Tag: security

CEOs coming around to computer security idea

BouncerFoxFeatureIt seems that CEOs are finally getting the message that they will have to invest in cyber security.

Bean counters at KPMG found that many feel an investment in cyber protection is a revenue opportunity.

The KPMG CEO Outlook 2017 asked 150 CEOs for their thoughts about security and found that 70 per cent viewed it as a chance to find fresh revenue streams and innovate, rather than an overhead cost.

The survey also found that CEOs are also becoming more comfortable with the idea that they personally had a responsibility for ‘mitigating cyber risk’.

Paul Taylor, UK head of cyber security at KPMG said that it was good that business leaders are finally seeing cyber security investment as a positive figure on the balance sheet rather than a negative one.

“More needs to be done to make sure their businesses are prepared for  a cyberattack, whether it’s from external sources or even insiders,” he said.

The warning that came with the KPMG findings was the continued lack of investment in cyber security with many CEOs admitting that they were not fully prepared for business data theft or an employee-led data breach.

The combination of positive feelings about the potential of security to drive revenue and the need for further investment should be a perfect storm for those in the channel with the right skills.

“With recent high profiles attacks like Wannacry hitting the press, cyber security should be on every CEO’s radar. Businesses now need to match their investment in innovative technology with their investment into cyber security, in order to stay one step ahead of cyber criminals,” added Taylor.

Gartner sees opportunities in security services

funny-security-guardBeancounters at Gartner have had a quick look at the security market for the rest of this year and decided that there are opportunities on the services side.

It in its report, Big G said that the security market is set for a strong end to the year and a positive outlook for 2018, with those in the channel providing services in the best position.

Gartner is forecasting a seven percent year-on-year increase in global security spending in 2017 with the sector generating $86.4 billion in sales. That growth should continue into 2018, with the market hitting a value of $93 billion.

Punters apparently want infrastructure protection and security testing is popular area. DevOps will also drive a greater need for applications to be checked more closely, the Big G report said.

The fastest growing segment was security services, with those in the channel able to offer outsourcing consulting and implementation support the best placed to reap the rewards.

Managed security services will also become more blended with the offerings provided by MSPs over the next few years.

However the hardware is still pretty disappointing. Gartner claims that area coming under challenge from the growth of virtual appliances and the shift towards public cloud.

The security market is usually a strong segment given the need for customers to protect their data but the recent high profile breaches and ransomware attacks had also helped raise the levels of awareness.

Sid Deshpande, principal research analyst at Gartner said that rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services.

He said the channel also has a role to play in continuing to educate customers about the basics of security to prevent further breaches.

“Improving security is not just about spending on new technologies. As seen in the recent spate of global security incidents, doing the basics right has never been more important. Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening,” said Deshpande.

Kaspersky warns MSPs need to improve security

securitySecurity outfit Kaspersky Labs has warned that there real dangers that some of the current security offerings from MSPs will fall short and leave users exposed to risks.

SMB Business head at Kaspersky Vladimir Zapolyansky said that for service providers, it’s not enough to simply have cybersecurity services in their portfolio. One damaging incident such as a ransomware infection can undermine their reputation and affect relationships with customers.

The security vendor found that 92 percent  of MSPs now include cybersecurity as part of the portfolio of services they offer and many believe that providing it gives them a better reputation.

Three quarters of those MSPs quizzed by the vendor also expected the provision of security services would gain them new customers as well as keeping existing accounts on board.

The study also revealed that MSPs listed security as one of the main concerns for their customers with many looking for a service that would block ransomware.

But skill shortages along with issues remotely deploying and managing security solutions are causing headaches.

The advice from Zapolyansky to MSPs was to choose security products that had been designed with an service provider in mind and were easy to deploy and manage.

The debate about the value of turning to an MSSP rather than MSP when it comes to security issues will run and run.

 

Queen’s Speech features new UK data protection law and digital charter

Parliament 2017Her Majesty the Queen, crowned in her best blue hat, mentioned a few things for the tech industry in her speech including promises of a new UK data protection law and digital charter.

Brexit dominated the speech and observers noted the fact that a few of the key Tory’s manifesto pledges such as a return to fox torture and expanding grammar schools had been removed. However, technology was also a recurring theme in the speech.

