Tag: security

Terrified customers spending on protection

krayPunters are terrified of cyber attacks and are spending cash to make sure they are not the latest victim according to the most recent survey by the research analysts at Canalys.

Canalys has been asking around and added up some numbers and decided that the worldwide security market grew by nine percent in the third quarter.

Content security enjoyed the fastest growth, up by 13 percent  year-on-year, with network security (eight percent) and security management (five percent) seeing rises in the third quarter.

Canalys research analyst Claudio Stahnke said that high-profile ransomware attacks and increasingly sophisticated phishing techniques had proved the need for businesses to reinforce their IT security to safeguard data assets and ensure continuity of operation.

The top five security vendors have commanded a third of all customer spend, with Cisco grabbing the most with nine percent. They were followed by Symantec, Check Point, IBM and McAfee.

“Cisco grew seven percent year on year, thanks to its strong channel partner focus and a broad product portfolio boosted by acquisitions”,  said Stahnke.

The prospects for the fourth quarter and next year are also looking positive as the pressure on protecting data increases against a backdrop of the introduction in May of the GDPR regulations.

“In 2018, as hackers intensify the use of AI, attacks will become more sophisticated. This will increase demand for comprehensive security solutions, favouring those vendors with broad product portfolios”, said Stahnke.

Next year should be good for the security channel.

“Security threats have never had more public awareness than they do currently. 2017 saw major events such as Wannacry galvanise the public’s attention and affect organisations all around the world. In 2018, security breaches will continue to hit the headlines and influence businesses into reviewing their data protection. And of course GDPR will be a major factor in promoting sales of security solutions”, said Ian Kilpatrick, EVP Cyber Security for Nuvias Group.

“The reality is that security will continue to be a high growth area for the channel. In a market which is already overcrowded with solutions, 2018 will bring great opportunities for resellers to build on their position as trusted advisors and guide clients through what may seem like a worrying and confusing scenario”, he added.

NHS looking for a cybersecurity partner

CONurse.OriginalUKquadposterAfter the WannaCry disaster, the NHS wants a cybersecurity partner to create a security operations centre (SOC), in a deal set to be worth £20 million.

A contract notice, published by NHS Digital shows plans to select a “strategic partner” that will develop and support the SOC for three years.

In a statement, NHS Digital said the agreement would provide “enhanced monitoring of national services” and also bolster the NHS’ ethical hacking capabilities.

Dan Taylor, head of the digital security centre at NHS Digital, said: “The partnership will provide access to extra specialist resources during peak periods and enable the team which would proactively monitor the web for security threats and emerging vulnerabilities.

“It will also allow us to improve our current capabilities in ethical hacking, vulnerability testing and the forensic analysis of malicious software, and will improve our ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats.

“By creating a national, near-real-time monitoring and alerting service that covers the whole health and care system, the SOC will drive economies of scale, giving health and care organisations additional intelligence and support services that they might not otherwise be able to access.”

NHS Digital will invite five or six suppliers to tender for the contract, with the deadline for suppliers to express interest set for 20 December.

NHS Digital expects to invite potential suppliers to tender on 15 January next year.

The NHS had a rough time after the network was taken down by the WannaCry virus which was blamed on the outdated and unsupported operating systems used by NHS organisations.

Half of companies to outsource security

funny-security-guardNearly half of companies plan to outsource their security opening the way for managed security service providers (MSSPs) according to research from service management software provider SolarWinds .

SolarWinds is a managed service provider (MSP) so the results are not entirely unexpected, but the results come from a survey with 401 UK and US enterprises in a report called ‘The Path to MSSP’.

From its findings, 60 percent of respondents are currently managing all or part of their security internally but of those, 82 percent are likely to outsource in the next year.

Out of those likely to outsource, 42 percent  cited cost and 40 percent performance as the main drivers for this decision. Those who are likely to outsource also make up 49 percent of all the respondents and the report highlights how MSSPs can take advantage of this opportunity.

The difference between MSSPs and managed service providers (MSPs) is that the former meet various criteria in four categories: infrastructure, risk and vulnerability management, data security and identity and access management. The majority of businesses in the report preferred a security specialist to an MSP, with 70 percent agreeing that it would give them ‘more trust in their security capabilities’.

Tim Brown, vice president of security architecture at SolarWinds MSP, said that daily reports of security issues were forcing businesses to examine their protection measures.

