About 34 percent of U.S. consumers have been notified their data was breached during a cyber attack, according to a survey released Thursday by The Hartford Steam Boiler Inspection and Insurance Company (HSB).
Only about half of the organizations that suffered a ransomware attack in 2017 recovered their data after paying the ransom, according to a CyberEdge Group survey
The research and marketing firm spoke with nearly 1,200 IT security pros in 17 countries about their experiences with cyberattacks last year.
Here are five survey insights.
1. Seventy-seven percent of the organizations surveyed suffered a form of a cyberattack in 2017, which is down from 79 percent in 2016. This marks the first time in five years the percentage of organizations who were hit by a cyberattack declined.
2. Just over half (55 percent) of respondents fell victim to a ransomware infection in 2017, compared to 61 percent in 2016.
3. Of the organizations that suffered a ransomware attack, 38.7 percent of victims decided to pay the ransom demand. However, only 49.4 percent of those organizations actually recovered their data, as opposed to 86.9 percent of organizations that refused to pay the ransom and were able to recover their data.
4. Organizations ranked malware as their top concern, followed ransomware, phishing and credential abuse attack.
5. Cybersecurity-related budgets are expected to account for 12 percent of an organization’s overall IT spend in 2018, which represents a 4.7 percent growth year-over-year.
Click here to download the complete report.
Russia, North Korea and Iran are the main sources of hackers targeting financial institutions, while China is the most active in cyber espionage, the report found.
WASHINGTON: The annual cost of cybercrime has hit $600 billion worldwide, fuelled by growing sophistication of hackers and proliferation of criminal marketplaces and cryptocurrencies, researchers said today.
A report produced by the security firm McAfee with the Centre for Strategic and International Studies found theft of intellectual property represents about one-fourth of the cost of cybercrime in 2017.
Russia, North Korea and Iran are the main sources of hacke ..
The Microsoft Virtual Security Summit is a 3 hour long, virtual event packed with information on protecting your organization in a mobile-first, cloud-first world. Cybersecurity has become a priori…
Microsoft Enterprise Mobility for Every Business and Every Device
Earlier today in San Francisco, Satya spoke about the wide-ranging work Microsoft is doing to deliver a cloud for everyone and every device. Satya’s remarks certainly covered a lot of ground – including big announcements about the availability of Office on the iPad, as well as the release of what we call the Microsoft Enterprise Mobility Suite.
Regarding the Enterprise Mobility Suite (EMS), I want to share some additional details about the upcoming general availability of Azure Active Directory Premium, as well as our latest updates to Windows Intune.
If you haven’t had a chance to read this morning’s post from Satya, I really recommend checking in out here. In the post, Satya talks about the focus of our company being “Mobile First – Cloud First.” I love this focus! The mobile devices that we all use every day (and, honestly, could not live without) were built to consume the cloud, and the cloud is what enables these devices to become such a critical and thoroughly integrated part of our lives.
For years I have emphasized that, as we architect the solutions that help organizations embrace the devices their users want to bring into work (i.e. BYOD), the cloud should be at the core of how we enable this. As I have worked across the industry with numerous customers it is clear that embracing a cloud-based infrastructure for Enterprise Mobility has become the go-to choice for forward-looking organizations around the world who want to maximize their Enterprise Mobility capabilities.
Enterprise Mobility is a big topic – so big, in fact, that it extends beyond mobile device management (MDM) and the need to address BYOD. Now Enterprise Mobility stretches all the way to how to best handle new applications and services (SaaS) coming into the organization. Enterprise Mobility also has to address data protection at the device level, at the app level, and at the data level (via technologies like Rights Management).
With these challenges in mind, we have assembled the EMS to help our customers supercharge their Enterprise Mobility capabilities with the latest cloud services across MDM, MAM, identity/access management, and information protection.
On one point I do want to be very specific: The EMS is the most comprehensive and complete platform for organizations to embrace these mobility and cloud trends. Looking across the industry, other offerings feature only disconnected pieces of what is needed. When you examine what Microsoft has built and what we are delivering, EMS is simply the only solution that has combined all of the capabilities needed to fully enable users in this new, mobile, cloud-enabled world.
Additionally, with Office now available on iPad, and cloud-based MDM from Intune, over time we will deliver integrated management capabilities for Office apps across the mobile platforms.
To see Office in action on an iPad, check out this video:
You can check out Office for iPad product guide here.