“A new law will ensure that the United Kingdom retains its world-class regime protecting personal data, and proposals for a new digital charter will be brought forward to ensure that the United Kingdom is the safest place to be online”, the Queen said.

This means that a UK-specific GDPR is on the way and this could have a significant impact on the Channel who will welcome it the same way as they would a rabid dog.

Theresa May wanted to establish an international framework which is similar to those for banking and trade is expected to include proposals for closer scrutiny and regulation of certain activities online, chiefly of extremist material or content that is abusive or harmful to children.

This means that despite government claims to want a free and open internet, these proposals will drown tech companies in red tape.

The Queen also said that her government will bring forward proposals to ensure that critical national infrastructure is protected to safeguard national security.

“A commission for countering extremism will be established to support the government in stamping out extremist ideology in all its forms, both across society and on the internet, so it is denied a safe space to spread,” she said.

This might be more welcome as cyber security breaches cost businesses almost £30bn last year and small firms, are accelerating investment in security technologies to protect themselves and their customers from threats online.

AV market heading back to the 2000s

back-to-the-futureIn the 2000s McAfee and Symantec ruled the AV market, and now the latest figures suggest they could be back again.

Symantec and McAfee lost ground in the IT security market when they were outevolved by next-generation technology and more agile start-ups. Now the pair think they are ready to rule again.

They have a long way to climb in 2005, Symantec held the top spot with 32.2 percent of the worldwide security software market by revenue, and McAfee held 12.4 percent at No. 2, with both seeing double-digit year-over-year growth, according to Gartner. Ten years later, Symantec and McAfee still owned the top two spots in the security software, but their share of the market had dropped dramatically.

After three consecutive years of revenue decline, Symantec held 15.2 percent of the worldwide security software market in 2015, while McAfee was at 7.9 percent after a year-over-year revenue dip.

The pair carried out some major restructuring spinouts, acquisitions and senior management changes.

The security market is growing at a rapid pace, expected to hit $202.4 billion by 2021, up from $122.5 billion in 2016, according to research firm MarketsandMarkets.

Symantec and McAfee are returning in force into the market with a platform security strategy and are targeting the core of a company’s security infrastructure.

Both claim single, integrated platform bases with their own broad set of products with those of third-party vendors. They want to drive analytics and automation, while reducing complexity.

They both have a different cunning plan as to what part of the security set-up they want to control.

McAfee is looking to drive focus on what it calls the “threat defence life cycle”, including endpoint, data centre, data protection and cloud security, as well as investments around overarching analytics and automation. The idea is to integrate with the company’s Data Exchange Layer (DXL) offering.

Symantec is looking to own more of the pieces including secure web gateways to email to data loss prevention to multifactor authentication. This will allow customers to choose a single, fully integrated platform, as well as the possibility to integrate with third-party solutions.

Ironscales needs security resellers

0941dac383f60a9f815aeac28fead1e3Email phishing remediation outfit Ironscales is looking for security resellers to roll out its goods in the UK

Ironscales was founded in 2013 by CEO Eyal Benishti to provide and intelligence capabilities on phishing emails.

He said that there were only two major email security solutions. The first is the more traditional gateway or filter that sits on the network or the cloud, with the emails going through and trying to decide if they should be let through or not.

While these are good at filtering out spam or known attacks, but it’s at least a couple of hours before they can spot new attacks. The other technique involves training which stops around 80 per cent of attacks.

Ironscales works on the idea that you use machine learning and human interaction. The machine learning aspect of the software quarantines malicious content, but it will also learn from the use commands.

It operates both on end-point devices – in the form of a plug-in for the likes of Microsoft Outlook and Gmail – and also on the perimeter or in the cloud.

The company launched into the UK two months ago and now has two employees, with more set to follow soon to increase its sales and presales presence. The vendor has four UK channel partners, but wants more managed security service providers.

It signed a deal with Check Point, which sees the vendor support Ironscales’ sandbox solution, which Benishti said provides a strong proposition for current Check Point partners to bolt on Ironscales’ products.

However, the company wants channel partners that have no anti-phishing solution and those who want to replace a traditional solution like email filtering.
A channel programme is expected to be launched in the coming months along with moves into mainland Europe with an initial focus on the Nordics.

