Tag: security

Queen’s Speech features new UK data protection law and digital charter

Parliament 2017Her Majesty the Queen, crowned in her best blue hat, mentioned a few things for the tech industry in her speech including promises of a new UK data protection law and digital charter.

Brexit dominated the speech and observers noted the fact that a few of the key Tory’s manifesto pledges such as a return to fox torture and expanding grammar schools had been removed. However, technology was also a recurring theme in the speech.

“A new law will ensure that the United Kingdom retains its world-class regime protecting personal data, and proposals for a new digital charter will be brought forward to ensure that the United Kingdom is the safest place to be online”, the Queen said.

This means that a UK-specific GDPR is on the way and this could have a significant impact on the Channel who will welcome it the same way as they would a rabid dog.

Theresa May wanted to establish an international framework which is similar to those for banking and trade is expected to include proposals for closer scrutiny and regulation of certain activities online, chiefly of extremist material or content that is abusive or harmful to children.

This means that despite government claims to want a free and open internet, these proposals will drown tech companies in red tape.

The Queen also said that her government will bring forward proposals to ensure that critical national infrastructure is protected to safeguard national security.

“A commission for countering extremism will be established to support the government in stamping out extremist ideology in all its forms, both across society and on the internet, so it is denied a safe space to spread,” she said.

This might be more welcome as cyber security breaches cost businesses almost £30bn last year and small firms, are accelerating investment in security technologies to protect themselves and their customers from threats online.

AV market heading back to the 2000s

back-to-the-futureIn the 2000s McAfee and Symantec ruled the AV market, and now the latest figures suggest they could be back again.

Symantec and McAfee lost ground in the IT security market when they were outevolved by next-generation technology and more agile start-ups. Now the pair think they are ready to rule again.

They have a long way to climb in 2005, Symantec held the top spot with 32.2 percent of the worldwide security software market by revenue, and McAfee held 12.4 percent at No. 2, with both seeing double-digit year-over-year growth, according to Gartner. Ten years later, Symantec and McAfee still owned the top two spots in the security software, but their share of the market had dropped dramatically.

After three consecutive years of revenue decline, Symantec held 15.2 percent of the worldwide security software market in 2015, while McAfee was at 7.9 percent after a year-over-year revenue dip.

The pair carried out some major restructuring spinouts, acquisitions and senior management changes.

The security market is growing at a rapid pace, expected to hit $202.4 billion by 2021, up from $122.5 billion in 2016, according to research firm MarketsandMarkets.

Symantec and McAfee are returning in force into the market with a platform security strategy and are targeting the core of a company’s security infrastructure.

Both claim single, integrated platform bases with their own broad set of products with those of third-party vendors. They want to drive analytics and automation, while reducing complexity.

They both have a different cunning plan as to what part of the security set-up they want to control.

McAfee is looking to drive focus on what it calls the “threat defence life cycle”, including endpoint, data centre, data protection and cloud security, as well as investments around overarching analytics and automation. The idea is to integrate with the company’s Data Exchange Layer (DXL) offering.

Symantec is looking to own more of the pieces including secure web gateways to email to data loss prevention to multifactor authentication. This will allow customers to choose a single, fully integrated platform, as well as the possibility to integrate with third-party solutions.

Ironscales needs security resellers

0941dac383f60a9f815aeac28fead1e3Email phishing remediation outfit Ironscales is looking for security resellers to roll out its goods in the UK

Ironscales was founded in 2013 by CEO Eyal Benishti to provide and intelligence capabilities on phishing emails.

He said that there were only two major email security solutions. The first is the more traditional gateway or filter that sits on the network or the cloud, with the emails going through and trying to decide if they should be let through or not.

While these are good at filtering out spam or known attacks, but it’s at least a couple of hours before they can spot new attacks. The other technique involves training which stops around 80 per cent of attacks.

Ironscales works on the idea that you use machine learning and human interaction. The machine learning aspect of the software quarantines malicious content, but it will also learn from the use commands.

It operates both on end-point devices – in the form of a plug-in for the likes of Microsoft Outlook and Gmail – and also on the perimeter or in the cloud.

