tag:blogger.com,1999:blog-35473567818815486482024-03-09T18:46:14.924-08:00Integris Security InsightsPerspectives on: Security ranging from business continuity, information security, physical security, intelligence and related industry fields.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.comBlogger47125tag:blogger.com,1999:blog-3547356781881548648.post-52714897834871414722020-05-17T16:49:00.001-07:002020-05-18T07:46:46.132-07:00Program Maturity - Cyber-security and Operational Risk Maturity <h3>
The Balancing Act</h3>
In reviewing <a href="https://www.linkedin.com/in/josephconcannon/" target="_blank">my LinkedIn</a> notifications I was wonderfully surprised to find an article written by <a href="https://www.linkedin.com/in/gideonrasmussen/" target="_blank">Gideon T. Rasmussen</a>, VCISO topic: <a href="https://securitycurrent.com/program-maturity-cybersecurity-and-operational-risk-management/" target="_blank">Cyber-Security and Operational Risk Maturity</a>. As soon as I saw it I was thinking this is center to our consulting business I better pay attention. So here we go.<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCbFSqSvA0273UcFJYcWOjeOBBAs_AtK0arWiFtvBcQR1qJwI2bBXaCydhUfAGla0LuCPKtTpo5Aowu9FNyV9DttIoj_XCh7OAUjyQOoDhAv_bIALPsakLI3pyIIZCjUdFPZnKdZb39Etu/s1600/weighing+scale.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="187" data-original-width="270" height="138" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCbFSqSvA0273UcFJYcWOjeOBBAs_AtK0arWiFtvBcQR1qJwI2bBXaCydhUfAGla0LuCPKtTpo5Aowu9FNyV9DttIoj_XCh7OAUjyQOoDhAv_bIALPsakLI3pyIIZCjUdFPZnKdZb39Etu/s200/weighing+scale.jpg" width="200" /></a></div>
As <a href="https://www.linkedin.com/in/gideonrasmussen/" target="_blank">Gideon T. Rasmussen</a> comments on leveraging risk I immediately get hooked. How can you even begin to understand your operational and situational awareness with out at first understanding your risk. At <a href="http://www.integrissecurity.com/" target="_blank">Integris Security </a>we advise our clients if not done within the past twelve months get a solid risk assessment done ASAP! This risk assessment can then help you set priorities, establish tactical and strategic budgeting, technology goals and priorities and <u>help you weigh your operational risk</u>. We at Integris believe this will improve the overall maturity of your cyber and operational approach. But let's go on and see what else Rasmussen's nicely laid out article reveals.<br />
<br />
Rasmussen's talks about U.S. Department of Commerce's, <b><a href="http://n.i.s.t./">N.I.S.T.</a> (National Institute for Science and Technology). </b>For a great many of us in the IT security practice <b><a href="http://n.i.s.t./">N.I.S.T.</a></b> for years has been the go to "tool shed"<b> </b>for in-depth building blocks. Their publications can take you from the very beginning of .... What should I do? Where do I start? To a polished well informed presentation. <b><a href="http://n.i.s.t./">N.I.S.T.</a> </b>has a great many publications and they are 100% free.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHuvQo-5T_AeYAORHMQc_VQZHraNRPNoXPGH6yNOozgg9GeE1FW3MpixqNphD2NJRXFdbYL1-DPjt_onaKjWxuzxVhr1BST3pIcZAvtZ96bqmrDAXgBL1bq8aQyEARmPuAv0vJ6Yx4s6Vi/s1600/FFIEC+Cybersecurity+assessment+tool.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="194" data-original-width="259" height="149" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHuvQo-5T_AeYAORHMQc_VQZHraNRPNoXPGH6yNOozgg9GeE1FW3MpixqNphD2NJRXFdbYL1-DPjt_onaKjWxuzxVhr1BST3pIcZAvtZ96bqmrDAXgBL1bq8aQyEARmPuAv0vJ6Yx4s6Vi/s200/FFIEC+Cybersecurity+assessment+tool.jpg" width="200" /></a></div>
The <b><a href="http://f.f.i.e.c./">F.F.I.E.C.</a></b>, also provides great free guidance. The men and women of the Northeast Chapter of the F.F.I.E.C., are your local financial services regulators. You should get to know them, work with them and understand how they are approaching many of the same issues we all are trying to tackle every day. <a href="http://www.integrissecurity.com/" target="_blank">Integris Security</a> highly recommends you review the regulators guidance and find answers to your company's compliance problems. These tools are also 100% free and incredibly useful information.<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
I do take issue with Rasmussen regarding this statement:<br />
<blockquote class="tr_bq">
"<span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">There are no requirements for disaster recovery or business continuity. The card brands do not care if your business goes under, as long as their payment card data is secure</span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">." </span></blockquote>
This is a nit, and can also be style but the point has to be made. Their are literally hundreds of <b><u>best practices</u></b> for disaster recovery and business continuity and they should be put to use, <i>despite the lack of attention</i> <i>by card brands</i> to advise this. Promotion of best practices is something we owe to the industry as a whole in our writings and presentations. Taking on the Card Brands for lack of attention to Rasmussen's <u>legitimate concerns </u>would do better as a separate article, another a day and time in my eyes. We're talking Cyber-Security and Operational Risk Maturity. At <a href="http://www.integrissecurity.com/" target="_blank">Integris Security</a> we push all to stay focused. Good practice is too important to relegate to tomorrow's news. Let's keep it up front and worthy of continual presence and persuasion in our discussions in how to improve cyber-security and operational risk maturity.<br />
<br />
In maturity level II, I love this discussion of controls and it reminds me of <b><a href="http://c.o.b.i.t./">C.O.B.I.T.</a></b>, as well as the many information security joint forums held with <b><a href="https://www.isaca.org/" target="_blank">ISACA</a></b> in years past and their auditor/members. You gotta love the structure that these individual professionals have developed and the principles that they follow. This is a serious group of security professionals and we could all learn allot from them. Rasmussen then lays out the common controls read: <a href="https://www.projectmanagement.com/wikis/233055/Gap-Analysis" target="_blank">GAP analysis</a>, and Risk based deployment of controls, while not much new here he provides a great review. All solid material for a CEO and others within the organization to read and understand when weighing decisions on investment in the security program or cutting the fat off an already lean program. These decisions will not be easy ones for sure.<br />
<br />
<b>My own note here:</b><br />
<br />
<blockquote class="tr_bq">
<b><i>The Cyber-Security and Operational Risk Maturity discussions can not be left alone to the operational business units, departments or divisions of your company. These discussions need to expand and involve audit committee's <u>at the board level</u> and become a fluid ongoing discussions lead by the chair of the audit, technology and other important committees as the board and operational personnel try to achieve a balance of risk Vs reward and continue to build market value for the company's shareholders and investors.</i></b></blockquote>
<div style="text-align: right;">
<a href="https://www.linkedin.com/in/josephconcannon/" target="_blank"> Joseph R. Concannon</a> </div>
<br />
In maturity level III, Risk Management, Rasmussen covers it nicely and I smiled as he stated:<br />
<blockquote class="tr_bq">
<span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">"It is necessary to tailor controls to the organization and to adapt to changes in the threat landscape."</span></blockquote>
Nicely done <a href="https://www.linkedin.com/in/gideonrasmussen/" target="_blank">Gideon T. Rasmussen</a>, these words couldn't be truer. It also reminds me to tell our readers to remember that each organization has its own culture. Some are very risk sensitive and others not so much so. I often use Johnson and Johnson and Martha Steward Living as examples. Two great companies but their approach to security was night and day. Johnson and Johnson a security controls organization (almost war like) and Martha Steward Living a creative design firm. The cultures were completely different at the time of my interview with security personnel. Management of your and the company expectations are very important. Don't get ahead of your skates or you may get caught off balance. Knowing the culture of your organization is key and very important. Now that you have new security and risk management information in hand how do you operationalize it? The best advice is work with your team and leader and try to introduce incremental improvements to improve your organizations overall security/risk posture. This will work to your benefit for the short term tactical business operations as well as long term strategic planning for important improvements.<br />