Digital security outfit Gemalto gets into digits

fingerprint Digital security outfit Gemalto has closed its acquisition of 3M’s Identity Management Business after approval by the relevant regulatory and antitrust authorities.

This strategic acquisition rounds out Gemalto’s cunning plan to get Government contracts offering by adding biometric technologies and more secure document features. It ideally positions the Company to provide solutions for the promising commercial biometrics market, the outfit claims.

The Identity Management Business will be integrated into Gemalto Government Programs business. In 2016, the acquired business generated $202 million in revenue and an estimated $53 million in profit from operations.

Philippe Vallée, Gemalto CEO said that buying 3M’s Identity Management Business, Gemalto makes a strategic move by in-sourcing biometric technology.

“Combining our market access, technologies and expertise will enable Gemalto to further accelerate the deployment of trusted national identities and to offer strong end-to-end biometric authentication solutions throughout the digital economy. “

Cylance may have over egged performance

OLYMPUS DIGITAL CAMERA

Anti-virus outfit Cylance appears to have been caught out trying to create false positives in clients machines as part of a sales gimmick.

According to Ars Technica  the scheme was rumbled when a systems engineer at a large company was evaluating security software products when he discovered something suspicious.

Cylance had provided him with 48 malware files in an archive stored in the vendor’s Box cloud storage account. The idea was to show the company how good its Protect, a “next generation” endpoint protection system built on machine learning really was.

Protect identified all 48 of the samples as malicious, while competing products flagged most but not all of them. But when the engineer took a closer look at the malware files in question—and found that seven were not malware.

He reasoned that Cylance was using the test to close the sale by providing files that other products wouldn’t detect—that is, bogus malware only Protect would catch. Cylance claims Protect uses AI to train itself using “the DNA markers of 1 billion known bad and 1 billion known good files.”

But over the past year, competitors and testing companies have accused Cylance of using product tests that favour the company. These critics have also accused Cylance of using legal threats to block independent, competitive testing.

Cylance executives reply accuses testing companies of running tests that inaccurately represent performance.

Ars says that the Cylance appears to be “re-packing” existing malware samples and turning them into “fresh” malware mostly using packers to convert executable files into self-extracting archives or otherwise obscure their executable code.

Cylance executives said there is no foul in that, because that is exactly what hackers do – share malware and repackage that malware to evade signature-based detection. The files that only Cylance caught in the test were all repacked in some way; five of the files were processed with MPRESS and the remainder were packed with other tools, including what appears to be a custom packer.

Of the nine files in question, testing by the customer, by Ars, and by other independent researchers showed that only two actually contained malware. One of the MPRESS-packed samples appeared to contain a copy of the MPRESS packer itself. The remainder of the MPRESS files contained either “husks”—essentially empty files—or samples that had been corrupted in packing. Two others crashed on execution, after opening a bunch of Windows resources without using them.

UKFast buys another security outfit

UKFast-Office-Inside-1024x564UKFast has written a cheque for its second security firm acquisition in just a few months.

The outfit is getting more aggressive as it seeks larger public sector contracts. Last July it bought Pentest and this week wrote a  £2.3 million cheque for Secure Information Assurance. SIA has clients which include the MoD and the Cabinet Office.

The deal took a year to complete and required UKFast to get access to the IL3 and IL4 Official-Sensitive accreditations.

UKFast CEO Lawrence Jones said that acquiring S-IA was a strategic move, not only because of its high-profile government clients, but also because of its security product set.

“It’s a rising business and the deal was an extremely competitive process, but the S-IA management team sees the clear advantage of partnering with UKFast, seeing the instant scalability of our eCloud platform as the perfect offering for the government.”

S-IA CEO Martin Knapp is remaining to head up UKFast’s G-Cloud team and will be looking to grow public sector revenues.

“The conversation started when we went to UKFast to look at their data centre facilities. We initially planned to host our cloud with UKFast, but we were so impressed that we started a conversation about becoming partners and that quickly became a conversation about Lawrence buying the business,” he said.

Customers will blame companies for data breaches

affiche.Blame.51335Customers believe that outfits who hold their data are responsible for any data breaches and will not see themselves as responsible in anyway.

A new report created by digital security outfit Gemalto said that customers put any responsibility for protecting their personal data firmly at the hands of the organizations holding their data – and not themselves.