The company launched into the UK two months ago and now has two employees, with more set to follow soon to increase its sales and presales presence. The vendor has four UK channel partners, but wants more managed security service providers.

It signed a deal with Check Point, which sees the vendor support Ironscales’ sandbox solution, which Benishti said provides a strong proposition for current Check Point partners to bolt on Ironscales’ products.

However, the company wants channel partners that have no anti-phishing solution and those who want to replace a traditional solution like email filtering.
A channel programme is expected to be launched in the coming months along with moves into mainland Europe with an initial focus on the Nordics.

Digital security outfit Gemalto gets into digits

fingerprint Digital security outfit Gemalto has closed its acquisition of 3M’s Identity Management Business after approval by the relevant regulatory and antitrust authorities.

This strategic acquisition rounds out Gemalto’s cunning plan to get Government contracts offering by adding biometric technologies and more secure document features. It ideally positions the Company to provide solutions for the promising commercial biometrics market, the outfit claims.

The Identity Management Business will be integrated into Gemalto Government Programs business. In 2016, the acquired business generated $202 million in revenue and an estimated $53 million in profit from operations.

Philippe Vallée, Gemalto CEO said that buying 3M’s Identity Management Business, Gemalto makes a strategic move by in-sourcing biometric technology.

“Combining our market access, technologies and expertise will enable Gemalto to further accelerate the deployment of trusted national identities and to offer strong end-to-end biometric authentication solutions throughout the digital economy. “

Cylance may have over egged performance

OLYMPUS DIGITAL CAMERA

Anti-virus outfit Cylance appears to have been caught out trying to create false positives in clients machines as part of a sales gimmick.

According to Ars Technica  the scheme was rumbled when a systems engineer at a large company was evaluating security software products when he discovered something suspicious.

Cylance had provided him with 48 malware files in an archive stored in the vendor’s Box cloud storage account. The idea was to show the company how good its Protect, a “next generation” endpoint protection system built on machine learning really was.

Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them. But when the engineer took a closer look at the malware files in question—and found that seven were not malware.

He reasoned that Cylance was using the test to close the sale by providing files that other products wouldn’t detect—that is, bogus malware only Protect would catch. Cylance claims Protect uses AI to train itself using “the DNA markers of 1 billion known bad and 1 billion known good files.”

But over the past year, competitors and testing companies have accused Cylance of using product tests that favour the company. These critics have also accused Cylance of using legal threats to block independent, competitive testing.

Cylance executives reply accuses testing companies of running tests that inaccurately represent performance.

Ars says that the Cylance appears to be “re-packing” existing malware samples and turning them into “fresh” malware mostly using packers to convert executable files into self-extracting archives or otherwise obscure their executable code.

Cylance executives said there is no foul in that, because that is exactly what hackers do – share malware and repackage that malware to evade signature-based detection. The files that only Cylance caught in the test were all repacked in some way; five of the files were processed with MPRESS and the remainder were packed with other tools, including what appears to be a custom packer.

Of the nine files in question, testing by the customer, by Ars, and by other independent researchers showed that only two actually contained malware. One of the MPRESS-packed samples appeared to contain a copy of the MPRESS packer itself. The remainder of the MPRESS files contained either “husks”—essentially empty files—or samples that had been corrupted in packing. Two others crashed on execution, after opening a bunch of Windows resources without using them.

UKFast buys another security outfit

UKFast-Office-Inside-1024x564UKFast has written a cheque for its second security firm acquisition in just a few months.

The outfit is getting more aggressive as it seeks larger public sector contracts. Last July it bought Pentest and this week wrote a  £2.3 million cheque for Secure Information Assurance. SIA has clients which include the MoD and the Cabinet Office.

The deal took a year to complete and required UKFast to get access to the IL3 and IL4 Official-Sensitive accreditations.

UKFast CEO Lawrence Jones said that acquiring S-IA was a strategic move, not only because of its high-profile government clients, but also because of its security product set.

“It’s a rising business and the deal was an extremely competitive process, but the S-IA management team sees the clear advantage of partnering with UKFast, seeing the instant scalability of our eCloud platform as the perfect offering for the government.”