<br />
Your threat and vulnerability map will be constantly evolving, as targets and priorities come and go. The risk assessment report provides you with items for your to-do list. The report will show best practices and offer a target rich list for you to prioritize. Rasmussen I believe understands this and covers it nicely and provides some bonus points by laying out some bullets for a prospective slide deck to communicate your findings and setting some future objectives.<br />
<br />
The Risk Register is a platform to inform and Rasmussen points this out clearly. Want to know more about your risk? The Risk Register is a place you want to go to identify, define, understand impact, respond, prioritize, and take notes. Its an invaluable tool given to us by the folks from project management.<br />
<br />
Maturity level IV, Strong Risk Management, Rasmussen lays out a <u>ten step program</u>.<br />
<br />
<div>
<br /></div>
<b>Rasmussen says:</b><br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<b>
</b>
<br />
<div>
<blockquote class="tr_bq">
<br style="background-color: white; margin: 0px; padding: 0px;" />
<span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">1. There is appropriate separation of duties in the CISO’s reporting structure, such as reporting to the CEO, Chief Risk Officer or Board of Directors. When the CISO reports to the CIO, it is a conflict of interest </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">2. Cyber-security metrics, KPIs and KRIs feed into an Enterprise Risk Management program. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">3.The CISO provides updates to the Board of Directors or similar executive group. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">4.The cyber-security program maintains controls specific to line of business products, services and assets. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">5. A process management program is in place, to include policy, an inventory and process risk analysis. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">6. A fraud prevention program is in place, to include fraud risk assessments conducted by an independent third party. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">7. An operational risk management function maintains a risk scenarios inventory and conducts quantitative risk analysis. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">8.The organization leverages the Three Lines of Defense Model, with active support from operational management, risk management and compliance functions and internal audit. </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">9. Operational functions and lines of business are required to declare self-identified audit issues, with metrics in place to demonstrate the control environment is improving continuously </span><span style="background-color: white; color: #565656; font-family: "roboto" , "helvetica" , "arial" , "verdana" , sans-serif; font-size: 16px;">10. Incident response and business continuity exercises are conducted annually to include senior executives, lines of business leaders, information technology, legal, public relations and critical suppliers</span></blockquote>
This information is a like having a great <a href="https://www.sans.org/cyber-security-skills-roadmap" target="_blank">cyber-security road map</a>. However, just like any road map their are going to be detours, accidents, potholes and your going to need the awareness, patience and skills to work around it all. If you follow the program laid out by Rasmussen you'll be in a better position to mitigate those great unknowns and navigate your way freely from obstructions.</div>
<div>
<br /></div>
<div>
At <a href="http://www.integrissecurity.com/" target="_blank">Integris Security</a> we say: <b><i>you make it, we make it secure!</i></b> We look forward to having these and many other important discussions with you and really enjoyed our read of <a href="https://www.linkedin.com/in/gideonrasmussen/" target="_blank">Gideon T. Rasmussen's</a> <a href="https://www.linkedin.com/in/gideonrasmussen/" target="_blank">LinkedIn article</a> concerning <a href="https://securitycurrent.com/program-maturity-cybersecurity-and-operational-risk-management/" target="_blank">Program Maturity - Cyber-Security and Operational Risk Maturity</a> and hope that you will too! Their is much to learn and many experiences to endure before we can truly say we're secure.<br />
<br />
<br />
#Cyber-Security #HomelandSecurity #InfraGard #ISSA #ISACA #FFIEC #NIST<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
<br /></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-46156069760898288352020-05-02T20:37:00.001-07:002020-05-02T20:37:20.851-07:00Big Data: Security, Trust and IntegrityIn information security the jewel of all certifications is the <a href="https://www.isc2.org/Certifications/CISSP" target="_blank">CISSP </a>(certified information systems security professional). The certification is your entry key into the top tier cyber security jobs and earned respect of your peers in the industry. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuhEABFtOdfUtBN4NTuaBmF1UO_dayyTaxGAufKtjIsaJsHha6Z2RNWJe9i3XADFYcXMn2PBIzL9BcjLWXNEnEOXPmcsH23TIK86Wb2rDTOt1bVw7MbEHs1MsV-8RuWy5eAl7hFzeXvXjy/s1600/CISSP.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="165" data-original-width="306" height="107" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuhEABFtOdfUtBN4NTuaBmF1UO_dayyTaxGAufKtjIsaJsHha6Z2RNWJe9i3XADFYcXMn2PBIzL9BcjLWXNEnEOXPmcsH23TIK86Wb2rDTOt1bVw7MbEHs1MsV-8RuWy5eAl7hFzeXvXjy/s200/CISSP.jpg" width="200" /></a></div>
The group that hosts the coveted <a href="https://www.isc2.org/Certifications/CISSP" target="_blank">CISSP certification</a> is <a href="https://youtu.be/l9WqhyaDGFo" target="_blank">(ISC)2</a>: the world's leading cyber security professional organization. They actively promote their members and <u>insist you want one our people</u> at the switch if threats of an attack are at your doorstep. <br />
<br />
A great many information security professionals have earned this certification and live up to its standards and for that they are proud card carrying members. I salute them for their achievement. <br />
<br />
One of the most important aspects of the certification in my eyes is the <a href="https://www.isc2.org/Ethics" target="_blank">code of ethics</a>. The code of ethics tells you something about the individual and the organizations they belong to. (ISC)2 spares no dime on its code. The code of ethics is huge and prominent. Honor and duty are fundamental in any cyber security career. The group lays it out like this:<br />
<br />
<ul>
<li>Our code</li>
<li>Code of ethics preamble</li>
<li>Code of ethics canons</li>
</ul>
<div>
We again salute (ISC)2 for their outstanding work. Note well that prominence of the code, its preamble and canons can not replace the responsibility of the issuing organization to aggressively maintain the standards so that they ensure its integrity. The organization owes it to its members to police itself and has a <a href="https://www.isc2.org/Ethics" target="_blank">complaint procedure</a>, <a href="https://www.isc2.org/Ethics" target="_blank">ethics committee</a> and international working group.</div>
<div>
<br /></div>
<div>
As data becomes accessed from hundreds and in some cases thousands of sources we reflect on the role of the information security professional has in the work place and what a pivotal role it is. Untimely and inaccurate intelligence/data can cause food supply shortages, it could run up the price of a barrel of oil and shift geopolitical affairs world wide. The use of <a href="https://www.oracle.com/big-data/what-is-big-data.html#link1" target="_blank">big data</a> and concerns around integrity have never been more critical and important. </div>
<div>
<br /></div>
<div>
