Anti-U.S. Hackers Infiltrate Army Servers
read more
Friday, May 29, 2009
Data breach prevention techniques: Helping customers avoid data breaches
Allen Zuk, Contributor
No one wants to read about their organization -- or that of their customers -- in the headlines following a breach of customer data or other sensitive information. And now that the Privacy Rights Clearing House maintains a comprehensive list of all known data breaches since 2005, major breaches live on in infamy long after the incident. Even more embarrassing is that most breaches are preventable.
In this tip, we'll review data breach prevention techniques and policies that can help ensure your customers don't make headlines for the wrong reasons.
Data breach prevention techniques
There are numerous techniques and a variety of tools that can help stop leakage or loss of information. In the following sections, we will briefly discuss each method and what solution providers can do to help their clients implement stop gaps to improve their overall information security posture.
Information security policies
Instituting information security policies and procedures is the least expensive way to help combat data loss. Policies and procedures are developed to instill a common set of principles for all personnel. That being said, policies and guidelines are also infrequently enforced. If staff members are not educated on these policies and guidelines, then enforcement becomes almost impossible.
To start, help your customers by either assisting them with conducting an information security policy assessment or by offering them the service. Solution providers will need to be well-versed in the use of information security baseline standards, such as ISO 27002 (formerly ISO 17799) and COBIT. Having a thorough understanding of these guidelines will help you (the solution provider) position yourself as a trusted advisor to the client.
Solution providers should have solid policy-writing skills and knowledge of the various data breach laws as well as those that are being drafted. Solution providers also need to be aware of the various State Security Breach Notification Laws that are in existence and to be able to articulate and integrate these with their clients' information security policies. Other best practices include making sure customers update their antivirus software, and maintaining an exit policy for employees that ensures privileges are revoked.
Emerging technologies
There are a variety of products available in the DLP (data loss prevention) category that combine software management and policy implementation and control. These products provide an "automated" mechanism that responds to defined attributes for policy management. In the simplest terms, these products allow the administrator to define criteria that determines how information will flow in and out of an organization as well as provide an audit trail and an alert notification process for exclusionary requirements.
DLP vendors that offer such products include NextLabs Inc., Orchestria Corp., Proofpoint Inc., Vericept Corp., Verdasys Inc. and Symantec Corp. (via its acquisition of Vontu). Their technologies utilize customizable "policies" defined by the organization to monitor, report against, redirect and stop data flow within the organization's network and computing systems. When enabled, these products could, for instance, disable USB ports or prevent laptops from accessing the network.
Solution providers should be well versed in the use and application of these tools to assist their clients with policy development and implementation. Organizations often face challenges implementing and managing their data loss prevention programs, and solution providers should be prepared to fill those gaps.
Information technology risk management assessments
An information technology risk management assessment can be used to assess a company's information security posture. An information technology risk management assessment gauges the effectiveness of IT security controls and ensures the implemented security technologies do not introduce unnecessary risk and exposure to the business.
The risk management assessment includes two core program components: the first is an organization's current maturity posture snapshot for security and management of the technologies implemented, second is a detailed gap analysis report that includes a mitigation roadmap containing recommendations for continuous improvement.
The Information risk management maturity matrix diagram illustrates a sample maturity matrix that is used to evaluate the organizations current and desired posture for IT/IS security and management.
Partner with third-party vendors that specialize in conducting risk management assessments. Leverage your relationship with the customer and introduce your extended advisory support by offering strategic assessments of the customer's IT risk posture. Demonstrate the value these assessments have with simple, yet,effective "heat maps." Heat maps are high-impact illustrations that pinpoint specific gaps or deficiencies visually so the client sees where they need to focus resources immediately. This heat map illustrates a sample "heat map" highlighting areas of severe deficiency (red), minimal deficiency (yellow) and no deficiency (green).
Conclusion
While it is nearly impossible to completely stop all data loss and data leakage, there are a variety of options to mitigate the risk and exposure. However, this is not to say that solution providers should just simply throw an assortment of tools, policies and approaches at the problems.
The best value a solution provider can bring to the customer is to understand the organization, its challenges and obstacles, and develop a strategy that integrates fundamental policies for awareness and education with technologies aimed at preventing the unauthorized removal of corporate information assets, and a comprehensive IT risk management assessment to reduce the risk of breaches and exposure.
Allen Zuk, Contributor
No one wants to read about their organization -- or that of their customers -- in the headlines following a breach of customer data or other sensitive information. And now that the Privacy Rights Clearing House maintains a comprehensive list of all known data breaches since 2005, major breaches live on in infamy long after the incident. Even more embarrassing is that most breaches are preventable.
In this tip, we'll review data breach prevention techniques and policies that can help ensure your customers don't make headlines for the wrong reasons.