“This creates nervousness amongst enterprises and SMEs and greater scrutiny of the IT security measures in place. Where there is market turbulence, there is also opportunity, and the good news for IT service providers is that this has resulted in almost half of all businesses planning to outsource their security needs to specialists”, he said.

“However, IT service providers need to remember that more opportunity inherently means more competition. Providers need to be able to prove their knowledge, capabilities, and available resources to take full advantage.”

 

CEOs coming around to computer security idea

BouncerFoxFeatureIt seems that CEOs are finally getting the message that they will have to invest in cyber security.

Bean counters at KPMG found that many feel an investment in cyber protection is a revenue opportunity.

The KPMG CEO Outlook 2017 asked 150 CEOs for their thoughts about security and found that 70 per cent viewed it as a chance to find fresh revenue streams and innovate, rather than an overhead cost.

The survey also found that CEOs are also becoming more comfortable with the idea that they personally had a responsibility for ‘mitigating cyber risk’.

Paul Taylor, UK head of cyber security at KPMG said that it was good that business leaders are finally seeing cyber security investment as a positive figure on the balance sheet rather than a negative one.

“More needs to be done to make sure their businesses are prepared for  a cyberattack, whether it’s from external sources or even insiders,” he said.

The warning that came with the KPMG findings was the continued lack of investment in cyber security with many CEOs admitting that they were not fully prepared for business data theft or an employee-led data breach.

The combination of positive feelings about the potential of security to drive revenue and the need for further investment should be a perfect storm for those in the channel with the right skills.

“With recent high profiles attacks like Wannacry hitting the press, cyber security should be on every CEO’s radar. Businesses now need to match their investment in innovative technology with their investment into cyber security, in order to stay one step ahead of cyber criminals,” added Taylor.

Gartner sees opportunities in security services

funny-security-guardBeancounters at Gartner have had a quick look at the security market for the rest of this year and decided that there are opportunities on the services side.

It in its report, Big G said that the security market is set for a strong end to the year and a positive outlook for 2018, with those in the channel providing services in the best position.

Gartner is forecasting a seven percent year-on-year increase in global security spending in 2017 with the sector generating $86.4 billion in sales. That growth should continue into 2018, with the market hitting a value of $93 billion.

Punters apparently want infrastructure protection and security testing is popular area. DevOps will also drive a greater need for applications to be checked more closely, the Big G report said.

The fastest growing segment was security services, with those in the channel able to offer outsourcing consulting and implementation support the best placed to reap the rewards.

Managed security services will also become more blended with the offerings provided by MSPs over the next few years.

However the hardware is still pretty disappointing. Gartner claims that area coming under challenge from the growth of virtual appliances and the shift towards public cloud.

The security market is usually a strong segment given the need for customers to protect their data but the recent high profile breaches and ransomware attacks had also helped raise the levels of awareness.

Sid Deshpande, principal research analyst at Gartner said that rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services.

He said the channel also has a role to play in continuing to educate customers about the basics of security to prevent further breaches.

“Improving security is not just about spending on new technologies. As seen in the recent spate of global security incidents, doing the basics right has never been more important. Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening,” said Deshpande.

Kaspersky warns MSPs need to improve security

securitySecurity outfit Kaspersky Labs has warned that there real dangers that some of the current security offerings from MSPs will fall short and leave users exposed to risks.

SMB Business head at Kaspersky Vladimir Zapolyansky said that for service providers, it’s not enough to simply have cybersecurity services in their portfolio. One damaging incident such as a ransomware infection can undermine their reputation and affect relationships with customers.

The security vendor found that 92 percent  of MSPs now include cybersecurity as part of the portfolio of services they offer and many believe that providing it gives them a better reputation.

Three quarters of those MSPs quizzed by the vendor also expected the provision of security services would gain them new customers as well as keeping existing accounts on board.

The study also revealed that MSPs listed security as one of the main concerns for their customers with many looking for a service that would block ransomware.

But skill shortages along with issues remotely deploying and managing security solutions are causing headaches.

The advice from Zapolyansky to MSPs was to choose security products that had been designed with an service provider in mind and were easy to deploy and manage.

The debate about the value of turning to an MSSP rather than MSP when it comes to security issues will run and run.

 

Queen’s Speech features new UK data protection law and digital charter

Parliament 2017Her Majesty the Queen, crowned in her best blue hat, mentioned a few things for the tech industry in her speech including promises of a new UK data protection law and digital charter.