The role of the CISSP member becomes exponentially more important and his/her integrity should not come in question, hence the focus on<a href="https://www.oracle.com/big-data/what-is-big-data.html#link1" target="_blank"> "Big Data"</a> in this article. Data can shift global markets, take down thriving economies and strip citizens of their bill of rights so the importance and focus on this topic is both timely with a need to be accurate. As governments and citizens react to <a href="https://www.cdc.gov/coronavirus/2019-ncov/index.html" target="_blank">COVID-19</a> the initial focus was on data driven models which reported that millions were in peril if the US Government did not act quickly. Today we see state governments restricting the movement of its citizens, baring them from accessing their properties (Michigan), removing business and liquor licenses from businesses who refused to comply (Maine) and here in NYC the issuance of one thousand dollar fines if you are found in non compliance - wear your mask, don't get closer than six feet or else! </div>
<div>
<br /></div>
<div>
As time passes we are learning that models are just that models. Accuracy depends on the information you put into models we have learned and if the data is awful so is the model and its outcome. Thus data its custodians and security personnel take heed. I think I made the case, data its timeliness and accuracy is very, very important. The integrity of data custodians, security personnel has never been more acute.</div>
<div>
<br /></div>
<div>
</div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-928121774424801422020-04-27T08:16:00.000-07:002020-04-27T08:17:49.441-07:00Pandemic: Human Resource Help<h3>
</h3>
<h3>
A Resource no one should ignore</h3>
<br />
As some of you will no doubt know I do a lot of networking on LinkedIn. I'm always interested in what's growing, what's moving and how to advance the story of our lives here in America. Many of my professional connections are on LinkedIn and I am thrilled that I can reach into the resource from time to time seek the advice and opinions that they willingly provide.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5c7nWCBRjWMNGh8thkAoaezlIUntv339TYMCnL3ic-TLR8RLvg4Y7toj9rqZaW6m2Ix8hHoJNyNT6MwyRyW5JXzC0vwVOOxukl0EKUXWs8AZXgOCyu3AAq3FKd8VQvkT7XshGDvJUvom0/s1600/LinkedIn.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"></a></div>
<div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5c7nWCBRjWMNGh8thkAoaezlIUntv339TYMCnL3ic-TLR8RLvg4Y7toj9rqZaW6m2Ix8hHoJNyNT6MwyRyW5JXzC0vwVOOxukl0EKUXWs8AZXgOCyu3AAq3FKd8VQvkT7XshGDvJUvom0/s1600/LinkedIn.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="225" data-original-width="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5c7nWCBRjWMNGh8thkAoaezlIUntv339TYMCnL3ic-TLR8RLvg4Y7toj9rqZaW6m2Ix8hHoJNyNT6MwyRyW5JXzC0vwVOOxukl0EKUXWs8AZXgOCyu3AAq3FKd8VQvkT7XshGDvJUvom0/s1600/LinkedIn.png" /></a></div>
<br />
This post is about exposing a resource whose time has come. The need is here and people should pay attention to the depth and breathe of posts. Its about helping others who may really be in a bind due to the downturn (self imposed) of our economy during this pandemic. As we press forward and reopen our economy the endless opportunities will slowly give rise to America's unlimited potential which should be great news for everyone involved.<br />
<br />
In the meantime, Andrew Seaman does a segment on LinkedIn called #Gethired and provides some tremendous resources that I have found to be just terrific and incredibly helpful. Andrew is a great writer and inserts into his posts another resource of LinkedIn called LinkedIn Learning. I have viewed many of the videos and taken a number of these courses and found the quality to be top notch. He quotes experts from the field and links them in his posts for additional value. I call that bonus points. <br />
<br />
A take away from the resume course is in the table I'm inserting below. Within a few minutes you can brighten your day and freshen up that resume with color and relevance. <br />
<br />
<br />
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-yfti-tbllook: 1184;">
<tbody>
<tr style="mso-yfti-firstrow: yes; mso-yfti-irow: 0; mso-yfti-lastrow: yes;">
<td style="border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 116.85pt;" valign="top" width="156"><div style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Keywords</b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 116.85pt;" valign="top" width="156"><div style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Tell a story</b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 116.9pt;" valign="top" width="156"><div style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Contrast/Compare</b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 116.9pt;" valign="top" width="156"><div style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Never give up</b></div>
</td>
</tr>
</tbody></table>
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />
<span style="background-color: white; color: black; display: inline; float: none; font-family: "times new roman"; font-size: 16px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">I was also interested in what LinkedIn was saying on its blog. Yes, if you didn't know it LinkedIn has a blog and this is another terrific resource for all involved. LinkedIn has managed to pull together a great team of individuals on its platform who do one terrific job of communicating. That can not be understated.</span><br />
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />
That's what this post is all about. Take a look at your LinkedIn account and drive some attention to the posts and resources that LinkedIn personnel and contactors have so handsomely put together in one place for your use.<br />
<br />
@andrewseaman #Gethired<br />
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-72731142147122527722020-04-23T07:00:00.001-07:002020-04-25T07:49:42.658-07:00APWG 4th Quarter Report 2019<h2>
Fraud and confidence schemes of the modern day: Phishing</h2>
<h3>
</h3>
<h3>
</h3>
<h3>
</h3>
<h3>
History:</h3>
<div>
Prior to sophisticated electronics and computers, fraudsters or con men found ways with far less technical means to swindle people out of anything of value. Then came the Internet. </div>
<div>
</div>
<div>
Phishing has its roots in the <a href="https://www.bostonglobe.com/ideas/2013/05/18/the-long-weird-history-nigerian-mail-scam/C8bIhwQSVoygYtrlxsJTlJ/story.html" target="_blank">1790's</a>, and more recently 1990's with Vic Commodore computers, <a href="https://www.aol.com/" target="_blank">AOL</a>, credit cards number thefts and the <a href="https://en.wikipedia.org/wiki/Warez_scene" target="_blank">Warez community</a>. "The Warez Scene" as it is known was a group of people specializing in distribution of pirated content dating back to 1975. Phishing attempts were crude in the early days. As phishing became more prominent criminal elements started to get focused: first on selecting specific companies as targets, then focusing on extorting top tier executives and eventually the complete hostage taking of companies technical assets (software, hardware, networks) with the introduction of <a href="https://www.us-cert.gov/Ransomware" target="_blank">ransomware</a>. </div>
<div>
<br /></div>
<div>
The internet just made all of this a lot easier. In 1995 random credit generators existed with the use of algorithms. For a more complete reading see <a href="https://www.sans.org/instructors/ed-skoudis" target="_blank">Ed Skoudis'</a> Malware timeline that tracks the growth of technology, industry and subterfuge. January 2, 1996 the term phishing was for the first time posted on a Usenet group on AOL. By September of 2003 hackers and con men began registering domains of popular companies, by October of 2003 Pay Pal users found malware contained on clickable emails and the <a href="https://www.sans.org/newsletters/newsbites/v/44#500" target="_blank">Minmail Virus</a> was introduced to the public. </div>
<div>
<br /></div>
<div>
2004 produced another first as email solicitations for the U.S. Presidential campaign of John Kerry came in from bogus sites in India and Texas. Phishing was now making its debut in US Presidential campaigns. Fraudsters continued to use phishing in the years following and in its pursuits found <a href="https://en.wikipedia.org/wiki/Phishing#Phishing_techniques" target="_blank">novel ways</a> to leverage the internet like link manipulation, web site cloning, filter evasion, website forgery, covert redirect and much more.</div>