Data breach prevention techniques
There are numerous techniques and a variety of tools that can help stop leakage or loss of information. In the following sections, we will briefly discuss each method and what solution providers can do to help their clients implement stop gaps to improve their overall information security posture.
Information security policies
Instituting information security policies and procedures is the least expensive way to help combat data loss. Policies and procedures are developed to instill a common set of principles for all personnel. That being said, policies and guidelines are also infrequently enforced. If staff members are not educated on these policies and guidelines, then enforcement becomes almost impossible.
To start, help your customers by either assisting them with conducting an information security policy assessment or by offering them the service. Solution providers will need to be well-versed in the use of information security baseline standards, such as ISO 27002 (formerly ISO 17799) and COBIT. Having a thorough understanding of these guidelines will help you (the solution provider) position yourself as a trusted advisor to the client.
Solution providers should have solid policy-writing skills and knowledge of the various data breach laws as well as those that are being drafted. Solution providers also need to be aware of the various State Security Breach Notification Laws that are in existence and to be able to articulate and integrate these with their clients' information security policies. Other best practices include making sure customers update their antivirus software, and maintaining an exit policy for employees that ensures privileges are revoked.
Emerging technologies
There are a variety of products available in the DLP (data loss prevention) category that combine software management and policy implementation and control. These products provide an "automated" mechanism that responds to defined attributes for policy management. In the simplest terms, these products allow the administrator to define criteria that determines how information will flow in and out of an organization as well as provide an audit trail and an alert notification process for exclusionary requirements.
DLP vendors that offer such products include NextLabs Inc., Orchestria Corp., Proofpoint Inc., Vericept Corp., Verdasys Inc. and Symantec Corp. (via its acquisition of Vontu). Their technologies utilize customizable "policies" defined by the organization to monitor, report against, redirect and stop data flow within the organization's network and computing systems. When enabled, these products could, for instance, disable USB ports or prevent laptops from accessing the network.
Solution providers should be well versed in the use and application of these tools to assist their clients with policy development and implementation. Organizations often face challenges implementing and managing their data loss prevention programs, and solution providers should be prepared to fill those gaps.
Information technology risk management assessments
An information technology risk management assessment can be used to assess a company's information security posture. An information technology risk management assessment gauges the effectiveness of IT security controls and ensures the implemented security technologies do not introduce unnecessary risk and exposure to the business.
The risk management assessment includes two core program components: the first is an organization's current maturity posture snapshot for security and management of the technologies implemented, second is a detailed gap analysis report that includes a mitigation roadmap containing recommendations for continuous improvement.
The Information risk management maturity matrix diagram illustrates a sample maturity matrix that is used to evaluate the organizations current and desired posture for IT/IS security and management.
Partner with third-party vendors that specialize in conducting risk management assessments. Leverage your relationship with the customer and introduce your extended advisory support by offering strategic assessments of the customer's IT risk posture. Demonstrate the value these assessments have with simple, yet,effective "heat maps." Heat maps are high-impact illustrations that pinpoint specific gaps or deficiencies visually so the client sees where they need to focus resources immediately. This heat map illustrates a sample "heat map" highlighting areas of severe deficiency (red), minimal deficiency (yellow) and no deficiency (green).
Conclusion
While it is nearly impossible to completely stop all data loss and data leakage, there are a variety of options to mitigate the risk and exposure. However, this is not to say that solution providers should just simply throw an assortment of tools, policies and approaches at the problems.
The best value a solution provider can bring to the customer is to understand the organization, its challenges and obstacles, and develop a strategy that integrates fundamental policies for awareness and education with technologies aimed at preventing the unauthorized removal of corporate information assets, and a comprehensive IT risk management assessment to reduce the risk of breaches and exposure.
Thursday, May 28, 2009
LexisNexis data breach may have affected 32,000 people
To read more about the article, please click HERE.
To read more about the article, please click HERE.
Hackers take over PIN numbers via banking vulnerabilities to leave us all exposed to fraud
To read more about the article, please click HERE.
To read more about the article, please click HERE.
Credit card fraud expected to increase as banks instructed to use real-time monitoring
To read more about the article, please click HERE.
To read more about the article, please click HERE.
British consumers do not trust the government to protect data but are satisfied with banks
To read more about the article, please click HERE.
To read more about the article, please click HERE.
More Than 80% Of Phishing Attacks Use Hijacked, Legitimate Websites
New research from the Anti-Phishing Working Group shows how phishers are better covering their tracks -- and what to do when phishers compromise your Website
To read more about the story, please click HERE.
New research from the Anti-Phishing Working Group shows how phishers are better covering their tracks -- and what to do when phishers compromise your Website
To read more about the story, please click HERE.
