or only much later, after a disastrous
disruption or loss of data?”
A European retailer improves security while
lowering costs with IBM solutions
This retailer sought to provide security services to their internal
customers and to third parties following a transition to new
ownership and a related migration to new infrastructure.
To provide management and monitoring for the new
infrastructure, IBM Managed Security Services delivered
a turnkey solution that included IBM firewall management,
intrusion detection and prevention, SecureWeb Gateway,
and X-Force®
Threat Analysis, plus technology from Cisco
and BlueCoat.
These services were provided under a single contract,
with migration services and managed security services,
which reduced transition and implementation time significantly
and provided a single point of contact for all network
security-related components.
Spotting threat patterns proactively
Security analytics tools work by scanning to identify anomalous
behavior within your network: patterns that might indicate
that something suspicious is taking place. Monitoring
infrastructure logs, security logs, database logs, network data
packets, DNS transactions, configuration changes and even
social chatter, these tools look for the unusual, with specific
attention paid to actions that touch upon sensitive data.
Advanced analytics tools even go a step further and watch for
patterns as they may manifest across signals from different
sources and different kinds of activity.
When they identify an action or pattern that appears out of
place, security analytics tools can alert managers, who can then
take a closer look to determine whether further investigation
is warranted. The best and most advanced of these tools are
designed to “learn” from the evolution of network activity, so
as to dynamically refine the criteria around what may
constitute unusual behavior. They are also regularly updated
to watch for new intrusion tactics.
An effective and well-deployed security analytics tool will
be able to identify genuinely suspicious patterns of activity,
while avoiding an excessive number of false alerts. It will
also present to security managers the relevant information
on the nature of activities in a concise and accessible
way. Both of these characteristics are critical to timely and
appropriate counteraction.
Effective process controls: establishing
a culture of security, and reacting rapidly
Once network access defenses and analytic defenses are
in place, the goal becomes to keep system security up-to-date
and as advanced as possible, while maintaining and
strengthening process controls. Security must also include
the human element: the need to foster a culture of informed
vigilance is a “softer” and more elusive part of an effective
security posture, but nonetheless a vital component.
9. IBM Sales and Distribution 9
Looking back at the most common vulnerabilities discussed
earlier, it bears mention that the top two of these indicate
a deficient culture of vigilance: end users not thinking before
clicking on an email or attachment, and of the use of weak or
default passwords. Some of these vulnerabilities can be policed
through automation, such as enforcement of strong passwords,
but technology solutions can be only part of the answer. These
topics must be addressed directly with employees, suppliers
and others who have access to secured assets, and whose
behavior has an inevitable impact on security. Management at
every level of the enterprise must make it a priority to address
the issue of security regularly, to make it a central feature of
the life and culture of the organization.
And since an actual breach is always possible, retailers need
to be ready to react decisively. The goal is to quickly contain
the intrusion, assess the damage, and address the situation,
in terms of rectifying the failure as well as in communicating
responsibility outwardly to customers and the public in
a proactive and thoroughgoing way. Doing so will limit the
direct cost of the intrusion as well as the potential damage
to trust and reputation.
Learning from the experience of others
It’s a truism that one tends not to get rewarded for disasters
that didn’t happen–and the measures that have prevented
disaster may erode over time, in the absence of a costly
failure that would demonstrate their value and importance.
This risk of complacency is one of the challenges inherent
in maintaining effective security over the long term.
For this reason, when addressing security within their
organizations, retail executives should certainly make reference
to failures that occur at other retailers and to the intrusion
attempts that are taking place everywhere, all the time, in all
industries. These should serve as constant reminders of how
close and immediate the threat remains.
The cat-and-mouse game will always mean that whatever
security is in place can never be assumed to be provide perfect
protection. This is an arena in which the weaker players
can expect to be victimized more readily than the strong.
Whenever a security failure is reported at another enterprise,
an immediate re-evaluation to assess one’s own vulnerability
is warranted. This is particularly true if a failure is a result of
a new form of intrusion: retailers always need to be ready to
quickly take new pre-emptive steps as information about new
threats emerges, to stay one step ahead of the attackers.
A multinational supermarket chain implements
role-based user access controls to facilitate the
conduct of business while safeguarding data
This retailer wanted to increase sharing and internal
communications around customer-related data, and wanted
to make employee HR functions easier to access. But they
were also concerned about maintaining proper controls over
the distribution of these kinds of information.
Using IBM Security Identity Manager in conjunction with
IBM Websphere, this client implemented user access
controls for its internal employee portal to create a single
sign-on, personalized work environment. Individual access
rights are automatically updated as roles change and as
employees are on- and off-boarded, and each person’s use
is recorded to ensure audit-readiness and compliance with
security standards.
The retailer credits this solution with helping to facilitate
and streamline the functioning of their business, while at the
same time restricting access to sensitive data to those having
verified and legitimate purposes.