<div>
<br /></div>
<div>
Today APWG provides an annual report for phishing and much of the same rings true about fraud and con men. They find a soft spot and prey on their victim. They are <u>patient</u>, technically smart and hungry for a win while the rest of us are just trying as best as we know how to avoid them at all cost. </div>
<h3>
</h3>
<h3>
</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUtb4xRuZa36_mqXuUgvaSol0Si9hzBaIiCwi3C8cid1n3T5AHZG6d-Mgx9HicBKDZ1rgn0ILa3KFiCmJKFb6X62NS2b7f-qivRJn2Z0Dz8AHw3zQpCZTy41pRz0lRMPxp5vT9AiCWs9Wq/s1600/cyber-security-4497998_1920.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="960" data-original-width="1600" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUtb4xRuZa36_mqXuUgvaSol0Si9hzBaIiCwi3C8cid1n3T5AHZG6d-Mgx9HicBKDZ1rgn0ILa3KFiCmJKFb6X62NS2b7f-qivRJn2Z0Dz8AHw3zQpCZTy41pRz0lRMPxp5vT9AiCWs9Wq/s320/cyber-security-4497998_1920.png" width="320" /></a></div>
<h3>
Who is APWG?</h3>
The APWG is registered as a U.S. based 501(c)6 corporation (a business oriented not for profit) as defined by the the IRS internal revenue code. On its web site APWG states, it is a international coalition <u style="font-weight: bold;">unifying the global response to cybercrime</u> across industry, government, law enforcement and NGO communities.<br />
<br />
APWG.EU the institution's European chapter established in Barcelona in 2013 as a non-profit research foundation incorporated in Spain and managed by an independent board, including APWG founding directors; and the <a href="https://www.stopthinkconnect.org/" target="_blank">STOP. THINK. CONNECT</a>. Messaging Convention, Inc., a US-based non-profit 501(c)3 corporation jointly managed by APWG and Washington, D.C.-based <a href="https://staysafeonline.org/" target="_blank">N.C.S.A</a>..<br />
<br />
<h3>
What is Phishing?</h3>
Phishing as defined by the <a href="https://apwg.org/about-us/" target="_blank">APWG</a> (anti phishing working group) is a crime employing both social engineering and
technical subterfuge to steal consumers’ personal identity
data and financial account credentials. <a href="https://searchsecurity.techtarget.com/definition/social-engineering" target="_blank">Social engineering</a>
schemes prey on unwary victims by fooling them into
believing they are dealing with a trusted, legitimate
party, such as by using deceptive email addresses and
email messages. These are designed to lead consumers
to counterfeit Web sites that trick recipients into
divulging financial data such as usernames and
passwords. Technical subterfuge schemes plant malware
onto computers to steal credentials directly, often using
systems that intercept consumers’ account user names
and passwords or misdirect consumers to counterfeit
Web sites.<br />
<br />
<h3>
What are the numbers?</h3>
<h4>
Thousands of URL's emanating from hundreds of thousands of web sites</h4>
<div>
<a href="https://docs.apwg.org/reports/apwg_trends_report_q4_2019.pdf">https://docs.apwg.org/reports/apwg_trends_report_q4_2019.pdf</a></div>
<div>
<br /></div>
APWG tracks phishing sites which can consist of hundreds if not thousands of URL's all leading to the same attack destination. Web sites reported for Q2 and Q3 2019 represented a larger number of web sites than those reported Q4 for 2019 on a quarter by quarter basis for that year. However a <u>year to date</u> look at Q4 2019 Vs Q4 2018: 162,155 Vs 138,328 respectively represents a 14.694% increase. The summer months of July, August and September 2019 showed the months greatest increase roughly between 80-90 thousand phishing web sites reported per month.<br />
<br />
Greg Aaron, APWG Senior
Research Fellow and President of Illumintel Inc., stated “July though October was the worst period for phishing
that the APWG had seen in three years, and then phishing levels settled back down to more normal
levels.”<br />
<br />
<h4>
In the news: COVID-19</h4>
<div class="MsoNormal">
"Cyber-criminals are already targeting healthcare
organizations—specifically hospitals—with phishing campaigns, ransomware, and
other malicious acts that can adversely impact health information technology,
medical response, and patient safety. As cases of the virus began to increase
in the US, so too did the amount of email-based phishing campaigns referencing
COVID-19." <a href="https://cyber.nj.gov/alerts-advisories/cyber-threats-cybersecurity-for-healthcare-during-covid-19">https://cyber.nj.gov/alerts-advisories/cyber-threats-cybersecurity-for-healthcare-during-covid-19</a>
<br />
<br />
"Threat actors are targeting Small and Midsize Businesses (SMBs) with phishing
emails in an attempt to deliver the Remcos remote access trojan (RAT). Aimed at
SMBs that may be experiencing financial problems from COVID-19 shutdowns, the
threat actor impersonates the US Small Business Administration (US SBA)." <a href="https://cyber.nj.gov/alerts-advisories/threat-actors-target-smbs-using-government-grant-phishing-emails">https://cyber.nj.gov/alerts-advisories/threat-actors-target-smbs-using-government-grant-phishing-emails</a>
<br />
<br />
"After three years, the Zeus Sphinx banking trojan has resurfaced in
coronavirus-themed phishing campaigns containing information on government
relief payments." <a href="https://cyber.nj.gov/alerts-advisories/zeus-sphinx-banking-trojan-and-other-covid-19-financial-relief-phishing-campaigns">https://cyber.nj.gov/alerts-advisories/zeus-sphinx-banking-trojan-and-other-covid-19-financial-relief-phishing-campaigns</a>
<br />
<br />
"Google found there were 149,195 active phishing websites in January. That
number rose by 50 percent in February to 293,235 websites. Now, in March, there
are 522,495—a 350 percent increase since the beginning of the year." <a href="https://www.pcmag.com/news/phishing-attacks-increase-350-percent-amid-covid-19-quarantine">https://www.pcmag.com/news/phishing-attacks-increase-350-percent-amid-covid-19-quarantine</a>
<br />
<br />
"The COVID-19 pandemic has created an environment ripe for fraudulent
activity, with threat actors leveraging fears of the virus to perpetrate a
variety of malicious and criminal exploitation. Observed scams and fraud have
included selling fraudulent personal protective equipment (PPE), hawking fake
cures and tests, spreading disinformation, phishing campaigns, and other
related scams. The Intelligence Bureau (IB) assesses that this activity will
continue, and it will potentially pivot to leverage changing government
responses to the pandemic and shifting needs for supplies. Additionally, the IB
assesses that cyber-enabled crime will also evolve to prey upon the public’s
need to remain updated on the stream of ever-changing COVID-19-related
information and may shift from COVID-19 themed outbreak to recovery
lures." NYPD SHIELD, 04/23/20<o:p></o:p></div>
<div class="MsoNormal">
Attribution: 4/23/20 conference call</div>
<h4>
</h4>
<h4>
</h4>
<h4>
Sectors:</h4>
The <b><u>most targeted sectors for 2019</u></b> was shown as a pie chart as follows:<br />
<br />
<ul>
<li>Saas / web mail 30.80%</li>
<li>Payment card industry 19.80%</li>
<li>Financial institutions 19.40%</li>
<li>Social media 6.80%</li>
<li>E commerce / retail 5.4%</li>
<li>Cloud storage / file hosting 3.4%</li>
<li>Telecom 3.3%</li>
</ul>
<h4>
</h4>
<h4>
Business email compromise campaigns:</h4>
As noted by APWG: In a BEC (Business email compromise) attack, a scammer targets employees who have access to company finances, usually by sending
them email from fake or compromised email accounts (a “spear phishing” attack). The scammer
impersonates a company employee or other trusted party, and tries to trick the employee into sending
money. APWG states attackers could <i><b>prepare for weeks</b></i> for such an attack <u>inside</u> financial systems, personnel systems and other area likely to produce a positive harvest of legitimate looking emails. The BEC attack is said to cost the industry billions of dollars. Wire transfers can be 5 to 20 times larger in the amount of money gained by attackers over gift cards whose amounts are generally much smaller. The use of gift cards is stated to be used as a way of laundering other funds to buy physical goods which can later be sold rather than put them into cryptocurrency exchanges, which is said to be another popular way of laundering money.<br />