S-IA CEO Martin Knapp is remaining to head up UKFast’s G-Cloud team and will be looking to grow public sector revenues.

“The conversation started when we went to UKFast to look at their data centre facilities. We initially planned to host our cloud with UKFast, but we were so impressed that we started a conversation about becoming partners and that quickly became a conversation about Lawrence buying the business,” he said.

Customers will blame companies for data breaches

affiche.Blame.51335Customers believe that outfits who hold their data are responsible for any data breaches and will not see themselves as responsible in anyway.

A new report created by digital security outfit Gemalto said that customers put any responsibility for protecting their personal data firmly at the hands of the organizations holding their data – and not themselves.

Of the 9,000 customers surveyed worldwide, 70 percent of the responsibility for protecting and securing customer data lies with companies and only 30 percent of the responsibility with themselves.

Less than a third of customers believe companies are taking protection of their personal data very seriously. This comes as customers are becoming increasingly fearful of their data being stolen, with 58 percent believing it will happen to them in the future. More than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64 percent of all data breaches.

Despite becoming more aware of the threats posed to them online, only one in ten believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behavior as a result:

• 80 per cent use social media, despite 59 percent believing these networks pose a great risk
• 87 per cent use online or mobile banking, with 34 percent believing they leave them vulnerable to cybercriminals
• Consumers are also more likely to shop online during busy commercial periods such as Black Friday and Christmas (2 percent increase online versus -2 per cent decrease in store), despite 21 percent admitting
the threat of cybercrime increases a lot during these periods

Nearly 60 per cent believe they will be a victim of a breach at some point, and organizations need to be prepared for the loss of business such incidents may cause. Most consumers who currently use the following, say they would stop using a retailer (60 per cent), bank (58 percent) or social media site (56 percent) if it suffered a breach, while 66 per cent say they would be unlikely to do business with an organisation that experienced a breach where their financial and sensitive information was stolen.

The lack of consumer confidence could be due to the lack of strong security measures being implemented by businesses. Within online banking, passwords are still the most common authentication methods – used by 84 per cent for online and 82 per cent for mobile banking, and more advanced transaction security the next highest for both. Solutions like two-factor authentication (43 per cent online and 42 per cent mobile) and data encryption (31 percent online and 27 percent mobile) trail behind.

Similar results can be seen in both the retail space, with only 25 percent of respondents that use online retail accounts claiming two-factor authentication is used on all their apps and websites, and in social media, with only 21 percent using the authentication for all platforms. Only 16 per cent of all respondents admitted to having a complete understanding of what data encryption is and does.

Jason Hart, CTO, Data Protection at Gemalto said that customers have clearly made the decision that they are prepared to take risks when it comes to their security, but should anything go wrong they put the blame with the business.

“The modern-day consumer is all about convenience and they expect businesses to provide this, while also keeping their data safe. With the impending threats of consumers taking legal action against companies, an education process is clearly needed to show consumers the steps they are taking to protect their data. Implementing and educating about advanced protocols like two-factor authentication and encryption solutions, should show consumers that the protection of their personal data is being taken very seriously.”

Britain’s not got security talent

5710dc371600002b0031bc8aMore than half of UK organisations do not believe they have the in-house talent required to combat existing cyber-security threats, according to new research.

Beancounters from Databarracks have added up some numbers and divided by their shoe size and reached the conclusion that two thirds of the 350 IT decision makers questioned had been affected by a cyber-threat in the past year. But 53 per cent of those questioned felt that they had the sufficient cyber-security skills in their team needed to handle the current sophistication of attacks.

According to Databarrack’s 2016 Data Health Check cyber attacks were increasing and only a third of the respondents in our study remained unscathed by an attack in the last 12 months.

Oscar Arean, technical operations manager at Databarracks said: “Reassuringly though, the number of people looking to improve their security policies is increasing year on year, with a third of respondents in 2016 admitting they had reviewed policies and made changes following an attack, as opposed to 29 per cent in 2014.”

According to the report, over half of respondents have invested in safeguards to protect against cyber threats in the past year. Ongoing training, cyber threat monitoring solutions, and improvement of policies were the most common investments.