10. 10 The challenge of digital security
Next steps: re-assessing the strength
of current defenses
Retailers seeking to take a fresh look at their security
posture should:
• Establish a recurrent process that comprehensively re-evaluates
all security measures in place, including network access point
defenses, analytics to detect incipient intrusions, and the
maintenance of a vigilant internal culture through strong
process controls and habits. To be robust, such re-evaluations
must be performed by someone other than those who have
been responsible for defining and implementing current
security defenses. This helps to ensure objectivity, and a
fresh view on existing defenses, to spot vulnerabilities that
the organization itself has not identified. External security
specialists should be utilized to assure that the assessment
will be thorough and independent.
• Use the findings of security assessments to prioritize the next steps,
and define an action plan to bring all elements up to strength.
• Keep an eye on the evolving nature of security threats: Success in
preventing intrusions means that the organization needs to
watch how the failures of others occur and immediately take
steps to pre-empt similar incursions.
• Establish security as an ongoing theme and priority, shared by
executives at all levels and reflected in the culture as well
as the engrained habits of employees, suppliers, and other
relevant parties.
Certainly, there is no “magic bullet” here. Digital security will
remain a primary concern into the indefinite future, and must
therefore be treated as a continuing and significant risk by
organizations of all kinds.
IBM offerings for retail security
At IBM, we consider it one of our foremost responsibilities to
provide the most effective security support for our clients. IBM
offers one of the most advanced and comprehensive portfolios
of security-related services and solutions for the retail industry.
IBM service offerings
An IBM Cybersecurity Executive Awareness Briefing can help
educate on the anatomy of current attack methods and
defenses, the role of social media, and the latest advances
in technological and operational defenses. This briefing can
be useful in helping define key actions that can be taken to
immediately bolster defenses.
The IBM Security Maturity Benchmark Assessment can evaluate
the effectiveness of a retailer’s overall security defenses, using
data to make specific comparisons with peer organizations.
This assessment can therefore highlight where a retailer is
strongly defended, and where it is vulnerable, providing the
basis for a security enhancement plan of action.
IBM software offerings
IBM’s comprehensive range of technology solutions can
establish strong defenses for network access points and for
each type of data that requires protection.
IBM QRadar®
Security Intelligence Platform can serve as
a foundational element of retail organizations’ network
defense capabilities, helping to cost-effectively guard against
sophisticated attackers. QRadar encompasses advanced
threat detection, intelligent vulnerability analysis, device
configuration alignment, and network traffic telemetry reviews,
as well as other elements. QRadar collects events and logs from
a heterogenous set of sources including network infrastructure,
security devices, servers, operating systems and applications.
It then normalizes all events to enable out-of-the-box
correlation with other events, network flows and intelligence
feeds. In addition to event data, QRadar also gathers
vulnerability insights within profiles built for each business
asset, by passively monitoring network traffic between all
IP addresses.
11. IBM Sales and Distribution 11
IBM Trusteer Apex can extend this protection to help prevent
advanced malware from gaining control over user access
points, and from stealing data or propagating advanced attacks.
Trusteer Apex is designed to prevent exploitation of unpatched
and zero-day vulnerabilities. Unlike many other solutions,
Trusteer Apex does not rely on traditional malware detection
processes like signatures and behavioral profiling, which can be
bypassed by advanced evasion techniques. Trusteer Apex blocks
application vulnerability exploitation–the primary way cyber
criminals install malware on endpoint devices–even while
organizations test the impact of vulnerability patches across
their software suites.
IBM Security SiteProtectorTM
System provides virtual patching
capabilities, using network intrusion prevention system
signatures to block associated connections, and helping to
protect against the exploitation of identified vulnerabilities.
IBM X-Force threat intelligence feed supplies up-to-date
information on recommended fixes and security advice for
active vulnerabilities, viruses, worms and threats
IBM Endpoint Manager streamlines remediation tasks by
automatically managing patches to hundreds of thousands
of endpoints, including the latest mobile devices, and
provides integrated reporting for real-time monitoring of
patch progress.
IBM Security AppScan®
supports web application vulnerability
assessments, enabling QRadar Vulnerability Manager to
provide visibility and prioritization of web application
vulnerabilities within its integrated dashboard.
IBM InfoSphere®
Guardium Database Vulnerability Assessment
supports the scanning of database infrastructure, enabling
QRadar Vulnerability Manager to provide visibility
and prioritization of database vulnerabilities within its
integrated dashboard.
Find out more
For more information, please contact your IBM representative
or visit:
ibm.com/retail
About the authors
Mark Yourek is IBM Global Solutions Lead for the
Retail Industry.
Vish Ganapathy is IBM’s Global Chief Technologist for the
Retail Industry.
Karl Cama is IBM’s Executive Architect for the Retail Industry.