<br />
<h4>
Schemes:</h4>
The following is a <u><b>list of schemes</b></u> in priority:<br />
<br />
<ul>
<li>Gift card (<b>click here:</b> <a href="https://support.google.com/googleplay/answer/9057338" target="_blank">Google play cards</a><a href="https://support.google.com/googleplay/answer/9057338" target="_blank"> scheme</a> {most request} decreased but eBay, Target, Best Buy, and Sephora all saw increases) 62%</li>
<li>Direct transfer 22%</li>
<li>Payroll diversion 16%</li>
</ul>
<div>
Taken from a conference call 4/23/20:</div>
<div>
<ul>
<li><a href="https://mashable.com/article/homograph-domain-name-bug/" target="_blank">Domain Name Bug</a></li>
<li><a href="https://krebsonsecurity.com/2018/03/look-alike-domains-and-visual-confusion/" target="_blank">Look A-Like Domains and Confusion</a></li>
<li><a href="https://domainnamewire.com/2020/03/24/verisign-gets-idn-homograph-detection-patent/" target="_blank">Homograph detection patent</a></li>
</ul>
</div>
<h4>
</h4>
<h4>
Analysis:</h4>
<div>
Deception of others and stealing (confidence schemes, con games) is not uncommon, however use of the internet since the 1990's has created miles of new paths to travel for those with criminal intent. Our nation has and is enduring heart-ships heretofore not contemplated (9/11, COVID-19). Duping of unsuspecting victims will continue to happen using these incidents and a great many others to pry money out of the hands of unsuspecting victims. It is said 93% of data breaches are still caused by <u>phishing incidents</u> with the <u>cost</u> estimated at <b>1.6 million dollars</b> for mid sized companies. These incidents will continue for some time to come. Awareness training should continue as a mitigation strategy to reduce the incidents.<br />
<br />
<b>Update 4/23/20: Corporate email </b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/sNuVaVtfick/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/sNuVaVtfick?feature=player_embedded" width="320"></iframe></div>
<br />
Per conference call today 4/23/20 thanks to everyone on the call. We are also reviewing a NYPD Shield report 4/20/20 and when we have a green light will post highlights on this page.</div>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
</h4>
<h4>
Selected Terms:</h4>
<ul>
<li>APWG: Anti Phishing Working Group</li>
</ul>
<ul>
<li>BEC: business email compromise</li>
</ul>
<ul>
<li>SSL: Secure sockets layer, standard security technology for establishing a encrypted link between a server and client (web site)</li>
</ul>
<ul>
<li>Saas: Software as a service</li>
</ul>
<ul>
<li>gTLD: Generic top level domains legacy, such as: .com, .org, .Asia, .biz</li>
</ul>
<ul>
<li>nTLD: New generic top level domains examples: .work, .icu</li>
</ul>
<ul>
<li>ccTLD: Country code domains examples: .UK, .MX</li>
</ul>
<ul>
<li>NCSA: National cyber security alliance</li>
</ul>
<ul>
<li><span style="font-family: inherit;">Spear phishing: email spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information</span></li>
</ul>
<ul>
<li><span style="font-family: inherit;">Whale phishing: is a specific type of phishing attack that targets high-profile employees in order to steal sensitive information from a company </span></li>
<li><span style="font-family: inherit;">Smishing phishing: criminals sending text messages via telephones </span></li>
<li><span style="font-family: inherit;">Viinishing phishing: is an actual telephone conversation </span></li>
<li><span style="font-family: inherit;">Angler phishing: Fake URL's, cloned web sites, social media etc. </span></li>
</ul>
<br />
<br />Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-83275915209717936902020-04-16T14:46:00.003-07:002020-05-07T19:10:24.534-07:00Zooming not so fast....slow down<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<h3>
<span style="font-size: large;">Video Conferencing Software/Weak Security?</span></h3>
<div>
<span style="font-size: large;"><br /></span></div>
<table border="1" cellpadding="0" cellspacing="0" class="MsoTableGrid" style="border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-yfti-tbllook: 1184;">
<tbody>
<tr>
<td style="border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.8pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Never Share Passwords<o:p></o:p></b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.85pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Keep Meeting ID’s Private<o:p></o:p></b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.85pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Make Use of Waiting Rooms<o:p></o:p></b></div>
</td>
</tr>
</tbody></table>
<b><span style="font-size: large;"><br /></span></b>
<span style="font-size: large;"></span>
<b><span style="font-size: large;">Z</span>oom</b>, the video conferencing software maker learned a lot of lessons this past month as a result of legions of new visitors who stopped by and signed up as new customers. The software company <img alt="Zoom updates from the past week" height="400" src="https://blog.zoom.us/wordpress/wp-content/uploads/2020/04/past-week.png" width="376" />literally exploded with new customers during Mid March 2020 as a result of the <b>COVID -19</b>. However a number of <a href="https://www.npr.org/2020/04/03/826129520/a-must-for-millions-zoom-has-a-dark-side-and-an-fbi-warning" target="_blank"><b>security incidents</b></a> started happening and with that a fire hose of commentary poured into their email boxes, security blogs, conference calls and forums. <a href="https://www.schneier.com/blog/archives/2020/04/security_and_pr_1.html" target="_blank"><b>Security professionals came on strong.</b></a> One security practitioner commented that the right out of the box the default settings needed serious review and the general public was at the point of the spear - buyer beware. Waiting rooms, passwords, and many other enhancements all focused on security and reducing risk were heard from all quarters. </div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
To the credit of Zoom, now known as that easy, cheap video conferencing software have made the changes to improve security (change to many of the default settings, like requiring password as a default for all meetings, establishing a waiting room so you can verify participants and sprinkling of the message not to share passwords, etc) and reduce the risks to many of its users. Zoom has taken it on the chin for many in this functional area: "Video Conferencing Brands" while the rest of the pack gets the opportunity to take another look at security. Zoom brought on a <a href="https://www.zdnet.com/article/former-facebook-cso-alex-stamos-to-join-zoom-as-outside-security-consultant/" target="_blank"><b>security professional</b></a> and kinder days seem to be in the future. Zoom also has a HIPAA compliant application separate from what general users get to use. See the photo above for the last known update from Zoom. Zoom is growing and has been sending out improvements as they become available.<br />
<br />
<h3>
Video Conference Software:</h3>
<div>
<table border="1" cellpadding="0" cellspacing="0" class="MsoTableGrid" style="border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-yfti-tbllook: 1184;">
<tbody>
<tr>
<td style="border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.8pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Never Share Passwords<o:p></o:p></b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.85pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Keep Meeting ID’s Private<o:p></o:p></b></div>
</td>
<td style="border-left: none; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt; width: 155.85pt;" valign="top" width="208"><div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<b>Make Use of Waiting Rooms<o:p></o:p></b></div>
</td>
</tr>
</tbody></table>
</div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLgpEiy3K24oAOHPFHjB3sVHEkh3szuT0V_q3iHC-nDCVn39dB_h5I_8ayvdTicGt_qtKU_FM9QefB4rbBidAv4aRPYz2Ow4MvCbnww0Rs4u_9lasIi085hgbJqS-jT3rx9gNbo_oHtpC-/s1600/webinar-5005852_1920.jpg" imageanchor="1" style="clear: left; display: inline !important; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1007" data-original-width="1600" height="201" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLgpEiy3K24oAOHPFHjB3sVHEkh3szuT0V_q3iHC-nDCVn39dB_h5I_8ayvdTicGt_qtKU_FM9QefB4rbBidAv4aRPYz2Ow4MvCbnww0Rs4u_9lasIi085hgbJqS-jT3rx9gNbo_oHtpC-/s320/webinar-5005852_1920.jpg" width="320" /></a><br />