Saturday, May 23, 2009
10 Essential Steps to Oracle & MS-SQL Security & Compliance
contributed by Guardium
Securing customer and corporate data - while reducing staff workload - has become a top priority for most organizations. It is critical to be able to protect sensitive data from both insider and outsider threats.
contributed by Guardium
Securing customer and corporate data - while reducing staff workload - has become a top priority for most organizations. It is critical to be able to protect sensitive data from both insider and outsider threats.
Learn the first steps and best practices for effectively securing Oracle, SQL Server, DB2, MySQL and Sybase environments, including:
- Hack-proofing your databases (with specific tips for each DBMS platform)
- Tracking security vulnerabilities
- Anatomy of buffer overflow vulnerabilities
- Why database auditing is important
- Resources and further reading
Download an essential chapter from "Implementing Database Security and Auditing" (Elsevier Digital Press), authored by database security expert and Guardium CTO Ron Bennatan, Ph. D. This 413-page book contains hundreds of practical tips and examples for protecting sensitive information and passing audits smoothly.
Download HERE.
15 Minutes to a Secure Business: Daily Practices for IT Security Management contributed by McAfee, Inc.
Download the whitepaper from HERE.
Download the whitepaper from HERE.
Thursday, May 21, 2009
How to prevent a cross-site tracing vulnerability exploit
contributed by Michael Cobb
My constant concern about rushed and unrealistic development timetables for websites was borne out the other day when I was called in to investigate what turned out to be a case of cross-site tracing (XST).
A cross-site tracing attack exploits ActiveX, Flash, Java and other controls that allow the execution of an HTTP TRACE request. The attack is not a new one; it was discovered by Web security researcher Jeremiah Grossman in 2003, and enables an attacker to gain access to an individual's cookies and authentication credential information.
Read More.
contributed by Michael Cobb
My constant concern about rushed and unrealistic development timetables for websites was borne out the other day when I was called in to investigate what turned out to be a case of cross-site tracing (XST).
A cross-site tracing attack exploits ActiveX, Flash, Java and other controls that allow the execution of an HTTP TRACE request. The attack is not a new one; it was discovered by Web security researcher Jeremiah Grossman in 2003, and enables an attacker to gain access to an individual's cookies and authentication credential information.
Read More.
E-Guide: A Batch File to Back up All Active-State BlackBerry Databases sponsorsed by Blackberry
To read more, download the whitepaper HERE.
To read more, download the whitepaper HERE.
Developing an Effective Corporate Mobile Policy
sponsored by Blackberry
To read the whitepaper, please download from HERE.
sponsored by Blackberry
To read the whitepaper, please download from HERE.
Securing Web Applications and Databases for Payment Card Industry
Compliance: The Most Challenging Aspects of PCI Compliance
courtesy from Imperva, Inc.
To read more, download the whitepaper HERE.
Compliance: The Most Challenging Aspects of PCI Compliance
courtesy from Imperva, Inc.
To read more, download the whitepaper HERE.
Wednesday, May 20, 2009
Zscaler EDUCATIONAL WEBCAST: Keynote by GARTNER'S Peter Firstbrook,
"Newer Threats and Newer Defenses against Web 2.0"
Learn from here, http://www.sans.org/info/43728
"Newer Threats and Newer Defenses against Web 2.0"
Learn from here, http://www.sans.org/info/43728
Complete Firewall Security Audits in 25% of the time with Tufin.
Learn how at http://www.sans.org/info/43718
Learn how at http://www.sans.org/info/43718
UK Serious Organized Crime Agency Tackles Cybercrime
contributed by SANS Newsletter Vol. 11 Num 39
The UK's Serious Organized Crime Agency (SOCA) revealed in its annual
report how it has been involved in tackling cybercrime. The report
highlights the agency's involvement in the FBI's undercover operation
against the online criminal forum Darkmarket. The results of that case
resulted in 57 arrests worldwide, including 12 in the UK, and over
16,000 compromised UK credit cards being recovered. The agency also
discussed its investigation into the attempted GB229 million robbery at
Sumitomo Mitsui Banking Corporation in London resulting in the
conviction of five men. SOCA has also recently called for greater use
of "remote search" techniques, which allow law enforcement agencies to
legally hack into a suspect's computer in tackling cybercrime
http://news.zdnet.co.uk/security/0,1000000189,39652583,00.htm
http://www.pcadvisor.co.uk/news/index.cfm?newsid=115940
http://www.theregister.co.uk/2009/05/15/soca_hacking/
http://www.soca.gov.uk/assessPublications/
contributed by SANS Newsletter Vol. 11 Num 39
The UK's Serious Organized Crime Agency (SOCA) revealed in its annual
report how it has been involved in tackling cybercrime. The report
highlights the agency's involvement in the FBI's undercover operation
against the online criminal forum Darkmarket. The results of that case
resulted in 57 arrests worldwide, including 12 in the UK, and over
16,000 compromised UK credit cards being recovered. The agency also
discussed its investigation into the attempted GB229 million robbery at
Sumitomo Mitsui Banking Corporation in London resulting in the
conviction of five men. SOCA has also recently called for greater use
of "remote search" techniques, which allow law enforcement agencies to
legally hack into a suspect's computer in tackling cybercrime
http://news.zdnet.co.uk/security/0,1000000189,39652583,00.htm
http://www.pcadvisor.co.uk/news/index.cfm?newsid=115940
http://www.theregister.co.uk/2009/05/15/soca_hacking/
http://www.soca.gov.uk/assessPublications/
Monday, May 18, 2009
Former FBI Agent Gets Probation for Unauthorized Data Access
contributed by SANS NewBites Vol.11 Num 38
Former FBI agent Mark Rossini was sentenced to one year of probation for
using agency computers to search for information about a Hollywood
wiretapping case in which he was not involved. Rossini admitted that
he gave the information to a woman he was dating who then gave it to an
attorney for Anthony Pellicano, a private investigator who is presently
serving a 15-year sentence for wiretapping celebrities' phones for
clients. Rossini pleaded guilty to five counts of criminal computer
access late last year. He also faces fines amounting to US $5,000.
