Tag: security

Security vendor revenues rising as market contracts

securityBeancounters working for analyst outfit Gartner have added up some numbers and divided by their shoe size and worked out that security software revenues have risen  3.7 percent and were worth  $22.1bn in 2015.

The report said that security information and event management  remained the fastest-growing sub segment of the cybersecurity market and saw a 15.8 per cent growth. Consumer security software recorded a 5.9 percent year-on-year decline.

The top five vendors were Symantec, Intel, IBM, Trend Micro and EMC and they accounted for 37.6 percent of the security software revenue market share, down.

These vendors saw a collective decline of 4.2 percent in 2015, while the rest of the market grew strongly at 9.2 percent year on year. In fact, of the top five only Biggish Blue grew and increased its revenue by 2.5 percent to reach $1.45billion.

Both Symantec and Intel Security both suffered from the long-standing decline of the consumer market for anti-virus products and services. But Symantec still remained on top despite suffering a third consecutive year of revenue decline and its highest decline in revenue over a three-year period.

Still at least it did better than Intel which saw revenues fall from $1.83bn to $1.75bn between 2014 and 2015.

Cisco writes a cheque for cloud-lock

Cisco Kid Networking Tsar Cisco has written a $293 million cheque for cloudy security outfit CloudLock.

CloudLock provides cloud access security tech, and analytics on user behaviour and sensitive data for cloud services.  Cisco said that the acquisition will close in the first quarter of fiscal year 2017 and the  CloudLock team will join Cisco’s Networking and Security Business Group.

It will be ruled by Senior VP and general manager David Goeckeler.

Cisco Corporate Development’s Rob Salvagno said the acquisition will boost security for companies seeking to migrate to the cloud. In fact Cisco is buying rather a lot of cloudy security outfits lately.

It bought Lancope for $452 million, the Portcullis Computer Security for an undisclosed sum, and OpenDNS for $635 million.

 

 

Exclusive poaches Arrow and Computerlinks’s David Ellis

dave-ellis-arrow-formerly-computerlinks-2014-320x320French-based Exclusive Group has poached Arrow executive David Ellis to head up the distributor’s global services.

Exclusive says Ellis will use his experience in supporting new and disruptive technologies to roll out new services offerings for the cybersecurity marke, which probably means the outfit’s cloud services.

Barrie Desmond, COO of Exclusive Group, said that the company was  seeing  more global deals and our ability to support these will add even more value to our vendor and channel partners.

“Global services are a key part of our growth strategy over the next three to five years and Ellis will play a crucial role in achieving this. I’m pleased to welcome him on board and looking forward to working with him for what promises to be an exciting journey ahead.”

Ellis  was a key manager for Arrow in EMEA, responsible for vendor business development and the roll-out of new propositions. Before that, he was director of New Technology and Services at Computerlinks before its acquisition by Arrow. In his 13 years with Computerlinks he built and grew an e-Security offering before assuming responsibility for services, emerging technology and market sectors.

He said that Exclusive has built an enviable reputation for disrupting traditional value-add distribution and I’m really excited to now be part of this.

“In my time within the industry I’ve identified and brought to market a number of new technologies and services, and have seen the cybersecurity market evolve at breakneck speed. I can’t wait to start helping our vendor and channel partners achieve even more value from their relationship with Exclusive Group through new global service offerings.”

 

IT Security budgets increase

BouncerFoxFeatureCompanies have more money to spend on IT security, according to the latest figures from the Institute of Information Security Professionals (IISP)

The outfit has released the findings from its 2016 member survey which reveals 0that for over two thirds of members, information security budgets have increased. Only 15 per cent said that they had stayed the same.

However the report suggests that over 60 percent of respondents felt that budgets were still not keeping pace with the rise in the level of threats. Only seven per cent felt their budgets were rising faster than the level of threat.

Piers Wilson, Director at IISP said that in times of financial pressure or instability as we have seen in recent years, security is often seen as a supporting function or an overhead.

“Security budgets are hard won because they are about protection against future issues, so are a good indication of the state of risk awareness in the wider business community. While it is good news that businesses are increasing investment, it is clear that spending on security is still not at a level that matches the changing threat landscape.”