<br />
<br />
Here are some additional products for consideration:<br />
<div class="MsoNormal">
</div>
<ul>
<li><span style="font-family: inherit;">GoToMeeting</span></li>
<li><span style="font-family: inherit;">Webex Teams</span></li>
<li><span style="font-family: inherit;">Skype for business</span></li>
<li><span style="font-family: inherit;">Google Hangouts</span></li>
<li><span style="font-family: inherit;">Join.Me LogMeIn</span></li>
<li><span style="font-family: inherit;">Amazon Chime</span></li>
<li><span style="font-family: inherit;">Microsoft Teams</span></li>
<li>Cisco Webex Meetings</li>
<li><span style="font-family: inherit;">Updox</span></li>
<li><span style="font-family: inherit;">Vsee</span></li>
<li><span style="font-family: inherit;">Zoom for healthcare</span></li>
<li>Spruce health care messenger</li>
<li>Apple Face Time</li>
<li>Doxy.me</li>
<li>Face Book Messenger Chat</li>
<li>Blue Jeans - recently purchased by Verizon</li>
</ul>
Check out each of these products and note well during a declared national emergency many if not all maybe used without compliance penalty. However, after the emergency is over please do use HIPPA compliant software. See shorturl.at/fijHL for future updates at U.S. H.H.S. dot gov.<br />
<br />
<br />
<a href="file:///C:/Users/Josep/Downloads/Conference%20Call%20Security%20Graphic.pdf" target="_blank">NIST - Navigating the Conference Call Security Highway</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0AwYMMD-n1ML9Et7MSb4UJMSRiiuZe-zmgS6Hpl_qfSM_j3_b8R1zjPSBqUlNuYLiTf9vWMjHzBsINMU8O2ElraCbWXMHUK5KZrYNdXxQJ47q1-BVFMKznMs3oa8kViVBW0hEfoV1FbkL/s1600/2020-04-20+%25282%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1507" data-original-width="1233" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0AwYMMD-n1ML9Et7MSb4UJMSRiiuZe-zmgS6Hpl_qfSM_j3_b8R1zjPSBqUlNuYLiTf9vWMjHzBsINMU8O2ElraCbWXMHUK5KZrYNdXxQJ47q1-BVFMKznMs3oa8kViVBW0hEfoV1FbkL/s320/2020-04-20+%25282%2529.png" width="261" /></a></div>
<br /></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br />
Today 4/25/20 I reviewed an article from Dr Eric Cole, Secure Anchor Consulting. These are some of his thoughts:<br />
<br />
<div style="direction: ltr;">
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse; border-color: #A3A3A3; border-style: solid; border-width: 1pt; direction: ltr;" summary="" title="" valign="top">
<tbody>
<tr>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 2.4256in;"><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
Zooming now household
word</div>
</td>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 3.9972in;"><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
Due to pandemic
March/April 2020 video conferencing increases 1000 fold. "Zooming" takes on a life of its own for all brands of video conference calling software.</div>
</td>
</tr>
<tr>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 2.4256in;"><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<span style="background: yellow; font-weight: bold; mso-highlight: yellow;">ZOOM BOMBING:</span> DEFINED</div>
</td>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 4.0305in;"><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
Is where a person
joins into Zoom video conferencing calls <b><u>uninvited</u></b> and either 1.) listens in,
2.) gathers important info to use at a later time or 3.) become disruptive to
your meeting or event.</div>
</td>
</tr>
<tr>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 2.3479in;"><div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
How do you<span style="background: yellow; mso-highlight: yellow;"> protect a Zoom call</span>?</div>
</td>
<td style="border-color: #A3A3A3; border-style: solid; border-width: 1pt; padding: 4pt 4pt 4pt 4pt; vertical-align: top; width: 4.1444in;"><ul style="direction: ltr; margin-bottom: 0in; margin-left: .2194in; margin-top: 0in; unicode-bidi: embed;">
<ol style="direction: ltr; font-family: Calibri; font-size: 11pt; margin-bottom: 0in; margin-left: 0in; margin-top: 0in; unicode-bidi: embed;" type="1">
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;" value="1"><span style="font-size: 11pt;">Remember <u>you
are a target</u>, 2. Cyber security is your business, 3. Make sure your
software is up to date. </span></li>
</ol>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="disc">
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Make sure your computer
operating system is up to date</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Make sure your Zoom app is
up to date and other apps as well</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Make sure you are using
anti-virus software and its up to date</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Do not post Zoom links in
the public eye</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Don't click on links you
don't know</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Setting up meetings:</span></li>
<ul style="direction: ltr; margin-bottom: 0in; margin-left: .375in; margin-top: 0in; unicode-bidi: embed;" type="circle">
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Use strong passwords</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Do not share the meeting
ID</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Use a non obvious meeting
ID</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Use the waiting room
function</span></li>
<li style="margin-bottom: 0; margin-top: 0; vertical-align: middle;"><span style="font-family: "calibri"; font-size: 11.0pt;">Lock the meeting once
everyone is in</span></li>
</ul>
</ul>
</ul>
</td>
</tr>
</tbody></table>
</div>
<br />
<h3>
New Post: 5/5/20</h3>
</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
Jeff Furman my "go to guy" for <a href="https://www.amazon.com/Project-Management-Answer-Book/dp/156726297X" target="_blank">Project management</a> hosts a blog and has some Zoom fun and other suggestions check it out here: <a href="https://www.linkedin.com/pulse/so-your-internet-crashes-middle-zoom-session-what-you-jeff-furman/">https://www.linkedin.com/pulse/so-your-internet-crashes-middle-zoom-session-what-you-jeff-furman/</a></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
Take a peek at the: <a href="https://www.blogger.com/Last%20edit:%20Monday,%204/20/20%201940%20hours" target="_blank">Project Management Answer book</a> click the link.</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<h3 style="margin-left: 1em; margin-right: 1em; text-align: left;">
New Post: 5/7/20 am</h3>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
On a conference call today. Discussion of fat client verses thin client again for VT software (for the young at heart this seems to reoccur every 5-10 years), functionality services were discussed (I think more of what you are used to using drives the most favorite product discussion) and end to end encryption took place. Zoom came up and given that it is slowly improving its security posture some note it is moving into the "pack" of other VT implementations given that it will become less of a pick up and use utility because of security concerns. Those with more security concerns and less functionality can look here: <span style="font-family: "calibri" , sans-serif; font-size: 11.0pt;"><a href="https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.infosecnews.org%2Fnational-security-agency-releases-guide-to-secure-video-conferencing&data=02%7C01%7C%7Ca8b1a75255664d2da31e08d7f28b4491%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637244552285702780&sdata=F8I4lShChloWzxcpdA3PNxVPP5YcKkTUnMLgRBesJ50%3D&reserved=0">https://www.infosecnews.org/national-security-agency-releases-guide-to-secure-video-conferencing</a>
</span></div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />
<h3>
New Post: 5/7/20 pm</h3>
</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
Take a look at this very comprehensive post from Citizen Lab:<br />
<a href="https://citizenlab.ca/2020/04/faq-on-zoom-security-issues/">https://citizenlab.ca/2020/04/faq-on-zoom-security-issues/</a><br />
<br />
Then this video by none other than: Dr Eric Cole<br />
<br />
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<span style="color: #343434; font-family: "Helvetica",sans-serif; font-size: 12.0pt;">A few weeks ago there was a lot in the news about ZOOM Bombing.