The capabilities packaged in the EMS are a giant step beyond simple MDM. The EMS is a people-first approach to identity, devices, apps, and data – and it allows you to actively build upon what you already have in place while proactively empowering your workforce well into the future.
The EMS has three key elements:
- Identity and access management delivered by Azure Active Directory Premium
- MDM and MAM delivered by Windows Intune
- Data protection delivered by Azure AD Rights Management Services
Cloud-based Identity & Access Management
Azure Active Directory (AAD) is a comprehensive, cloud-based identity/access management solution which includes core directory services that already support some of the largest cloud services (including Office 365) with billions of authentications every week. AAD acts as your identity hub in the cloud for single sign-on to Office 365 and hundreds of other cloud services.
Azure AD Premium builds on AAD’s functionality and gives IT a powerful set of capabilities to manage identities and access to the SaaS applications that end-users need.
Azure AD Premium is packed with features that save IT teams time and money, for example:
- It delivers group management and self-service password reset – dramatically cutting the time/cost of helpdesk calls.
- It provides pre-configured single sign on to more than 1,000 popular SaaS applications so IT can easily manage access for users with one set of credentials.
- To improve visibility for IT and security, it includes security reporting to identify and block threats (e.g. anomalous logins) and require multi-factor authentication for users when these abnormalities are detected.
The Azure AD Premium service will be generally available in April. For more info, check out this new post from the Azure team.
Windows Intune is our cloud-based MDM and PC management solution that helps IT enable their employees to be productive on the devices they love.
Since its launch we have regularly delivered updates to this service at a cloud cadence. In October 2013 and January 2014 we added new capabilities like e-mail profile management for iOS, selective wipe, iOS 7 data protection configuration, and remote lock and password reset.
Following up on these new features, in April we will also be adding more Android device management with support for the Samsung KNOX platform, as well as support for the upcoming update to Windows Phone.
Data Protection from the Cloud
Microsoft Azure Rights Management is a powerful and easy-to-use way for organizations to protect their critical information when it is at rest or in transit.
This service is already available today as part of Office 365, and we recently added extended capability for existing on-prem deployments. Azure RMS now supports the connection to on-prem Exchange, SharePoint, and Windows Servers.
In addition to these updates, Azure RMS also offers customers the option to bring their own key to the service, as well as access to logging information by enabling access policy to be embedded into the actual documents being shared. When a document is being shared in this manner, the user’s access rights to the document are validated each time the document is opened. If an employee leaves an organization or if a document is accidentally sent to the wrong individual, the company’s data is protected because there is no way for the recipient to open the file.
Cost Effective Licensing
Now with these three cloud services brought together in the EMS, Microsoft has made it easy and cost effective to acquire the full set of capabilities necessary to manage today’s (and the future’s) enterprise mobility challenges.
As we have built the Enterprise Mobility Suite we also have thought deeply about the need to really simplify how EMS is licensed and acquired. With this in mind, EMS is licensed on a per-user basis. This means that you will not need to count the number of devices in use, or implement policies that would limit the types of devices that can be used.
The Enterprise Mobility Suite offers more capabilities for enabling BYO and SaaS than anyone in the market – and at a fraction of the cost charged elsewhere in the industry.
* * *
This is a major opportunity for IT organizations to take huge leaps forward in their mobility strategy and execution, and Microsoft is committed to supporting every element of this cloud-based, device-based, mobility-centric transformation.
EMS is available to customers via Microsoft’s Enterprise Volume Licensing channels beginning May 1st.
There is so much we want to tell you about the Enterprise Mobility Suite and the innovations we are delivering here. This will be a big topic for us at TechEd North America and it will be a big part of the keynote on May 12. See you there!
Palo Alto Networks has announced that its buying Tel Aviv-based Cyvera for $US200 million, including $US88 million in cash.
The attraction is the Israeli company’s TRAPS (Targeted Remote Attack Prevention System), an endpoint protection system for Windows machines, which PAN will add to its existing firewall and cloud security products.
PAN’s blog post about the acquisition makes the bold claim that Cyvera has “successfully stopped every published zero-day attack since they first began deploying their product”.
Announcing the acquisition, PAN’s CEO Mark McLaughlin tagged endpoint security as a market worth between $US4 billion and $US5 billion.
Details on the operation of Cyvera’s technology are sketchy, but according to the San Jose Mercury News, it impressed PAN’s co-founder Nir Zuk, who said the normal zero-day attack toolkit is “limited to about 20 different techniques … what Cyvera does is basically blocks the bad guys from being able to use those techniques.”