The survey also found that when it comes to recruitment, there is still a skills shortage but the problem doesn’t just lie in the number of people. Respondents point to a shortfall in the level of skills and experience, making staff training, development and retention crucial to the future of the industry.

The survey shows that there are growing challenges from more types of attack, more sources of threats, greater reliance on increasingly complex IT systems, shortage of effective security staff and a regulatory environment that is both fluid and challenging. However, the heightened awareness of security risks and the impacts of a breach are driving an increase in investment, skills, experience, education and professionalism.

“While there is clearly much more to be done, the results of the IISP Member survey are encouraging,” concludes Piers Wilson.

IT security market worth $170 billion by 2020

BouncerFoxFeatureThe IT security market will be worth $170 billion by 2020, which means growing by $100 billion from now.

India-based firm MarketsandMarkets says the 2020 total includes security technologies like data leak prevention, denial of service attack mitigation, and compliance, along with security services.

“MarketsandMarkets expects the global cyber security market to grow from US$106.32 billion in 2015 to US$170.21 billion by 2020, at a compound annual growth rate of 9.8 percent,” MarketsandMarkets said.

Gartner  said something similar its latest November figures predicted security spend pegged at $75 billion are reckoned be worth $91 billion by the end of the year. Big G said the security industry will be worth some $116 billion by 2019 with security services including consulting, hardware support, and outsourcing adding a further $73 billion by 2019.

Most of the cash appears to be being spend in North America  while significant revenue growth is expected from Latin America and Asia-Pacific regions. The most popular is expected to be managed security services.

 

Security vendor sued for poor security

courtroom_1_lgSecurity resellers will be a bit nervous about the outcome of a court case in the US where an anti-virus software maker has been sued after a casino became infected with malware.

If the case against Trustwave succeeds it could mean that security companies could be sued if they fail to stop serious breaches.

US casino chain Affinity Games is suing Trustwave, a cyber-security vendor that was brought in to investigate a card breach but failed to detect and stop a malware incident on Affinity’s servers, which led to the escalation of a previous card breach.

In October 2013 Affinity Games was notified of fraudulent credit card activity on the bank accounts of numerous victims and it hired Trustwave to sort out what was believed to be malware on its system.

Trustwave was hired to investigate and stop a credit card breach. In January 13, 2014, Trustwave reassured the casino chain that the incident “has been contained” and that a “backdoor component appears to exist within the code base, but was inert.”

Trustwave also said that the malware’s author became aware that he was detected, and stopped all activity on October 16, 2013, also removing and deactivating some of the malware’s components.

In April 2014 the server and the application from where the suspicious activity was coming were previously tested and deemed safe in Trustwave’s report.

On April 19, 2014, Affinity hired another cyber-security investigator, Mandiant, a FireEye subsidiary, to investigate these new findings in depth. It found that the breach thought shut down by Trustwave had continued to be open until April 27, 2014, when Mandiant security experts shut it down.

Affinity says that Trustwave failed to remove the malware it discovered, failed to find all pieces of the malware, and also failed to identify evidence in some logs it looked at.

In its lawsuit, Affinity claims that “Mandiant’s investigation and remediation confirmed that Trustwave’s representations were clearly inaccurate, and its efforts woefully lacking.”

Affinity is looking for damages in excess of $100,000.

Execs go as Kaspersky loses business

40153923-1-kaspersky1Two of Kaspersky Lab’s top US executives have cleaned out their desk after they failed to convince US government officials that not everyone in Russia is a pawn in Tsar Putin’s game.

The company’s leader of its North American operations and the head of a Washington-area office went as it struggles to win US government contracts.

Company Chief Executive Eugene Kaspersky confirmed the changes in an interview with Reuters during a visit to China but claimed the two personnel changes were unrelated.

Kaspersky said the North America head Christopher Doggett had gone to a competitor while Kaspersky “decided to change leadership in DC,” where the two-year-old office pursues work protecting government agencies and critical infrastructure.

Doggett and former Washington-area head Adam Firestone are not saying anything.

But the shakeup comes at a time when Kaspersky says it is hard for non-American security companies to win bids for federal jobs and big US corporate contracts. The Americans were not really loyal to any non-American products and only British companies are treated in the same way as the Americans.