So ZOOM took action and set up some default security to 'appease the masses'.
But here's the thing... they did too little, too late AND ZOOM meetings are
still being targeted. <o:p></o:p></span></div>
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<span style="color: #343434; font-family: "Helvetica",sans-serif; font-size: 12.0pt;">It's not over! The adversary is still on the prowl and creating
havoc. <o:p></o:p></span></div>
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<span style="color: #343434; font-family: "Helvetica",sans-serif; font-size: 12.0pt;">I recorded a quick video for you to share with your organization
to help keep the awareness around how to protect against ZOOM Bombing.<o:p></o:p></span></div>
<br />
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<span style="font-family: Helvetica, sans-serif; font-size: 16px;">Dr Coles Tips:</span></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe width="320" height="266" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/_HX9xSi77f8/0.jpg" src="https://www.youtube.com/embed/_HX9xSi77f8?feature=player_embedded" frameborder="0" allowfullscreen></iframe></div>
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<span style="color: #343434; font-family: "Helvetica",sans-serif; font-size: 12.0pt;"><span style="color: #2baadf;"><br /></span></span></div>
<div class="bard-text-block" style="margin-bottom: 9.75pt; margin-left: 0in; margin-right: 0in; margin-top: 9.75pt;">
<br /></div>
</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
#security #cybersecurity @Zoom @NIST #VideoConferenceCalling #VT #DrEricCole #zoombombing</div>
<div style="margin-left: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<br />
Last edit: Monday, 5/5/20 0930 hours<br />
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;">
<br /></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: right;">
</div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-32792627138645130722020-01-05T16:42:00.000-08:002020-04-25T07:51:58.992-07:00Policing in America 2020<h3>
Is it safe to police America's big cities?</h3>
A couple of days ago I borrowed a graphic I found posted on LinkedIn by another retired captain, <b>"Get Out Of Jail Free"</b> card. Those who are familar with the "Monopoly Game" will be familiar with this card from the popular board game. It was funny at first and got a chuckle out of a number of people. I posted the graphic on social media and everyone enjoyed how much this joke seriously reflected real life. <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrnEjUEwZf8CFeFiN8DAddOq5r2blu2s2hV80xr3g2tFdocGG30AZ668TfBBAWsNsJLblvbQxzmXz5KHm5qs3jBE3rA7dOgs-9Xcadi2XbyqsQWF53WcL9V6aG-qpl_G3eblhrP63mH1qo/s1600/Get+Out+Of+Jail+Card.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="746" data-original-width="1280" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrnEjUEwZf8CFeFiN8DAddOq5r2blu2s2hV80xr3g2tFdocGG30AZ668TfBBAWsNsJLblvbQxzmXz5KHm5qs3jBE3rA7dOgs-9Xcadi2XbyqsQWF53WcL9V6aG-qpl_G3eblhrP63mH1qo/s200/Get+Out+Of+Jail+Card.JPG" width="200" /></a></div>
<br />
Yet New York Democrat legislators buoyed by the fact they just won a stinging majority in the NYS Senate, once the bastion of Republicans, gathered in jubilant victory in Albany to show all New Yorkers their radical progressive agenda. You could laugh this off and say we told you so, but each of you needs to feel and hear the pain this causes for your fellow New Yorkers. How New York State releases criminals only to be picked up by Federal authorities later on. How New York State ignores the mental health crisis hitting our streets and how every member of society is at risk because of it. Monsey, NY another example where the home of a jewish rabbi was invaded over the holiday and a very sick, mentally ill man who struck guests with a machete was in the making for years, but <u>largely ignored by the NYS Legislature</u>. How a young boy in park playing basketball is shot and killed and it becomes just another number in the end of year homicide count. How a young Laurelton man would be walking today if only the police enforced the noise code in the 105th Precinct. Instead, a bullet found his spine after the police were rebuffed the first time and second radio run found this Laurelton man laying face down on the ground with a bullet in his back. This victims dilemma was a policy change by the NYC Mayor. Thank you Bill deBlasio. The stories of the innocent and the fallen like Liu, Ramos, Moore, and others goes on and on. They are all are victims of a political system where 75% of the voters couldn't give a damn.<br />
<br />
This all started with Mark Weprin and the <b>Community Safety Act</b>. Few will remember, but it was the moment when then City Councilman Weprin did a 180 on Law Enforcement and voted yes to usher in the progressive wing of the New York City Council. A day some of us will never forget.<br />
<br />
Police Officer Eddie Byrne gave his life for our city which was the turning point for crime control in NYC. Just as New Yorkers reached beyond 2000 murders a year. As one police officer after the next <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGOVM8p-5q5Gjl-EHbTkA6maCTDPC1rpTN0khtW8X5NkJuZXs_kQ8FZ45plTs82V43cLgRx7o2pO0i7lqdzmaOS4L-LYl5oiUUBkXgLykIOzscsJhRqK9-1nzULQRfVoXQKYnSWymbRbBU/s1600/nypd_logo.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="1068" data-original-width="835" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGOVM8p-5q5Gjl-EHbTkA6maCTDPC1rpTN0khtW8X5NkJuZXs_kQ8FZ45plTs82V43cLgRx7o2pO0i7lqdzmaOS4L-LYl5oiUUBkXgLykIOzscsJhRqK9-1nzULQRfVoXQKYnSWymbRbBU/s200/nypd_logo.jpg" width="156" /></a></div>
was cut down in the streets crime, disorder and fear was aggressively addressed. Some of us will never forget. For Cuomo, deBlasio the City Council its the politics of the moment, for the families of the fallen its the story of their lives. Mark Weprin left public service mid term to work for a Law Firm so he could pay for good schools for his children. We wish him and his family well. However, the stain of his time at the NYC Council will be never be forgotten and when New Yorkers tire of the bodies piling up again they too will call upon the NYPD and ask them once again to shoulder the responsibility of bringing crime, disorder and fear under control. The price NYPD will pay for this effort will not come for free and not without more families shattered. <br />
<br />
We vote Republican for many different reasons as individuals. As a club we vote Republican because we understand broken windows works, the responsiblity of not only joining together with the community in unity to make our streets safe but also to hold residents accountable to a standard of behavior which makes us a free people. Please remember voting matters and elections have consequences.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-47604422641159338542018-09-28T06:03:00.002-07:002018-09-28T06:03:31.125-07:00<div class="separator" style="clear: both; text-align: left;">