Cyvera’s 55 staff will remain in Israel, and the acquisition is expected to be completed in the second half of the year. ®
Interesting thing about all of this is that we really believe sending any email or text (which is basically simple text) SMTP (simple mail transfer protocol) across multiple networks that we don’t own to servers we don’t own (the internet or cloud) can be secure or not be snooped on. There are lots of tools out there not owned by the intelligence services that can so data capture and intercept any data on a network can be voice, email, anything lots of organisations, countries, and people do this be if for regulatory reasons or personal reasons.
Written on Time. Harry McCracken: 10 Things we Know to Be True About This Microsoft Hotmail Privacy Case: March 22, 2014
Anyway for Microsoft It’s ugly. It’s complicated. And it’s a great opportunity for any webmail provider who isn’t Microsoft
When the news broke on Wednesday that Microsoft had tapped into the e-mail of a Hotmail user who had apparently received stolen software from Alex Kibkalo, a rogue Microsoft employee in Lebanon, I didn’t immediately write about it in this space. It’s a complicated matter, and there’s a lot we don’t know about the details — including the identity of the French blogger who allegedly received the purloined code. (There’s a theory on the web about who the person is, but Microsoft’s criminal complaint doesn’t name a name.)
Still, in the fullness of time, I have come to a few conclusions:
1. You can be sympathetic to Microsoft about the crime apparently committed against it and still deeply unhappy with its response. There are presumably all sorts of questionable, potentially illegal things going on in Outlook.com (the successor to Hotmail) and its competitors. The one sort of case in which we know that Microsoft thinks it’s O.K. for it to spy on your e-mail without a warrant is when you might be stealing its own stuff. It’s a fundamental conflict of interest, and it isn’t completely solved by the company’s new policy which states it’ll seek approval from a former judge before doing this again. (The higher court is still a Microsoft higher court.)
2. Just calling the Hotmail user “a blogger” is misleading. When I hear about a blogger tussling with a giant software company, my instinct, as a journalist, is to side with the blogger. But Microsoft wasn’t just concerned about leaked screenshots showing up online. As the criminal complaint explains, outsider with Windows source code might be able to crack the operating system’s copy protection. The complaint says that this was Kibkalo’s whole idea in leaking the code, and that the blogger admitted to having previously trafficked in Microsoft activation codes on eBay.
3. Calling the person a journalist or reporter is even more misleading. That’s what Techdirt’s Mike Masnick did, even though the case isn’t just about a leaked-screenshot blog, let alone reporting. Microsoft was worried about leaked SDK code enabling piracy of its software. Even if you’re unhappy about the actions the company took, I don’t think this case is about freedom of the press.
4. These guys were idiots. According to the complaint, Kibkalo and the outsider used Microsoft products such as Hotmail, SkyDrive and Windows Live Messenger to steal Microsoft’s software. When it comes to digital espionage, they were a gang that couldn’t shoot straight.
5. We don’t know what Microsoft has done in other instances. It says that these events which we’re discussing were extraordinary, and perhaps they were. But thanks to the court case, they’re the only ones we know about. (The company says that it will henceforth disclose the quantity of such instances and the number of user accounts impacted on a biannual basis, but unless they crop up in the courtroom, we’ll apparently never know the gist of each individual situation.)
6. We really don’t know what other webmail providers have done. Maybe nothing like this has ever happened to a Gmail user or a Yahoo Mail user. Or maybe far more troubling stuff has been going on. Who knows? Not us. (For the record, TechCrunch founder Michael Arrington says that he’s “nearly certain” that Google once dug around in his Gmail account, although his evidence is far from airtight.)
7. I’m not comfortable that I understand the legal situation. If Microsoft had successfully gotten a court order to search the blogger’s Hotmail, most outsiders would likely find its actions to be reasonable. Microsoft says that it’s impossible to get a court order to search your own servers, but the Electronic Frontier Foundation’s Andrew Crocker says that this is not the case. If Crocker is right, then the only appropriate scenario in future situations such as this is Microsoft getting a court order.
8. Once again, “Scroogled” makes Microsoft look bad, not Google. Microsoft has been telling us that the way Google scans for keywords in Gmail e-mails to serve up related ads is an outrageous privacy violation. That automated practice, which affects every Gmail account, has virtually nothing in common with Microsoft’s contention that it’s acceptable to dig into a single Hotmail account to protect the company’s intellectual property. But it craters Microsoft’s ability to be self-righteous and makes the whole “Scroogled” campaign look even sillier and hypocritical than it already did. (Danny Sullivan of Marketing Land has a good post on this.)