http://www.nextgov.com/nextgov/ng_20090514_8408.php
[Editor's Note (Northcutt): The problem with a hand-slap type sentence
at a time when the government is increasing access to private data about
citizens, is that it sends the wrong signal. It needs to be clear that
abusing lawful access is wrong. And the government needs to implement
role-based access control. Far too often, if you have access, you have
access to everything.]
contributed by SANS NewBites Vol.11 Num 38
Former FBI agent Mark Rossini was sentenced to one year of probation for
using agency computers to search for information about a Hollywood
wiretapping case in which he was not involved. Rossini admitted that
he gave the information to a woman he was dating who then gave it to an
attorney for Anthony Pellicano, a private investigator who is presently
serving a 15-year sentence for wiretapping celebrities' phones for
clients. Rossini pleaded guilty to five counts of criminal computer
access late last year. He also faces fines amounting to US $5,000.
http://www.nextgov.com/nextgov/ng_20090514_8408.php
[Editor's Note (Northcutt): The problem with a hand-slap type sentence
at a time when the government is increasing access to private data about
citizens, is that it sends the wrong signal. It needs to be clear that
abusing lawful access is wrong. And the government needs to implement
role-based access control. Far too often, if you have access, you have
access to everything.]
DHS Information Sharing Platform Breached
contributed by SANS NewsBites Vol.11 Num 38
A US Department of Homeland Security official has acknowledged a
security breach of the platform the department uses to share sensitive,
unclassified information with state and local authorities. Chief
Information Officer for DHS Office of Operations Coordination and
Planning Harry McDavid said that the US Computer Emergency Readiness
Team detected two intrusions into the Homeland Security Information
Network: one in March and one in April. The intruders managed to gain
access to the system through an account belonging to a federal employee
or contractor.
http://fcw.com/Articles/2009/05/13/Web-DHS-HSIN-intrusion-hack.aspx
[Editor's Note (Pescatore): The new secretary of the Department of
Energy, Steven Chu, was recently quoted as saying "well-meaning people"
in the chief information officer's office and in the procurement and
finance offices "whose job it is to protect the Department of Energy"
actually hinder what the department can do." I hope he looks at this DHS
incident to make sure that DoE increases, vs. decreases, building
security into its systems and applications.
(Northcutt): ".. gained ACCESS through an account belonging to a federal
employee." Maybe we could get a special holiday commissioned, "access
control day."]
contributed by SANS NewsBites Vol.11 Num 38
A US Department of Homeland Security official has acknowledged a
security breach of the platform the department uses to share sensitive,
unclassified information with state and local authorities. Chief
Information Officer for DHS Office of Operations Coordination and
Planning Harry McDavid said that the US Computer Emergency Readiness
Team detected two intrusions into the Homeland Security Information
Network: one in March and one in April. The intruders managed to gain
access to the system through an account belonging to a federal employee
or contractor.
http://fcw.com/Articles/2009/05/13/Web-DHS-HSIN-intrusion-hack.aspx
[Editor's Note (Pescatore): The new secretary of the Department of
Energy, Steven Chu, was recently quoted as saying "well-meaning people"
in the chief information officer's office and in the procurement and
finance offices "whose job it is to protect the Department of Energy"
actually hinder what the department can do." I hope he looks at this DHS
incident to make sure that DoE increases, vs. decreases, building
security into its systems and applications.
(Northcutt): ".. gained ACCESS through an account belonging to a federal
employee." Maybe we could get a special holiday commissioned, "access
control day."]