Brexit dominated the speech and observers noted the fact that a few of the key Tory’s manifesto pledges such as a return to fox torture and expanding grammar schools had been removed. However, technology was also a recurring theme in the speech.

“A new law will ensure that the United Kingdom retains its world-class regime protecting personal data, and proposals for a new digital charter will be brought forward to ensure that the United Kingdom is the safest place to be online”, the Queen said.

This means that a UK-specific GDPR is on the way and this could have a significant impact on the Channel who will welcome it the same way as they would a rabid dog.

Theresa May wanted to establish an international framework which is similar to those for banking and trade is expected to include proposals for closer scrutiny and regulation of certain activities online, chiefly of extremist material or content that is abusive or harmful to children.

This means that despite government claims to want a free and open internet, these proposals will drown tech companies in red tape.

The Queen also said that her government will bring forward proposals to ensure that critical national infrastructure is protected to safeguard national security.

“A commission for countering extremism will be established to support the government in stamping out extremist ideology in all its forms, both across society and on the internet, so it is denied a safe space to spread,” she said.

This might be more welcome as cyber security breaches cost businesses almost £30bn last year and small firms, are accelerating investment in security technologies to protect themselves and their customers from threats online.

AV market heading back to the 2000s

back-to-the-futureIn the 2000s McAfee and Symantec ruled the AV market, and now the latest figures suggest they could be back again.

Symantec and McAfee lost ground in the IT security market when they were outevolved by next-generation technology and more agile start-ups. Now the pair think they are ready to rule again.

They have a long way to climb in 2005, Symantec held the top spot with 32.2 percent of the worldwide security software market by revenue, and McAfee held 12.4 percent at No. 2, with both seeing double-digit year-over-year growth, according to Gartner. Ten years later, Symantec and McAfee still owned the top two spots in the security software, but their share of the market had dropped dramatically.

After three consecutive years of revenue decline, Symantec held 15.2 percent of the worldwide security software market in 2015, while McAfee was at 7.9 percent after a year-over-year revenue dip.

The pair carried out some major restructuring spinouts, acquisitions and senior management changes.

The security market is growing at a rapid pace, expected to hit $202.4 billion by 2021, up from $122.5 billion in 2016, according to research firm MarketsandMarkets.

Symantec and McAfee are returning in force into the market with a platform security strategy and are targeting the core of a company’s security infrastructure.

Both claim single, integrated platform bases with their own broad set of products with those of third-party vendors. They want to drive analytics and automation, while reducing complexity.

They both have a different cunning plan as to what part of the security set-up they want to control.

McAfee is looking to drive focus on what it calls the “threat defence life cycle”, including endpoint, data centre, data protection and cloud security, as well as investments around overarching analytics and automation. The idea is to integrate with the company’s Data Exchange Layer (DXL) offering.

Symantec is looking to own more of the pieces including secure web gateways to email to data loss prevention to multifactor authentication. This will allow customers to choose a single, fully integrated platform, as well as the possibility to integrate with third-party solutions.

Ironscales needs security resellers

0941dac383f60a9f815aeac28fead1e3Email phishing remediation outfit Ironscales is looking for security resellers to roll out its goods in the UK

Ironscales was founded in 2013 by CEO Eyal Benishti to provide and intelligence capabilities on phishing emails.

He said that there were only two major email security solutions. The first is the more traditional gateway or filter that sits on the network or the cloud, with the emails going through and trying to decide if they should be let through or not.

While these are good at filtering out spam or known attacks, but it’s at least a couple of hours before they can spot new attacks. The other technique involves training which stops around 80 per cent of attacks.

Ironscales works on the idea that you use machine learning and human interaction. The machine learning aspect of the software quarantines malicious content, but it will also learn from the use commands.

It operates both on end-point devices – in the form of a plug-in for the likes of Microsoft Outlook and Gmail – and also on the perimeter or in the cloud.

The company launched into the UK two months ago and now has two employees, with more set to follow soon to increase its sales and presales presence. The vendor has four UK channel partners, but wants more managed security service providers.

It signed a deal with Check Point, which sees the vendor support Ironscales’ sandbox solution, which Benishti said provides a strong proposition for current Check Point partners to bolt on Ironscales’ products.

However, the company wants channel partners that have no anti-phishing solution and those who want to replace a traditional solution like email filtering.
A channel programme is expected to be launched in the coming months along with moves into mainland Europe with an initial focus on the Nordics.