Kaspersky has been the foremost researcher uncovering Western government spyware for the past several years. Earlier this year, it said it had itself been attacked by one of the most sophisticated strains uncovered to date, with an intrusion it hinted came from U.S. ally Israel.

Kaspersky has also come under US. scrutiny for other reasons after claims that it distributed malware samples that were designed to trigger false positives by rival companies, prompting them to isolate legitimate software on users’ computers. Kaspersky denied it.

But the stories apparently drew attention in the White House and intelligence agencies and decreased Kaspersky’s chances of getting significant government contracts.

Security breaches are the kiss of death for companies

wargames-hackerCustomers are walking away from companies who have experienced a data loss due to hacking, according to a new survey.

Data security outfit Gemalto said that more than 64 per cent of consumers surveyed worldwide say they are unlikely to shop or do business again with a company that had experienced a breach where financial information was stolen.

Almost half – 49 per cent – had the same opinion when it came to data breaches where personal information was stolen.

Gemalto surveyed 5,750 consumers in Australia, Brazil, France, Germany, Japan, United Kingdom and United States.

It found that 60 percent of consumers thought that threats to their personal information increases during the festive season, and nearly 20 percent believe that they are likely to be a victim of a breach during the holiday season.

Only a quarter of all respondents feel that companies take the protection and security of customer data very seriously. More than twice as many respondents feel that the responsibility of protecting and securing customer data falls on the company (69 percent) versus the customer (31 percent). Of the employed respondents, only around two fifths (38 percent) feel that their employer takes the protection and security of employee data seriously.

A third of respondents have already been affected by data breach in the past. Around 40 percent were though visiting a fraudulent website (42 percent), phishing attacks (40 percent) or clicking a fraudulent web link (37 percent).

The survey found that customers were getting increasingly impatient with breached companies.

Around a quarter who have been a victim of a data breach, either have, or would, consider taking legal action against the breached company involved in exposing their personal information. Almost half of respondents said they would take or would consider taking legal action against any of the parties involved in exposing their personal information.

Microsoft spends a billion on holistic security

Holistic-Health1-590x400Software king of the world Microsoft has invested a billion dollars to come up with an integrated security approach across its software and services.

According to Dark Reading,  Microsoft has spent the cash coming up with a new “holistic” type of security which apparently does not involve crystals, spangley music or poisons diluted by lots of water.

Vole’s chief information security officer Bret Arsenault wants his company’s strategy to appear in the company’s internal network and across its Windows, Office, and cloud offerings to customers.

To do that Vole will gather threat intelligence from sensors and customers and then uses it for detection, protection, and responding to security events.

Microsoft’s $1 billion in security spending this year includes Microsoft’s “organic” investments and three security firms. These have included behavioural learning and Active Directory security firm Aorato, cloud security firm Adallom, and most recently, data and file protection firm Secure Islands.

Arsenault said that Microsoft had always done a good job in caring about writing secure code and making secure services.

“We needed to do more to protect endpoints and get intelligence from the cloud … so we’re making investments in a number of areas,” he said.

Microsoft Enterprise Cybersecurity Group (ECG), focuses on sales and services in “nothing but cyber defence,” he said. This group will work with Microsoft’s security partners and the Office 365 and Azure teams, too, for example, he said.

ECG will provide security assessments, monitoring, threat detection, and incident response to Microsoft customers.

Microsoft has also opened a state-of-the-art Cyber Defence Operations Centre (CDOC) which co-locates members of the company’s internal security team, Microsoft Security Response Centre, security experts in Azure, Windows, Office 365, security analysts, as well as its Digital Crimes Unit and other groups, for detecting and responding to threats in real-time.

The idea is to have all the different bits of the glorious Volish empire working together to  create security features in Windows 10, Office 365, Azure, and Enterprise Mobility Suite work together to prevent password-related attacks, data loss, and malware.

Symantec pledges itself to the Channel

symantecSymantec talked up its channel plans even if its global sales boss, dubbed a “channel champion” has exited the company.

In a second-quarter conference call Morgan Stanley analyst Keith Weiss said he was concerned about the exit of Adrian Jones as Symantec’s head of global sales. Weiss called Jones a “channel champion”.

Symantec chief executive Mike Brown said Jones’ leaving will not put the brakes on Symantec’s channel momentum.