Friday, May 15, 2009
MAINTAINING YOUR CUSTOMERS' SECURITY AMID LAYOFFS
Kevin McDonald, Contributor
According to a recent study commissioned by Symantec Corp. and conducted by Ponemon Institute, 59% of nearly 1,000 former employees surveyed admitted to stealing data from their employers. If an employee believes he or she may be laid off, passed over for a raise, or asked to do more for less, they may be compelled to cause damage by deleting or stealing data. Are you putting measures in place to maintain your customers' security amid layoffs? Could you tell whether something had been stolen or damaged? Could you assist them in legal proceedings or would you become a defendant for failing to protect them?
Read the rest of this tip:
http://go.techtarget.com/r/6879887/648712
Kevin McDonald, Contributor
According to a recent study commissioned by Symantec Corp. and conducted by Ponemon Institute, 59% of nearly 1,000 former employees surveyed admitted to stealing data from their employers. If an employee believes he or she may be laid off, passed over for a raise, or asked to do more for less, they may be compelled to cause damage by deleting or stealing data. Are you putting measures in place to maintain your customers' security amid layoffs? Could you tell whether something had been stolen or damaged? Could you assist them in legal proceedings or would you become a defendant for failing to protect them?
Read the rest of this tip:
http://go.techtarget.com/r/6879887/648712
Reducing Corporate Risk: Best-practices Data Protection Strategy for
Remote and Branch Offices (ROBOs)
Whitepaper is HERE.
Remote and Branch Offices (ROBOs)
Whitepaper is HERE.
Blackberry Enterprise Solution: Security Technical Overview
To get the whitepaper, please click HERE.
To get the whitepaper, please click HERE.
Observe IT Pro 4.0.3 - Free Software for Recording & Replaying Terminal
and Citrix Sessions
To get the tools, click HERE.
and Citrix Sessions
To get the tools, click HERE.
Data loss prevention benefits in the real world
[by Rich Mogull, Contributor]
Data loss prevention (DLP) is one of the most promising, and least
understood, security technologies to emerge during the last few
years. It dangles promises of ubiquitous content protection before
our eyes, with shadows of complexity and costs glooming over its
shoulder. As with everything, the reality is somewhere in-between.
Users see it forming the core of their data protection initiatives
because of its ability identify where data is located, where it's
moving and how it's being used. In this article, DLP users explain
how the technology works in the real world.
To read more, please click HERE.
Download the May 2009 issue of "Information Security" in PDF format: HERE
Wednesday, May 13, 2009
Guardium 7 Awarded 5-Star Ratings by SC Magazine
Lab Review Cites “Swift Deployment, Extensive Database Support, Sophisticated Policy-Based Security, Unique S-Tap and S-Gate Probes, [and] Vulnerability Assessment Tools”
READ MORE
Tuesday, May 12, 2009
Virginia Dept. of Health Professionals Says Stolen Data Were Backed UpCourtesy from SANS Newsletter Vol. 11 Num 36The Virginia Department of Health Professions has issued a statement saying that the data an attacker claims to have encrypted were backed up and the files secured, so the data have not been lost. The agency's website currently offers only a static page while law enforcement officials investigate the attack. The cyber extortionist has demanded US $10 million in return for the password to the encrypted database.READ MOREDOT Inspector General's Audit Report Criticizes FAA Cyber SecurityCourtesy from SANS Newsletter Vol. 11 Num 36According to an audit report from the US Department of Transportation Office of the Inspector General, the country's air traffic control systems have been breached and continue to be vulnerable to cyber attacks. The intruders gained access to personnel records and network servers. The attacks affected Federal Aviation Administration (FAA) support systems, but the report says that they have the potential to spread to systems involved directly in air traffic communications, surveillance and flight information. The audit noted more than 750 high risk vulnerabilities in web applications used at the agency. It also found a lack of adequate intrusion detection and that the agency failed to manage cyber security incidents in a timely manner. The FAA responded to the report by noting that support systems and operational systems are not connected; the agency did agree that stronger security measures need to be implemented.READ MORENERC Board Approves Revised Cyber Security StandardsCourtesy from SANS Newsletter Vol. 11 Num 36The board of the North American Electric Reliability Corporation (NERC) has approved changes to cyber security standards for the North American power system. The revised standards address training, cyber threat identification, and recovery of the power grid from cyber attacks. NERC requires compliance with the standards from "all bulk power system owners, operators, and users." Entities will be audited for compliance starting on July 1, 2009. Failure to comply can result in fines of up to US $1 million a day in the US.Read MoreROI Case Study: Budget Reclamation through Data Managementsponsored by Digital Reef
To download the paper, please click HERE
Comprehensive PC Protection - Data Elimination & Encryption, Data Recovery and Enterprise-Level Controlsponsored by Iron MountainDownload the whitepaper HERE
Saturday, May 9, 2009
Best Practices for Data Privacy & Protection - Live Webcast
sponsored by Guardium
We invite you to attend an exclusive webcast to learn best practices for protecting Personally Identifiable Information (PII) and other sensitive data against new and emerging threats such as SQL injection and rogue insiders. Find out how global organisations have implemented granular access controls and real-time monitoring to track all access to sensitive data -- across all their DBMS platforms and applications -- without impacting performance or changing databases or applications.