Digital security outfit Gemalto gets into digits

fingerprint Digital security outfit Gemalto has closed its acquisition of 3M’s Identity Management Business after approval by the relevant regulatory and antitrust authorities.

This strategic acquisition rounds out Gemalto’s cunning plan to get Government contracts offering by adding biometric technologies and more secure document features. It ideally positions the Company to provide solutions for the promising commercial biometrics market, the outfit claims.

The Identity Management Business will be integrated into Gemalto Government Programs business. In 2016, the acquired business generated $202 million in revenue and an estimated $53 million in profit from operations.

Philippe Vallée, Gemalto CEO said that buying 3M’s Identity Management Business, Gemalto makes a strategic move by in-sourcing biometric technology.

“Combining our market access, technologies and expertise will enable Gemalto to further accelerate the deployment of trusted national identities and to offer strong end-to-end biometric authentication solutions throughout the digital economy. “

Cylance may have over egged performance

OLYMPUS DIGITAL CAMERA

Anti-virus outfit Cylance appears to have been caught out trying to create false positives in clients machines as part of a sales gimmick.

According to Ars Technica  the scheme was rumbled when a systems engineer at a large company was evaluating security software products when he discovered something suspicious.

Cylance had provided him with 48 malware files in an archive stored in the vendor’s Box cloud storage account. The idea was to show the company how good its Protect, a “next generation” endpoint protection system built on machine learning really was.

Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them. But when the engineer took a closer look at the malware files in question—and found that seven were not malware.

He reasoned that Cylance was using the test to close the sale by providing files that other products wouldn’t detect—that is, bogus malware only Protect would catch. Cylance claims Protect uses AI to train itself using “the DNA markers of 1 billion known bad and 1 billion known good files.”

But over the past year, competitors and testing companies have accused Cylance of using product tests that favour the company. These critics have also accused Cylance of using legal threats to block independent, competitive testing.

Cylance executives reply accuses testing companies of running tests that inaccurately represent performance.

Ars says that the Cylance appears to be “re-packing” existing malware samples and turning them into “fresh” malware mostly using packers to convert executable files into self-extracting archives or otherwise obscure their executable code.

Cylance executives said there is no foul in that, because that is exactly what hackers do – share malware and repackage that malware to evade signature-based detection. The files that only Cylance caught in the test were all repacked in some way; five of the files were processed with MPRESS and the remainder were packed with other tools, including what appears to be a custom packer.

Of the nine files in question, testing by the customer, by Ars, and by other independent researchers showed that only two actually contained malware. One of the MPRESS-packed samples appeared to contain a copy of the MPRESS packer itself. The remainder of the MPRESS files contained either “husks”—essentially empty files—or samples that had been corrupted in packing. Two others crashed on execution, after opening a bunch of Windows resources without using them.

UKFast buys another security outfit

UKFast-Office-Inside-1024x564UKFast has written a cheque for its second security firm acquisition in just a few months.

The outfit is getting more aggressive as it seeks larger public sector contracts. Last July it bought Pentest and this week wrote a  £2.3 million cheque for Secure Information Assurance. SIA has clients which include the MoD and the Cabinet Office.

The deal took a year to complete and required UKFast to get access to the IL3 and IL4 Official-Sensitive accreditations.

UKFast CEO Lawrence Jones said that acquiring S-IA was a strategic move, not only because of its high-profile government clients, but also because of its security product set.

“It’s a rising business and the deal was an extremely competitive process, but the S-IA management team sees the clear advantage of partnering with UKFast, seeing the instant scalability of our eCloud platform as the perfect offering for the government.”

S-IA CEO Martin Knapp is remaining to head up UKFast’s G-Cloud team and will be looking to grow public sector revenues.

“The conversation started when we went to UKFast to look at their data centre facilities. We initially planned to host our cloud with UKFast, but we were so impressed that we started a conversation about becoming partners and that quickly became a conversation about Lawrence buying the business,” he said.

Customers will blame companies for data breaches

affiche.Blame.51335Customers believe that outfits who hold their data are responsible for any data breaches and will not see themselves as responsible in anyway.

A new report created by digital security outfit Gemalto said that customers put any responsibility for protecting their personal data firmly at the hands of the organizations holding their data – and not themselves.

Of the 9,000 customers surveyed worldwide, 70 percent of the responsibility for protecting and securing customer data lies with companies and only 30 percent of the responsibility with themselves.