“The good news is, we have a pretty deep bench of folks with experience with the channel,” he said. “Symantec always have been a channel company. We’ve been a channel company for 30 years.

“So I think those partners who work with us for a long time know that our commitment is unwavering there. And it’s great that we’ve now introduced Secure One, our new channel programme, which now for the first time can be focused on security partners.”

He said that previously Symantec’s channel was previously more geared towards our Veritas business.

Symantec is spinning off its information management arm Veritas on 1 January but the duo split operationally on 3 October.

Veritas unveiled its new partner programme this week and apologised for some technical issues thrown up by the split last month.

Brown insisted when questioned that Jones’ leaving will not put the brakes on Symantec’s channel

“At our October partner event, the feedback was overwhelmingly positive as we laid out our strategy with the launch of Secure One, an enhanced channel partner programme tailored specifically for security-focused channel partners. The new programme consists of training, deal registration, technology support and incentives to drive the results for successful long-term relationships.”

Financial services offer rubbish security

BouncerFoxFeatureKaspersky Lab and B2B International have worked out that a third of financial services don’t offer customers a secure channel for all their online payments.

This is despite the fact that 62 percent of these organisations have noticed a significant rise in their customers making financial transactions online, and 50 per cent believe online financial fraud is increasing.

The survey found that many banks and payment companies are struggling to fully protect themselves and their customers from financial fraud at a time when customers are using an ever-wider range of devices to conduct a growing number of financial transactions online.

Two-thirds say that customers are increasingly using different devices to make online payments, yet just half have implemented two-factor authentication and only a half  have introduced a specialised, real-time anti-fraud solution.  This is despite the fact that 22 percent believe this is the most effective form of protection available.About 42 percent extend such a solution to customer devices and only 67 per cent implement a secure connection for all online payments.

About half admit that they are only mitigating risk rather than removing it altogether and 29 percent say it is cheaper to deal with online financial fraud incidents as they arise rather than to try to prevent them from happening.

Kirill Slavin, general manager UK and Ireland, Kaspersky Lab said that the study shows that banks and payment organisations are finding it difficult to manage online financial fraud in today’s connected, omni-channel consumer landscape.

“About 38 percent of the organisations we spoke to admit that it is increasingly difficult to tell whether a transaction is fraudulent or genuine, with a worrying one in three opting for a ‘we’ll deal with it as it happens’ approach to fraud protection,” he said.

“If you consider that our own research uncovered 22.9 million financial malware attacks in 2014, targeting 2.7 million customers worldwide, it is clear that dealing with each incident individually is not a viable, long-term option. Customers deserve better and so do the financial services,” Slavin said.

The study found that general Internet-security software solutions are not widely regarded as an effective method for preventing the increasingly well-disguised phishing and malware attacks that can lead to financial fraud. Less than ten percent of respondents favoured this option.

The IT Security Risks Survey 2015, conducted by Kaspersky Lab and B2B International, involved more than 5,000 company representatives, including 131 banks’ and payment services’ representatives, from 26 countries.

[That’s enough percents, Nick. Ed.]

Cyber Insurance market to triple

Republic_Fire_Insurance_Company_certificateThe cyber insurance market will triple in size to $7.5 billion in annual premiums by 2020 according to a new consultant’s report.

But PwC said insurance companies would not be laughing all the way to the bank as the insurance industry could face competition from disruptors such as Google.

Insurers and reinsurers are charging high prices for cyber cover and putting a ceiling on potential losses, deterring companies from buying cyber polices, in the report. Some insurers have kept out of the market, wary of the risks.
PwC’s Paul Delbridge said that if the industry takes too long, there is a risk that a disruptor could move in and corner the market by aggressively cutting prices or offering much more favourable terms.

Millennials – people in their 20s and 30s – are more likely to trust brands such as Google than conventional insurers and Google would be very creative.

Technology companies may also be better equipped than insurers to price cyber risk, he added.
Most of the $2.5 billion written in cyber insurance last year was in the United States, where requirements to notify data breaches have focused attention on cyber protection.

But the European Union is expected to follow suit, contributing strongly to growth in cyber insurance, Delbridge said.

