Network Monitoring As Security

     Network monitoring can double as a security tool.  Most organizations already have some itoring systems incorporated into their systems for generic IT management tasks.  Some of these are service-level agreement-related tasks like capacity planning, performance uptime monitoring, and quality service.  Companies that are not already using monitoring tools may be able to sell management on them because they can pull double duty. 

     Some security areas that can be helped with monitoring tools would be looking for denial of service conditions, system and asset inventory, investigations support, behavioral anomaly detection, and new and emerging value propositions like virtualized systems. Systems may already be in place that could be leveraged to forward the goals of security even if that was not the original intent when it was purchased.

     Managers may be able to do more with less, as is so often necessary, by looking at increasing the usage of their monitoring systems.  Using the systems to their full potential and ability could add a another great layer of protection to their security framework.

http://twimgs.com/darkreading/securitymonitoring/S5991012netmonitoring.pdf?cid=nl_DR_weekly_2012-10-25_html_wp_top&elq=e0fdd256c3f94f07b39e89ea62644e68

Turn the Tables

      Thirty years of best practices and millions of dollars spent in defense and defense-in-depth really has not made much of a dent in the fight against hackers.  It is a never ending battle.  We get better, they get better.  Since follow-through on punishment is difficult if not impossible once hackers are identified and found, due to them being in another country, what recourse is left?  Dmitri Alperovitch, co-founder and CTO of CrowdStrike believes it is necessary to find out who is benefitting from the stolen information.  If you pinpoint a state-owned oil company that is better able to compete in the marketplace because of the information that they acquire, then you can sue them.  You pick a jurisdiction because many are multinational in scope.
      You can also use deception.  If you know information is being stolen, plant phony data to derail their plot.  If you can get a photo of the hacker and his identity, publicize it.  If they are all over the media, it should cause concern for whoever is employing them.  Make it more difficult, expensive and painful for them to work.  Tom Kellermann, vp of cybersecurity at Trend Micro says most hackers have known cyber kill-chains that they are partial to, they do not vary much.  The more you can profile and understand how they move laterally within your system, and what IPs and URLs they prefer and the command-and-control is located...you can make it very uncomfortable and more difficult for them.
     Pressure can also be placed on the infrastructure suppliers to the attackers, the ones that house their servers, and the money-laundering channels that they use.  By causing them damage in their own house that they need to control, they can be put on the defensive.

http://www.darkreading.com/security/news/240008322/turning-tables-id-ing-the-hacker-behind-the-keyboard.html?

CIO's better up their game - by Teddi Moon

     There seems to be a disconnect in the perceived value of the CIO in an organization.  The 60% of CIOs in general think they add strong value, however, 35% of their C-suite peers would back that up.  CIO's appear to lack the business expertise to demonstrate their worth to the executive team even though IT is involved in almost all areas of business these days.

     Maureen Osborne, Global CIO of Ernst & Young said: "In order to stay relevant in a rapidly evolving technological landscape, CIOs will need to break out of their comfort zones within the data centre.  Those who don't, will run the risk of being further relegated down the corporate hierarchy, or sidelined altogether."

     Lack of support is a common complaint from the executive level among IT leaders.  Engaging CEO and other business leaders can be easier said than done.  To get their attention, CIOs must become experts in all major areas of the business says an executive recruitment specialist.  Actions are louder than words and CIOs need to look for opportunities to support some form of major projects for the organization that can make an effect on the business operation.

     To be seen, heard, valued, and taken seriously, CIOs are going to have to step up their game.  This is part of the security puzzle.  It can be difficult to  sell security to management, there is no clear return on investment.  With a lack of track record for being useful, it compounds the problem of achieving approval to implement security measures.

"Once business leaders start to recognize an IT leader as someone who can transform the way they operate their business, perceptions can quickly start to shift.  This will be especially clear if the resultant changes in the business operating model impacts top lop revenue growth."

     I thought this was relevant for us as we travel our career paths.  As we move forward, it is wise to keep in mind the challenges that we will face as we help to change the face of the IT industry.

http://www.techrepublic.com/blog/cio-insights/who-thinks-the-cio-is-important-the-cio-but-hardly-anyone-else/39749498?tag=nl.e076&s_cid=e076

Well I started out with one thing in mind, but. . . by Teddi Moon

I began looking for articles for this post that gave some comparison information on different countries and where they were in their level of information security maturity.  I had a difficult time finding any information describing what I was looking for.  However, I did find a 'book' online that I quite enjoyed while I skimmed through it.  It is actually kind of old, 2001, but the authors, I believe were ahead of the game in getting their 'sermon' out in that year.  I mean think about it, that was 11 years ago.  As far as technology goes, things move fast.  But this book is talking about cyber-terrorism, cyber-threats, cyber-war, and all of the topics we have been discussing in this class.  I have to tell you, many people I talk to today give me a blank look and say, 'cyber - who???'  So I think these authors were pretty darn insightful for that year.  They pose the question, "Do we need a full-scale information security disaster for this subject to be given the attention it requires? "

 I like this book because it does not read like a dry textbook.  The language is professional, but engaging.  I think this book would be ideal for the general public to read to become more familiar with this topic.  It is easy to read and concepts and definitions are explained well and very understandable.  Those of us that know people that are a little interested in the topic and want to learn more could really find the book enjoyable as well as informative, (and likely disturbing.)  It could be a good book to have in the break room for employees to read a paragraph or two while eating lunch.  Maybe it is just my inner geek, but I think the book draws you in and holds your interest.  Even though I have studied these topics and read texts on the same topics, I still wanted to keep reading this book.  I really like the name, too.  Information Insecurity, A survival guide to the uncharted territories of cyber-threats and cyber-security by Eduardo Gelbstein and Ahmad Kamal.  It can be found at this link:  http://www.itu.int/wsis/docs/background/themes/security/information_insecurity_2ed.pdf

Chrome the most secure browser, ... or is it?

      Well, to be fair, I better discuss an article I found in Dark Reading that has some information on the very topic I wrote about last week.  I made the statement that my preference for browser was Chrome and that I was delighted to read about some of the security measures Chrome has in place.  Then I find this article that has some pretty impressive statistics that in NSS Labs browser tests, IE is better at stopping malware than Chrome, Firefox, or Safari.  Check out these statistics!

      The tests were to determine how the browsers defended against malware associated with bank fraud, stealing of log in credentials, phony antivirus, and click fraud.  The were conducted from 12/2/11 to 5/25/12 on identical virtual machines running Windows 7

       Blocked by percentage
                                           in general                      for click fraud
               IE  9                         95                                      96.6
         Chrome  15 - 19             33                                       1.6
         Firefox  7 - 13              < 6                                        0.8
         Safari 5                        < 6                                        0.7

      NSS Labs says to expect a big increase in click fraud in 2013.  They also recommend that users of the increasingly popular Chrome apply pressure to Google to juice up their protection features in Chrome and it's API against click fraud.

      Some interesting features of click fraud; the average life span of the URL is 32 hours.  More than half die off within 54 hours.  Mostly, ad buyers are affected by click fraud, however those infected also get infected with other malware.

You may read the source article at:

http://www.darkreading.com/risk-management/167901115/security/client-security/240008100/internet-explorer-blocks-more-malware-than-firefox-chrome-safari.html?cid=nl_DR_daily_2012-09-28_html&elq=4789eee338c641d4b5be29768e5692e3