“This is a definite step in the right direction, but it seems that current resilience planning is mostly inward-looking at this point, as only 5 per cent of respondents had invested in a certification to a cyber security framework. Considering confidence in in-house skills is so low, it’s likely we’ll see an increase in adoption of security frameworks in the coming years,” Arean said.

Kaspersky ends reseller contract with Quadsys

40153923-1-kaspersky1Russian security outfit Kaspersky Lab has told security reseller Quadsys to go forth and multiply after its company bosses admitted hacking rivals.

Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant Jon Townsend pleaded guilty to securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse Act 1990.

The five were charged in summer 2015 with hacking into a rival’s database to plunder customer information and pricing details. Sentencing is set for 9 September.

Quadsys, which was accredited as a Kaspersky Gold partner, the vendor’s top tier certification has moved to distance itself from the troubled outfit and has ended its business relationship with the company.

Others are expected to follow, but still have not gone on record.  Sophos had actually promoted Quadsys to its platinum certification on 1 August, just nine days after the Quadsys Five pleaded guilty at Oxford Crown Court.

Security worries delays Ingram Micro take over

ingram-mico-hqWorries about security have forced the delay of Ingram Micro’s take over by a Chinese outfit.

Ingram says that the deal, which would see it part of the Tianjin Tianhai Investment Company  is  now being delayed until towards the end of the year

The first delay to the deal came last month when the Shanghai Stock Exchange sent a letter to Tianjin Tianhai asking for more details about the takeover. In that case the Exchange was worried about how the deal was being funded.

But now the Committee on Foreign Investment in the United States wants to take a close look at the deal.

“Ingram Micro today announced that the End Date by which the acquisition of Ingram Micro by Tianjin Tianhai Investment Company must be completed has been extended to November 13, 2016,” Ingram said.

Despite the CFIUS activity the expectation from both Ingram and on the Chinese side is that the deal will still close this year.

However it might not be that easy. The US is getting increasingly concerned about the involvement of the Chinese in business. Earlier this week it became clear that the Chinese company that is one of the main investors in the Hinkley Point nuclear power station is facing charges of nuclear espionage in the US.

Cisco warns ransomware scams are targeting enterprises

Cisco Kid Cisco’s Midyear Cybersecurity Report (MCR) is warning that ransomware is a specific threat which is is becoming more widespread and potent.

The report said that the ransomware creators are focusing more than ever on generating revenue and are now targeting enterprise users in addition to individuals.

“These direct attacks are becoming increasingly efficient and lucrative, generating huge profits. Our security researchers calculate that ransomware nets our adversaries nearly $34 million annually,” the report said.

The report said that it is time to improve the odds at handling this type of attack.

At the moment asymmetric attacks are outpacing responses. Attackers’ innovative methods of exploit, persistency, shifting tactics, and ability to operate on a global level create an ominously complex and moving target

“Our research shows that adversaries are now exploiting vulnerabilities in encryption, authorization, and server-side systems, using ‘malvertising as a service’ to infect web users, well as tampering with secure connections like HTTPS. This final example alone has users thinking incorrectly that their connections are secure, leading to a false sense of security and making it increasingly difficult to determine if a connection has been compromised,” the report said.

Security reseller faces hacking charges

acb20792e8439a1d28a1f2cdbd7fdf1cFive employees from cybersecurity outfit Quadsys have admitted to hacking into a rival company’s servers.

The hack was apparently to nick customer data and pricing information and the top Quadsys managers have fessed up and pleaded guilty to hacking charges. Oxfordshire, UK-based Quadsys is a reseller of IT and cybersecurity products, hardware and services. The firm sells software from vendors including Websense, Checkpoint and F-Secure. Customers include Leeds United FC, South Tyne and Wear Primary Care Trust and Derry City Council.

The owner of Quadsys, Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend all appeared at Oxford Crown Court and admitted to “obtaining unauthorised access to computer materials to facilitate the commission of an offence”.

This could lead to up to 12 months testing the security bars of a prison.