WEBCAST: Best Practices for Data Privacy & Protection
DATE: Wednesday, 27 May 2009
TIME: 15:00 GMT / 10:00 am ET
According to IBM, SQL injection attacks jumped 134% in 2008, increasing from an average of a few thousand per day in 2007 to 450,000 attacks per day.
And a data breach study by Verizon Business Services revealed that database servers accounted for 75% of all records breached, while end-user devices such as laptops and USB drives accounted for only 0.01% of all records breached.
sponsored by Guardium
We invite you to attend an exclusive webcast to learn best practices for protecting Personally Identifiable Information (PII) and other sensitive data against new and emerging threats such as SQL injection and rogue insiders. Find out how global organisations have implemented granular access controls and real-time monitoring to track all access to sensitive data -- across all their DBMS platforms and applications -- without impacting performance or changing databases or applications.
WEBCAST: Best Practices for Data Privacy & Protection
DATE: Wednesday, 27 May 2009
TIME: 15:00 GMT / 10:00 am ET
According to IBM, SQL injection attacks jumped 134% in 2008, increasing from an average of a few thousand per day in 2007 to 450,000 attacks per day.
And a data breach study by Verizon Business Services revealed that database servers accounted for 75% of all records breached, while end-user devices such as laptops and USB drives accounted for only 0.01% of all records breached.
Protecting against cyber attacks, breaches, fraud and insider threats has heightened the need for organisations to carefully review their security programs for securing PII and other sensitive data against regulations and directives that they must comply with including:
- EU e-privacy and personal data-protection rules,
- UK Data Protection Act, or
- US FISMA-mandated NIST 800-53 standard and OMB M-06-16 directive ("Protection of Sensitive Agency Information").
At the same time, organisations are looking to streamline their data security infrastructures with automated and centralised controls for complex, heterogeneous and distributed environments.
In this 1-hour session, attendees will learn proven ways to gain 100% visibility into all database activity including:
- Why traditional "fortress approaches" -- such as firewalls and IDS/IPS systems -- are no longer sufficient to protect against 21st-century attackers who can easily bypass perimeter defenses
- Identifying unauthorised or suspicious access with real-time, policy-based controls
- Blocking privileged users from access to sensitive data without impacting application traffic
- Identifying fraud at the application layer (connection pooling)
- Enforcing change controls by integrating with change ticketing systems such as BMC Remedy
- Replacing manual, log-based compliance processes with automated reporting, sign-offs & escalations
- Leveraging the latest technologies for real-time database activity monitoring, vulnerability assessment, data discovery and configuration auditing.
To register, go to https://guardium.webex.com/guardium/onstage/g.php?t=a&d=480326017
Tuesday, May 5, 2009
Expert Video -- DLP: Enterprise Tools and Strategies
sponsored by Guardium from SearchSecurity.com
Data leak prevention (DLP) tools are a hot ticket on the security market, but what are they really capable of, and how easy are they to operate?
sponsored by Guardium from SearchSecurity.com
Data leak prevention (DLP) tools are a hot ticket on the security market, but what are they really capable of, and how easy are they to operate?
In this interview, DLP expert Rich Mogull expounds on the multifaceted uses of these tools and gives best practices for implementation and operation. Topics addressed include:
- How much information a DLP tool needs in order to be effective
- Eye-openers that companies experience when using the tools
- DLP tools' deep inspection capabilities
- Whether full suite DLP tools are preferable to individual DLP solutions
Monday, May 4, 2009
2009 Ponemon Report: Data Loss Risks During Downsizing
sponsored by Symantec from KnowledgeStorm
sponsored by Symantec from KnowledgeStorm
Read this survey of over 900 respondents to find out how confidential data is being used by former employees. Our independent survey found that nearly 60% of employees admit to taking confidential company data. With almost 700,000 jobs lost in the US in the first two months of 2009 alone, companies need to be aware and prepare by implementing policies and procedures around their confidential data.
Download HERE
Download HERE
In this eBook Symantec and SearchCIO.com team up to discuss how Data Protection encompasses a host of technologies, business processes and best practices. Government regulations threaten dire consequences for noncompliance, and compromised data quickly becomes a public relations and customer retention issue. Chapters Include:
- Data Protection Tops CIO Security Agenda
- Seven Tips to Better Data Protection
- Do's and Don'ts of Network Access Control
Panda Security Launches Panda Cloud Antivirus: The Industry’s First Free Cloud-Based Antivirus Thin-Client Protection
Panda Security, a leading provider of IT security solutions, today announced the global beta release of Panda Cloud Antivirus, the industry’s first and only free cloud-based antivirus thin-client with 50 percent less impact on PC performance compared to the industry average. Consumers can download the free product from http://www.cloudantivirus.com.With Panda Cloud Antivirus, Panda Security is introducing a new protection model that utilizes a thin-client agent and server architecture which processes and blocks malware more efficiently than locally installed signature-based products. By moving the entire malware scanning and determination process to the cloud and applying non-intrusive interception techniques on the client architecture, Panda Cloud Antivirus is able to provide advanced protection against new and unknown viruses with a lightweight thin-client agent that barely consumes any PC resources.