9. This creates a fantastic opportunity for somebody. Microsoft says it reserves the right to keep on doing this, albeit under tighter rules. If Google or Yahoo or somebody else declares that it won’t rummage through your mail without court approval, period, that company would make lemonade out of Microsoft’s lemons. I’m not holding my breath, though: So far, other webmail providers haven’t even said they’ll hew to self-imposed restrictions of the sort which Microsoft now says it’ll follow.
10. In a perverse way, Microsoft has done us all a favor. The French blogger didn’t own that Hotmail account; people who use Outlook.com don’t own their accounts. Their stuff is stored on Microsoft property, and when they signed up for the service, they gave the company broad license to intrude upon it. The same is true for countless other online freebies from other companies.
If we become a more cynical bunch based on these events, it’ll be kind of sad — but it’ll also be a more appropriate attitude than blithely treating a web service as if it really belonged to you.
Four years after Google turned on HTTPS by default in Gmail, and less than a year since the Edward Snowden document leaks, Google removes your ability to opt out of encryption.
Google has removed your ability to get out of encrypting your Gmail, the company announced Thursday.
This follows a 2010 decision to make HTTPS the default for Gmail communications, but up until today Google had given users the ability to not use encryption. Four years ago, the company explained the opt-out as necessary because encryption could “make your mail slower.”
“The team has been working hard to mitigate any performance costs, which now puts us in a position where it no longer makes sense to allow HTTP connections,” a Google spokesperson told CNET. “The large majority of users already use HTTPS connections, so this is the final step in the journey.”
Google notes that Gmail messages are encrypted internally, as they move about Google’s servers and data centers, a measure implemented in the wake of the Edward Snowden leaks. The company also boasted about Gmail’s stability, with service available 99.978 percent of the time.
|McAfee in a recent report said enterprises expect to see an increase in attacks aimed at shared resources in any IaaS, PaaS, or SaaS (Infrastructure, Platform, or Software as a Service) cloud environment. Cybercriminal will target cloud-based applications and data repositories such as the ubiquitous hypervisors found in all data centers, the multitenant communications infrastructure implicit in cloud services, and management infrastructure used to provision and monitor large-scale cloud services. The denial-of-service (DoS) attacks will also increase, causing service outages and financial loss to cloud providers.
The future of enterprise security is the analysis of all available data, not just the small subset that is a safety related with conventional approaches. Statistical analysis increases the value of that data. Because it helps to uncover valuable insights that go under otherwise unrecognized in most cases in the mass of raw information.
The statistical analysis is the new security weapon warrior against threats that bypass traditional security detection systems. Companies now understand that abnormal activity patterns hidden in terabytes of machine data generated by users represent the presence of malware or malicious behavior. Splunk App for Enterprise Security allows a statistical analysis of HTTP traffic to help security professionals to determine a baseline of what is normal, quickly detect outliers and use those events as starting points for safety and research analysis.
Symantec has now selected Splunk Enterprise 6 to help bolster its security intelligence Operations. As part of this partnership, Symantec will centralize, monitor and analyze security-related data in Splunk Enterprise to help investigate incidents and detect advanced threats. The security company will also use Splunk software to ensure comprehensive compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS).
Symantec says it is critical that security firm react quickly to identify and respond to any type of threat, especially advanced threats that continue to increase in complexity. The Splunk App for Enterprise is breaking new grounds in the analysis of safety data by applying statistical techniques to the data that often beyond the scope of existing tools.
The big data security application automates the process to observe data anomalies. By monitoring the Splunk App for Enterprise Security proxy data of individual users, the security officer can analyze appropriate usage peaks as overall trend and at the user level. In addition, the app can monitor user agent anomalies in real time and be alerted if questionable threats occurred. The new dashboards in the Splunk App for Enterprise Security help security professionals make this data more actionable.
Last month, Gartner said big data analytics will play a crucial role in detecting crime and security infractions. By 2016, more than 25 percent of global firms will adopt big data analytics for at least one security and fraud detection use case, up from current eight percent. Big data security tools will have an impact that will change most of the product categories in the field of computer security including solutions, network monitoring, authentication and authorization of users, identity management, fraud detection, and systems of governance, risk and compliance.