Checkpoint puts AV on Intel chip

Israel Checkpoint

Israel Checkpoint

Israeli security outfit Check Point has come up with a way of checking the CPU for unusual activity, which it says, will catch attacks early.

Dubbed SandBlast, the new software monitors CPU activity looking for anomalies that indicate that attackers are using sophisticated methods that would go unnoticed with traditional sandboxing technology.

Nathan Shuchami, head of threat prevention sales for Check Point said that traditional sandboxes, including Check Point’s, determine whether files are legitimate by opening them in a virtual environment to see what they do.  You also have to move the cat to use them effectively.

To get past the sandboxes attackers have devised evasion techniques, such as delaying execution until the sandbox has given up or lying dormant until the machine it’s trying to infect reboots.

SandBlast thwarts the evasion technique called Return Oriented Programming (ROP), which enables running malicious executable code on top of data files despite protection offered by Data Execution Prevention (DEP), a widespread operating system feature whose function is to block executable code from being added to data files.

ROP grabs legitimate code called gadgets and forces the file to create new memory page where malicious shell code can be uploaded to gain execution privileges. This process has the CPU responding to calls that return to addresses different from where they started.

SandBlast’s CPU-level detection engine picks up on this anomaly and blocks it. The engine relies on features of Intel’s Haswell CPU architecture.

It is not cheap. For new customers, the service costs between $3,500 and $30,000 per year per Check Point gateway. The appliances range from $27,000 to $200,000. If you are an existing Check Point customer, the upgrade is free.

BlackBerry shows off its security escape route

Andy-Dufresne-with-arms-wide-openTroubled smartphone maker BlackBerry revealed its cunning plan to escape doom by becoming a security company.

BlackBerry showed off a suite of security products that safeguard everything from medical gear to Hollywood movie scripts.

BlackBerry whose smartphone market share has dwindled, is trying become a little more software-focused. BlackBerry’s Chief Executive John Chen said in an interview just before an event in New York said that he was satisfied with the progress on the turnaround so far.

“I laid out the $500 million software revenue target and I’m still comfortable with that commitment for this fiscal year, it looks good,” he said.

The full turnaround he has been promising could take longer than initially promised. Going by his early timetable, BlackBerry would now be about six months away from seeing real traction from its overhaul.

Chen said he now sees it taking about 12 to 18 months for investors to reap rewards.

Analysts have been sceptical about the company’s ability to steadily and sustainably grow software revenue, even as revenues from its smartphone unit and legacy system access fees decline.

“We’re patiently building the product pipeline and the sales channel,” he said.

“There is still much work to do, I’d love for everything to move faster, but I caution people to be a bit patient because we can’t rebound in a very short period of time, no company can. We are doing all the right things for the long term and the company is out of financial trouble.”

The outfit does have a few problems as it had not set itself up as software delivery company and did not have a decent channel.

BlackBerry’s Chief Operating Officer Marty Beard, adding that measures taken in the last year have improved BlackBerry’s ability to identify and target potential clients.

Vendors skimp on security

Bank CrisisHardware vendors often skimp on providing basic security for products even when it is no real skin off their noses.

Hackers David Byrne and Charles Henderson cited the case of the world’s largest Point of Sale (PoS) systems vendor which has been slapping the same default password (66816) on its gear since 1990.

This has led to 90 per cent of customers are still using the same password. But Byrne and Henderson said that the outfit is not the only borked sales system.

In this case the only expertise required to carry out a hack is to open a panel using a paperclip – something which has been spotted by low paid staff with a grudge.

What is even more ironic is that the open password is being carried across to across to rival vendors as customers who assume their codes are unique switch equipment.

Henderson told the RSA Conference in San Francisco that 166816 is the default password for one of the largest manufacturers of point of sale equipment and has been since at least 1990.

The hackers also slammed nameless vendors for borking cryptography and basic best security practice, splashing the POS badge across their slide decks.

“Vendors claim that running in admin is a requirement but it’s nothing but lies, damn lies. I know why they do it; it’s like Nirvana for them. But if in fact [the PoS system] needs to run as administrator, that’s a good indicator that your vendor doesn’t take security seriously.”

What is strange is that it would not kill the Vensdors to fix the problem. It is not difficult to come up with new passwords for each machine sold, it is just they can’t be bothered.