»More information
sponsored by Panda Security
FREE - Vulnerability Assessment Tools
Download HERE
VAM® Lite is freeware version of VAM, our enterprise-scale vulnerability management system. VAM Lite includes all VAM functionality with the following restrictions:
- Vulnerability scanning is limited to 100 IPs
- The Security POV™ reporting module is disabled (VAM 'classic' reporting is available)
- VAM Lite cannot be run in a distributed scanning environment
Download HERE
FREE Tools - Network Packet Analyzer
Packetyzer provides a Windows user interface for the Ethereal packet capture and dissection library. Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. Ethereal has all of the standard features expected in a protocol analyzer, and several features not otherwise available.
We've taken advantage of Ethereal's open source license to add a Windows front end to extend its use. Packetyzer can capture from virtually any network adapter and supports many advanced features. Packetyzer is free and open source, and is licensed under the GPL. Take a tour of Packetyzer.
FREE Tools - internet traffics monitoring and reporting
Cymphonix Network Revealer provides a demonstration version of Network Composer's award winning reporting and monitoring capabilities. Network Revealer is provided as a virtual machine that is simple to install and requires very little configuration. In about 10 minutes you will be up and running with unprecedented visibility into your Internet traffic including real-time traffic reporting, URL categorization, application classification and detailed user activity.
Download HERE
Cymphonix Network Revealer provides a demonstration version of Network Composer's award winning reporting and monitoring capabilities. Network Revealer is provided as a virtual machine that is simple to install and requires very little configuration. In about 10 minutes you will be up and running with unprecedented visibility into your Internet traffic including real-time traffic reporting, URL categorization, application classification and detailed user activity.
Download HERE
To check whether your domain have good reputation and where the spam comes from the most, please check the following link:
http://www.reputationauthority.org/
http://www.reputationauthority.org/
"Best Practices for Database Security & Compliance" On-Demand Webcast with Forrester
View this on-demand webcast featuring Forrester database security expert, Noel Yuhanna, to learn best practices for safeguarding enterprise data while addressing compliance requirements such as SOX, PCI and data privacy laws. You'll also benefit from Forrester's latest research on vendor evaluation criteria for enterprise database auditing and real-time protection.
Now, more than ever, enterprises are looking to protect sensitive corporate data while reducing the cost of compliance. Phil Neray, Guardium VP, shows you how Guardium customers are achieving rapid ROI by replacing manual database logging with automated and centralized controls for heterogeneous DBMS environments, including application-layer monitoring to identify fraud.
Learn how you can save both time and money via centralized policies, automated reporting and oversight processes, and standardization of controls across multiple DBMS platforms and compliance initiatives.
GhostNet Spy Network Phishes International Victims
by Chuck Miller, SC Magazine
by Chuck Miller, SC Magazine
A cyberespionage network, known as GhostNet, possibly operating out of China, is making use of malicious websites and phishing emails to take control of hundreds of sensitive government machines across 103 countries, researchers revealed this weekend.
A pair of Canadian researchers at the Munk Center for International Studies at the University of Toronto said GhostNet struck "high-value targets," such as foreign embassies and ministries, and even a NATO network. So far, some 1,300 computers have been infected by servers that trace back to China. The researchers, Ron Deibert and Rafal Rohozinski, released their 53-page report Sunday after 10 months of investigation.
"The attacker(s) are able to exploit several infection vectors," the researchers wrote. "First, they create web pages that contain drive-by exploit code that infects the computers of those who visit the page. Second, the attacker(s) have also shown that they engage in spear phishing in which contextually relevant emails are sent to targets with PDF and DOC attachments."
In the spear-phishing attacks, when the attachments are downloaded, they create backdoors that "cause the infected computer to connect to a control server and await further instructions," the researchers wrote. The compromised machines then can be directed to download and install a remote administration trojan.
"Some of the things they did indicate that they were very sophisticated," Phil Neray told SCMagazineUS.com. "The machines were told to send the data stolen using a Tor network in an encrypted form. Also, the way the trojans communicated with the command servers made use of a complex control program that enabled them to completely control users' PCs [including erasing all logs]."
The GhostNet operation is still operating and continues to hit more than a dozen additional computers per week, according to the University of Toronto researchers.