Of the 9,000 customers surveyed worldwide, 70 percent of the responsibility for protecting and securing customer data lies with companies and only 30 percent of the responsibility with themselves.

Less than a third of customers believe companies are taking protection of their personal data very seriously. This comes as customers are becoming increasingly fearful of their data being stolen, with 58 percent believing it will happen to them in the future. More than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64 percent of all data breaches.

Despite becoming more aware of the threats posed to them online, only one in ten believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behavior as a result:

• 80 per cent use social media, despite 59 percent believing these networks pose a great risk
• 87 per cent use online or mobile banking, with 34 percent believing they leave them vulnerable to cybercriminals
• Consumers are also more likely to shop online during busy commercial periods such as Black Friday and Christmas (2 percent increase online versus -2 per cent decrease in store), despite 21 percent admitting
the threat of cybercrime increases a lot during these periods

Nearly 60 per cent believe they will be a victim of a breach at some point, and organizations need to be prepared for the loss of business such incidents may cause. Most consumers who currently use the following, say they would stop using a retailer (60 per cent), bank (58 percent) or social media site (56 percent) if it suffered a breach, while 66 per cent say they would be unlikely to do business with an organisation that experienced a breach where their financial and sensitive information was stolen.

The lack of consumer confidence could be due to the lack of strong security measures being implemented by businesses. Within online banking, passwords are still the most common authentication methods – used by 84 per cent for online and 82 per cent for mobile banking, and more advanced transaction security the next highest for both. Solutions like two-factor authentication (43 per cent online and 42 per cent mobile) and data encryption (31 percent online and 27 percent mobile) trail behind.

Similar results can be seen in both the retail space, with only 25 percent of respondents that use online retail accounts claiming two-factor authentication is used on all their apps and websites, and in social media, with only 21 percent using the authentication for all platforms. Only 16 per cent of all respondents admitted to having a complete understanding of what data encryption is and does.

Jason Hart, CTO, Data Protection at Gemalto said that customers have clearly made the decision that they are prepared to take risks when it comes to their security, but should anything go wrong they put the blame with the business.

“The modern-day consumer is all about convenience and they expect businesses to provide this, while also keeping their data safe. With the impending threats of consumers taking legal action against companies, an education process is clearly needed to show consumers the steps they are taking to protect their data. Implementing and educating about advanced protocols like two-factor authentication and encryption solutions, should show consumers that the protection of their personal data is being taken very seriously.”

Britain’s not got security talent

5710dc371600002b0031bc8aMore than half of UK organisations do not believe they have the in-house talent required to combat existing cyber-security threats, according to new research.

Beancounters from Databarracks have added up some numbers and divided by their shoe size and reached the conclusion that two thirds of the 350 IT decision makers questioned had been affected by a cyber-threat in the past year. But 53 per cent of those questioned felt that they had the sufficient cyber-security skills in their team needed to handle the current sophistication of attacks.

According to Databarrack’s 2016 Data Health Check cyber attacks were increasing and only a third of the respondents in our study remained unscathed by an attack in the last 12 months.

Oscar Arean, technical operations manager at Databarracks said: “Reassuringly though, the number of people looking to improve their security policies is increasing year on year, with a third of respondents in 2016 admitting they had reviewed policies and made changes following an attack, as opposed to 29 per cent in 2014.”

According to the report, over half of respondents have invested in safeguards to protect against cyber threats in the past year. Ongoing training, cyber threat monitoring solutions, and improvement of policies were the most common investments.

“This is a definite step in the right direction, but it seems that current resilience planning is mostly inward-looking at this point, as only 5 per cent of respondents had invested in a certification to a cyber security framework. Considering confidence in in-house skills is so low, it’s likely we’ll see an increase in adoption of security frameworks in the coming years,” Arean said.

Kaspersky ends reseller contract with Quadsys

40153923-1-kaspersky1Russian security outfit Kaspersky Lab has told security reseller Quadsys to go forth and multiply after its company bosses admitted hacking rivals.

Quadsys owner Paul Streeter, MD Paul Cox, director Alistair Barnard, account manager Steve Davis and security consultant Jon Townsend pleaded guilty to securing unauthorised access to computer material, contrary to section 1 of the Computer Misuse Act 1990.