Less than a third of customers believe companies are taking protection of their personal data very seriously. This comes as customers are becoming increasingly fearful of their data being stolen, with 58 percent believing it will happen to them in the future. More than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64 percent of all data breaches.

Despite becoming more aware of the threats posed to them online, only one in ten believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behavior as a result:

• 80 per cent use social media, despite 59 percent believing these networks pose a great risk
• 87 per cent use online or mobile banking, with 34 percent believing they leave them vulnerable to cybercriminals
• Consumers are also more likely to shop online during busy commercial periods such as Black Friday and Christmas (2 percent increase online versus -2 per cent decrease in store), despite 21 percent admitting
the threat of cybercrime increases a lot during these periods

Nearly 60 per cent believe they will be a victim of a breach at some point, and organizations need to be prepared for the loss of business such incidents may cause. Most consumers who currently use the following, say they would stop using a retailer (60 per cent), bank (58 percent) or social media site (56 percent) if it suffered a breach, while 66 per cent say they would be unlikely to do business with an organisation that experienced a breach where their financial and sensitive information was stolen.

The lack of consumer confidence could be due to the lack of strong security measures being implemented by businesses. Within online banking, passwords are still the most common authentication methods – used by 84 per cent for online and 82 per cent for mobile banking, and more advanced transaction security the next highest for both. Solutions like two-factor authentication (43 per cent online and 42 per cent mobile) and data encryption (31 percent online and 27 percent mobile) trail behind.

Similar results can be seen in both the retail space, with only 25 percent of respondents that use online retail accounts claiming two-factor authentication is used on all their apps and websites, and in social media, with only 21 percent using the authentication for all platforms. Only 16 per cent of all respondents admitted to having a complete understanding of what data encryption is and does.

Jason Hart, CTO, Data Protection at Gemalto said that customers have clearly made the decision that they are prepared to take risks when it comes to their security, but should anything go wrong they put the blame with the business.

“The modern-day consumer is all about convenience and they expect businesses to provide this, while also keeping their data safe. With the impending threats of consumers taking legal action against companies, an education process is clearly needed to show consumers the steps they are taking to protect their data. Implementing and educating about advanced protocols like two-factor authentication and encryption solutions, should show consumers that the protection of their personal data is being taken very seriously.”

Britain’s not got security talent

5710dc371600002b0031bc8aMore than half of UK organisations do not believe they have the in-house talent required to combat existing cyber-security threats, according to new research.

Beancounters from Databarracks have added up some numbers and divided by their shoe size and reached the conclusion that two thirds of the 350 IT decision makers questioned had been affected by a cyber-threat in the past year. But 53 per cent of those questioned felt that they had the sufficient cyber-security skills in their team needed to handle the current sophistication of attacks.

According to Databarrack’s 2016 Data Health Check cyber attacks were increasing and only a third of the respondents in our study remained unscathed by an attack in the last 12 months.

Oscar Arean, technical operations manager at Databarracks said: “Reassuringly though, the number of people looking to improve their security policies is increasing year on year, with a third of respondents in 2016 admitting they had reviewed policies and made changes following an attack, as opposed to 29 per cent in 2014.”

According to the report, over half of respondents have invested in safeguards to protect against cyber threats in the past year. Ongoing training, cyber threat monitoring solutions, and improvement of policies were the most common investments.

“This is a definite step in the right direction, but it seems that current resilience planning is mostly inward-looking at this point, as only 5 per cent of respondents had invested in a certification to a cyber security framework. Considering confidence in in-house skills is so low, it’s likely we’ll see an increase in adoption of security frameworks in the coming years,” Arean said.

Kaspersky ends reseller contract with Quadsys

40153923-1-kaspersky1Russian security outfit Kaspersky Lab has told security reseller Quadsys to go forth and multiply after its company bosses admitted hacking rivals.

Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant Jon Townsend pleaded guilty to securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse Act 1990.

The five were charged in summer 2015 with hacking into a rival’s database to plunder customer information and pricing details. Sentencing is set for 9 September.

Quadsys, which was accredited as a Kaspersky Gold partner, the vendor’s top tier certification has moved to distance itself from the troubled outfit and has ended its business relationship with the company.

Others are expected to follow, but still have not gone on record.  Sophos had actually promoted Quadsys to its platinum certification on 1 August, just nine days after the Quadsys Five pleaded guilty at Oxford Crown Court.