Click here to read this article
SQL Injection Invasion
by Christian Perry, Processor
Click here to read this article
by Christian Perry, Processor
Weak Web Applications Increasingly Fall Prey To This Potentially Devastating Attack
As security measures in data centers become progressively more stringent, hackers are turning to more unique methods to access sensitive data. One of these is SQL injection, which replaced cross-site scripting as the predominant Web application vulnerability in 2008, according to an IBM study.
Key Points
Organizations should implement real-time database activity monitoring technology to track all SQL transactions and continuously check for unusual or suspicious activity, such as a high volume of failed logins, an unusually high volume of queries in a given period of time, or the execution of SQL commands that are not typically executed by the organization's Web applications. |
Guardium Adds DB2/400 Support to Database Security Platform
by Alex Woodie, ITJungle
by Alex Woodie, ITJungle
Guardium has added support for DB2/400 (DB2 for i) with its database security software, the company announced this month. Guardium's software monitors all major database management systems in real time for signs of unauthorized or malicious activity from internal and external threats, such as malevolent DBAs and SQL injection attacks. The software does not affect database performance and provides another layer of protection for critical business systems on top of traditional network security tools, the company says.
"The key issue for database security is that most companies have no visibility into what's really going on with their database," says Phil Neray, Guardium. "They don't really know who's accessing those databases, and they don't have any mechanisms for identifying unauthorized or suspicious activity."
Click here to read more about how Guardium gives customers better visibility into database activities.
Guardium Integrates Enterprise Database Security with Microsoft Forefront Code-Named "Stirling"
Leading Provider of Real-Time Database Security and Monitoring Announces Support for Microsoft Forefront "Stirling " Stirling " provides organizations with enterprise-wide visibility into who is accessing their critical enterprise data, how that data is being used and any security violations such as failed logins and database configuration changes. It allows the sharing of Guardium's real-time alerts and granular analysis at the database and application layer with security information from other systems participating in the Security Assessment Sharing (SAS) framework.
Read More
Leading Provider of Real-Time Database Security and Monitoring Announces Support for Microsoft Forefront "
Guardium announced that it has joined the partner ecosystem supporting Microsoft Forefront "
Forefront "Stirling" enables software, hardware, and services vendors to share and use security event information across the "
Read More
Guardium Fuels Customer Momentum for IBM Database Software by Mitigating Risk and Lowering Operational Costs
Supports Data Center Consolidation with Expanded Support for IBM DB2, Informix, Cognos Software and IBM i and System z Operating Systems with z/VM and Linux
Read More
Supports Data Center Consolidation with Expanded Support for IBM DB2, Informix, Cognos Software and IBM i and System z Operating Systems with z/VM and Linux
Guardium announced continuing customer momentum of its database security solutions for safeguarding IBM database and application software. The world's leading organizations in financial services, government, retail, manufacturing, healthcare and other industries have selected Guardium to better manage and protect their enterprise data.
Read More
Enforcing Database Change Controls for SOX, PCI & SAS70
Check out this webcast to learn how Guardium 7 easily automates the time-consuming process of tracking all database changes and reconciling them with authorized work orders in an existing change ticketing system.
Playback HERE
Check out this webcast to learn how Guardium 7 easily automates the time-consuming process of tracking all database changes and reconciling them with authorized work orders in an existing change ticketing system.
Playback HERE
Hardening the Database
by Guardium
Authored by database security expert Ron Ben Natan, Ph.D., "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press) is the definitive 360-page guide for both security pros and DBAs. Chapter 2, presented here, covers topics central to hardening the database.
Download Here
by Guardium
Authored by database security expert Ron Ben Natan, Ph.D., "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press) is the definitive 360-page guide for both security pros and DBAs. Chapter 2, presented here, covers topics central to hardening the database.
Download Here
Friday, May 1, 2009
The Business Case for Database Security: Managing risk, simplifying compliance, and reducing the cost of securing databases
sponsored by Imperva, Inc
Databases are the most strategic asset of any organization because they store extraordinarily valuable information: customer records, financial data, and partner information. Because databases house such sensitive data, government and private industry have enacted a raft of regulations that force organizations to audit and secure their databases. With new regulations enacted every year, IT staff is saddled with a mushrooming number of compliance reporting processes.
Download HERE
sponsored by Imperva, Inc
Databases are the most strategic asset of any organization because they store extraordinarily valuable information: customer records, financial data, and partner information. Because databases house such sensitive data, government and private industry have enacted a raft of regulations that force organizations to audit and secure their databases. With new regulations enacted every year, IT staff is saddled with a mushrooming number of compliance reporting processes.
This paper examines the database security and compliance requirements imposed on today's organizations, including:
- Monitoring access to sensitive data
- Auditing changes to financial records
- Protecting databases from attack and internal abuse
- Demonstrating compliance through clear, comprehensible reports
Download HERE
Subscribe to:
Posts (Atom)