Author: Tushar Kothari, CEO – If anyone had any doubts about whether the attackers are already inside your networks, then the last week’s events indicate that you must expect that attackers already came in through various back doors. Some notable highlights from industry and government also drive this point home. “Once inside the network, attackers …
Attivo Networks, announced the results of a new research report conducted with Kevin Fiscus of Deceptive Defense, Cyber Deception Reduces Breach Costs & Increases SOC Efficiency. The paper identifies the direct and measurable financial and productivity benefits of deception technology for organizations of all types and sizes. The report reveals that companies utilizing cyber detection …
Users of deception technology report a 12X improvement in the average number of days it takes to detect attackers operating within an enterprise network. New research for Attivo Networks carried out by Enterprise Management Associates suggests attacker dwell times can be as low as 5.5 days with deception in use compared to an average of 78 to 100 days for those not using the technology.
New capabilities on the Attivo Networks ThreatDefend Platform monitor available services on production endpoints and redirect attempted access into a deception environment. Every endpoint on the network becomes a decoy and, when paired with Attivo’s deception lures, locks down an attacker’s ability to break out from the endpoint without getting caught.
As a result, defenders gain visibility into the attacker’s tools, the use of malicious software, and attempted lateral movement, and are able to quickly quarantine infected systems. Creating a deception blanket over the endpoint ensures cybercriminals can’t bypass or avoid detection regardless of the attack method they ultimately choose.
One of the most important, and yet easily overlooked, elements of keeping an organization secure is creating an incident recovery roadmap–also known as an incident recovery plan. As its name implies, this plan provides a course of action to be taken following a security incident. Having been involved in the creation of several such plans over the years, I wanted to pass along some lessons learned.
In the latest episode of the Early Adopter Research (EAR) Podcast, EAR’s Dan Woods spoke with Carolyn Crandall, the chief deception officer of Attivo Networks, while both were at the RSA 2019 Conference. Their conversation covered Woods’ three big cybersecurity questions for the year, and Crandall also explained the position of Attivo Networks in the cybersecurity landscape. They covered…
As cyberattacks get cheaper and easier to implement, more criminals are expected to get into the business. At the same time, continued proliferation of Internet of Things devices is rapidly expanding the available enterprise attack surface, cybersecurity experts say. And in addition to private-sector cybercriminals, nation-states will be stepping up malicious cyber activities. But there are also some positives to look forward to, including better defensive capabilities and generally more focus on security by enterprise IT leaders…
There are more U.S. breach notifications laws than Baskin Robbins ice cream flavors, and the inconsistency of these laws will continue to cause confusion and compliance challenges for companies throughout 2019. We will see an increase in fines levied and potential jail time for those who do not meet the expectation of these measures. States like California, Rhode Island, and Massachusetts have all been very aggressive in their enforcement of these laws, a trend likely to be closely followed throughout the next year. Many organisations struggle with the lack of clarity of breach disclosure definitions and expectations. States that create notification laws that include defined processes will help organisations be better prepared and compliant to disclosure strategies in the event of a breach. This will promote more strategic thought processes for recording and reporting incidents and will reinforce that it is no longer enough to quickly notify on a breach incident, they will also need to accurately identify the full impact of the event. Going forward, organisations will be expected to fully understand how widespread the attack was, how deeply the attacker penetrated, and how to set the right controls in place to prevent their return.”
Equifax has once again bumped up the estimated number of U.S. consumers affected by its massive breach – now saying that data on 147.9 million was somehow exposed.
The company’s interim CEO Paulino do Rego Barros, Jr. said the revelation “is not about newly discovered stolen data” but rather is “about sifting through the previously identified stolen data, analyzing other information in our databases that was not taken by the attackers, and making connections that enabled us to identify additional individuals.”
Barros said the company was taking “broad measures to identify, inform, and protect consumers” impacted by the attack and was “committed to regaining the trust of consumers, improving transparency, and enhancing security” across the Equifax network.
Several US senators are troubled with Uber’s belated reporting of a 2016 data breach and demanding answers.
On Monday, four Republican senators sent a letter to the ride-hailing company, asking for additional details surrounding the breach, which affected 57 million users, but was only disclosed last week.
In the letter, the senators—John Thune, Orrin Hatch, Jerry Moran and Bill Cassidy—called the breach a “serious incident that merits further scrutiny.”
Also today, Democratic Sen. Mark Warner of Virginia sent a separate letter to Uber, which said he had “grave concerns” with how the company handled the breach.
Both letters pointed to media reports, which claim Uber paid the hackers behind the breach $100,000 to stay quiet and delete the stolen data. The ride-hailing company then remained silent on the matter for a whole year until its new CEO, Dara Khosrowshahi, learned of the incident, and decided to make it public.
“Uber’s conduct raises serious questions about the company’s compliance with relevant state and federal regulations,” Warner said.
Most states have laws that demand businesses disclose data breaches when they affect local residents. Why Uber decided to stay mum on the incident isn’t clear, but its previous CEO, Travis Kalanick, was notorious for trying to buck the rules.