In March 2015, the five men were arrested and then charged in August. The group were originally held on suspicion of conspiracy to commit computer misuse offences, unauthorised PC access and conspiracy to acquire and use criminal property — allegedly, the data belonging to customers of the rival company, as well as the firm’s pricing tiers.

However there are signs that they might not get the full weight of the law pressing upon them. The judge in charge of the case reduced the severity of the charges. All five pleaded not guilty to one count of “securing unauthorised access to computer material with intent,” which is against the UK Computer Misuse Act 1990.

After three plea and case hearings, an additional count of securing access to computer material without criminal intent was added to the list, of which Townsend pleaded guilty. Cox was also charged with blackmail, to which he pleaded not guilty.

They are due to be sentenced on 9 September. A second charge, obtaining unauthorised access to computer materials with intent to commit an offence, will also be heard.

 

Security vendor revenues rising as market contracts

securityBeancounters working for analyst outfit Gartner have added up some numbers and divided by their shoe size and worked out that security software revenues have risen  3.7 percent and were worth  $22.1bn in 2015.

The report said that security information and event management  remained the fastest-growing sub segment of the cybersecurity market and saw a 15.8 per cent growth. Consumer security software recorded a 5.9 percent year-on-year decline.

The top five vendors were Symantec, Intel, IBM, Trend Micro and EMC and they accounted for 37.6 percent of the security software revenue market share, down.

These vendors saw a collective decline of 4.2 percent in 2015, while the rest of the market grew strongly at 9.2 percent year on year. In fact, of the top five only Biggish Blue grew and increased its revenue by 2.5 percent to reach $1.45billion.

Both Symantec and Intel Security both suffered from the long-standing decline of the consumer market for anti-virus products and services. But Symantec still remained on top despite suffering a third consecutive year of revenue decline and its highest decline in revenue over a three-year period.

Still at least it did better than Intel which saw revenues fall from $1.83bn to $1.75bn between 2014 and 2015.

Cisco writes a cheque for cloud-lock

Cisco Kid Networking Tsar Cisco has written a $293 million cheque for cloudy security outfit CloudLock.

CloudLock provides cloud access security tech, and analytics on user behaviour and sensitive data for cloud services.  Cisco said that the acquisition will close in the first quarter of fiscal year 2017 and the  CloudLock team will join Cisco’s Networking and Security Business Group.

It will be ruled by Senior VP and general manager David Goeckeler.

Cisco Corporate Development’s Rob Salvagno said the acquisition will boost security for companies seeking to migrate to the cloud. In fact Cisco is buying rather a lot of cloudy security outfits lately.

It bought Lancope for $452 million, the Portcullis Computer Security for an undisclosed sum, and OpenDNS for $635 million.

 

 

Exclusive poaches Arrow and Computerlinks’s David Ellis

dave-ellis-arrow-formerly-computerlinks-2014-320x320French-based Exclusive Group has poached Arrow executive David Ellis to head up the distributor’s global services.

Exclusive says Ellis will use his experience in supporting new and disruptive technologies to roll out new services offerings for the cybersecurity marke, which probably means the outfit’s cloud services.

Barrie Desmond, COO of Exclusive Group, said that the company was  seeing  more global deals and our ability to support these will add even more value to our vendor and channel partners.

“Global services are a key part of our growth strategy over the next three to five years and Ellis will play a crucial role in achieving this. I’m pleased to welcome him on board and looking forward to working with him for what promises to be an exciting journey ahead.”

Ellis  was a key manager for Arrow in EMEA, responsible for vendor business development and the roll-out of new propositions. Before that, he was director of New Technology and Services at Computerlinks before its acquisition by Arrow. In his 13 years with Computerlinks he built and grew an e-Security offering before assuming responsibility for services, emerging technology and market sectors.

He said that Exclusive has built an enviable reputation for disrupting traditional value-add distribution and I’m really excited to now be part of this.

“In my time within the industry I’ve identified and brought to market a number of new technologies and services, and have seen the cybersecurity market evolve at breakneck speed. I can’t wait to start helping our vendor and channel partners achieve even more value from their relationship with Exclusive Group through new global service offerings.”