The five were charged in summer 2015 with hacking into a rival’s database to plunder customer information and pricing details. Sentencing is set for 9 September.

Quadsys, which was accredited as a Kaspersky Gold partner, the vendor’s top tier certification has moved to distance itself from the troubled outfit and has ended its business relationship with the company.

Others are expected to follow, but still have not gone on record.  Sophos had actually promoted Quadsys to its platinum certification on 1 August, just nine days after the Quadsys Five pleaded guilty at Oxford Crown Court.

Security worries delays Ingram Micro take over

ingram-mico-hqWorries about security have forced the delay of Ingram Micro’s take over by a Chinese outfit.

Ingram says that the deal, which would see it part of the Tianjin Tianhai Investment Company  is  now being delayed until towards the end of the year

The first delay to the deal came last month when the Shanghai Stock Exchange sent a letter to Tianjin Tianhai asking for more details about the takeover. In that case the Exchange was worried about how the deal was being funded.

But now the Committee on Foreign Investment in the United States wants to take a close look at the deal.

“Ingram Micro today announced that the End Date by which the acquisition of Ingram Micro by Tianjin Tianhai Investment Company must be completed has been extended to November 13, 2016,” Ingram said.

Despite the CFIUS activity the expectation from both Ingram and on the Chinese side is that the deal will still close this year.

However it might not be that easy. The US is getting increasingly concerned about the involvement of the Chinese in business. Earlier this week it became clear that the Chinese company that is one of the main investors in the Hinkley Point nuclear power station is facing charges of nuclear espionage in the US.

Cisco warns ransomware scams are targeting enterprises

Cisco Kid Cisco’s Midyear Cybersecurity Report (MCR) is warning that ransomware is a specific threat which is is becoming more widespread and potent.

The report said that the ransomware creators are focusing more than ever on generating revenue and are now targeting enterprise users in addition to individuals.

“These direct attacks are becoming increasingly efficient and lucrative, generating huge profits. Our security researchers calculate that ransomware nets our adversaries nearly $34 million annually,” the report said.

The report said that it is time to improve the odds at handling this type of attack.

At the moment asymmetric attacks are outpacing responses. Attackers’ innovative methods of exploit, persistency, shifting tactics, and ability to operate on a global level create an ominously complex and moving target

“Our research shows that adversaries are now exploiting vulnerabilities in encryption, authorization, and server-side systems, using ‘malvertising as a service’ to infect web users, well as tampering with secure connections like HTTPS. This final example alone has users thinking incorrectly that their connections are secure, leading to a false sense of security and making it increasingly difficult to determine if a connection has been compromised,” the report said.

Security reseller faces hacking charges

acb20792e8439a1d28a1f2cdbd7fdf1cFive employees from cybersecurity outfit Quadsys have admitted to hacking into a rival company’s servers.

The hack was apparently to nick customer data and pricing information and the top Quadsys managers have fessed up and pleaded guilty to hacking charges. Oxfordshire, UK-based Quadsys is a reseller of IT and cybersecurity products, hardware and services. The firm sells software from vendors including Websense, Checkpoint and F-Secure. Customers include Leeds United FC, South Tyne and Wear Primary Care Trust and Derry City Council.

The owner of Quadsys, Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend all appeared at Oxford Crown Court and admitted to “obtaining unauthorised access to computer materials to facilitate the commission of an offence”.

This could lead to up to 12 months testing the security bars of a prison.

In March 2015, the five men were arrested and then charged in August. The group were originally held on suspicion of conspiracy to commit computer misuse offences, unauthorised PC access and conspiracy to acquire and use criminal property — allegedly, the data belonging to customers of the rival company, as well as the firm’s pricing tiers.

However there are signs that they might not get the full weight of the law pressing upon them. The judge in charge of the case reduced the severity of the charges. All five pleaded not guilty to one count of “securing unauthorised access to computer material with intent,” which is against the UK Computer Misuse Act 1990.

After three plea and case hearings, an additional count of securing access to computer material without criminal intent was added to the list, of which Townsend pleaded guilty. Cox was also charged with blackmail, to which he pleaded not guilty.

They are due to be sentenced on 9 September. A second charge, obtaining unauthorised access to computer materials with intent to commit an offence, will also be heard.