<b><span style="font-size: large;">FBI ALERT: 9/27/18</span></b></div>
<b></b><span style="font-size: large;"></span><br />
<span style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; display: inline !important; float: none; font-family: "lucida grande",verdana,sans-serif; font-size: 16.46px; font-style: normal; font-variant: normal; font-weight: 600; letter-spacing: normal; orphans: 2; text-align: center; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">I-092718-PSA "<u>RDP Warning needs to be heeded</u>".</span><b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />
<br />
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
Questions regarding this PSA should be directed to your local <b style="text-align: left;">FBI Field Office</b>.</div>
<span style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; display: inline !important; float: none; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;"> </span><br />
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
Local Field Office Locations: <a href="https://www.ic3.gov/egress.aspx?u=http%3a%2f%2fwww.fbi.gov%2fcontact-us%2ffield&h=700C10174DA8E715FAA9E2937F48C0D91FA20372019A6642D5E367C0BD5AEF6D" rel="ext" style="text-align: left;" target="_blank">www.fbi.gov/contact-us/field</a>. </div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
ISSUE: Remote Desktop Protocol has been on the rise since mid-2016 as attack vector</div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
RDP or remote desktop protocol is being exploited by attackers to conduct malicious activity the FBI warns in its <a href="https://www.ic3.gov/media/2018/180927.aspx" target="_blank">public service announcement</a> on September 27th, 2018. Members, clients and others are advised to reach out to your local FBI Office for information concerning this public service announcement. </div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<br /></div>
<div style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; font-family: verdana,arial,helvetica,sans-serif; font-size: 13.33px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">
<b>Definitions:</b> <span style="-webkit-text-stroke-width: 0px; background-color: transparent; color: black; display: inline !important; float: none; font-family: verdana,arial,helvetica,sans-serif; font-size: 12.66px; font-style: normal; font-variant: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: left; text-decoration: none; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px;">Remote Desktop Protocol (RDP) is a proprietary network protocol that allows an individual to control the resources and data of a computer over the Internet. <u>This protocol provides complete control over the desktop of a remote machine by transmitting input such as mouse movements and keystrokes and sending back a graphical user interface</u>. In order for a remote desktop connection to be established, the local and remote machines need to authenticate via a username and password. <b>Cyber actors can infiltrate the connection between the machines and inject malware or ransomware into the remote system</b>. Attacks using the RDP protocol do not require user input, making intrusions difficult to detect.</span></div>
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><b></b><i></i><u></u><sub></sub><sup></sup><strike></strike><br />
<b>Some Suggestions For Protection:</b><br />
<b></b><br />
<ol>
<li>Audit your network for systems using RDP for remote communication</li>
<li>Verify all cloud-based virtual machine instances with a public IP do not have open RDP posts, specifically port 3389, unless there is a valid business reason to do so. Place any system with an open RDP port behind a firewall and require users to use a virtual private network (VPN) to access it through a firewall.</li>
<li>Apply two-factor authentication, where possible</li>
<li>Apply system and software upgrades regularly</li>
<li>Maintain a good back-up strategy</li>
<li>Enable logging and ensure logging mechanisms capture RDP logins. Keep logs for a minimum of 90 days and review them regularly to detect intrusion attempts.</li>
</ol>
<div>
For additional recommendations see the PSA.</div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com1tag:blogger.com,1999:blog-3547356781881548648.post-53999899684942792002018-09-21T13:03:00.002-07:002018-09-21T13:48:20.076-07:00<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQo_tDcL9vxBXoHW7GTuUzlJE2W5VfGRc6Ji4dHEF2SA0jXW7ha-rlEYjz8iirN8KAL6b2eQ5flYJ86K_cColeIcrOGEEa0mZxikM9b6NKtoJF_EzhaOaGJz4KeuGzXoOsUDQ9gW5ds4qO/s1600/IMG_3602.PNG" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="1233" data-original-width="1026" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQo_tDcL9vxBXoHW7GTuUzlJE2W5VfGRc6Ji4dHEF2SA0jXW7ha-rlEYjz8iirN8KAL6b2eQ5flYJ86K_cColeIcrOGEEa0mZxikM9b6NKtoJF_EzhaOaGJz4KeuGzXoOsUDQ9gW5ds4qO/s200/IMG_3602.PNG" width="166" /></a></div>
<a href="http://www.integrissecurity.com/" target="_blank">Integris Security LLC</a> update. <br />
<br />
Good afternoon all. Effective 9-21-18 our web site has been transition and placed back into the public space for all to view. <br />
<br />
We continue to focus on three main industries:<br />
<br />
<div style="text-align: left;">
1. <a href="https://integrissecurity.com/index.php/financial-service/" target="_blank">Financial Services</a></div>
<div>
2. <a href="https://integrissecurity.com/index.php/health-care/" target="_blank">Health Care</a> </div>
<div>
3. <a href="https://integrissecurity.com/index.php/small-medium-business/" target="_blank">Small / Medium Business</a></div>
<div>
<br /></div>
Take a look around. Its new so not too much is in place yet. But we wanted to get it out to our clients, friends and family.<br />
<br />
<h2>
MIRAI BOTNET</h2>
<h3>
Strange bed fellows with U.S. FBI</h3>
The threats and vulnerabilities are coming at industry and government fast and furiously with each new day springing something new. This past week we participated in a conference call re: <a href="https://krebsonsecurity.com/2018/09/mirai-botnet-authors-avoid-jail-time/" target="_blank">Mirai Botnet Authors</a> wherein we learned the <a href="http://www.fbi.gov/" target="_blank">FBI</a> is now working with cyber crooks to learn methods and operations so that the <a href="http://www.fbi.gov/" target="_blank">FBI</a> can be as effective as possible in their national security mission. These cyber crooks can't be trusted was the commonly held belief by all on the call. The <a href="http://www.fbi.gov/" target="_blank">FBI</a> needs to tread carefully when putting these resources to use and carefully balance the national security needs of our nation with common criminals. <br />
<div>
<br /></div>
<div>
Our new <a href="http://www.integrissecurity.com/" target="_blank">web site</a> hosts a number of our services but like most days we focus on what's in front of us and how we maybe of assistance to help our clients. Happy navigating and we hope to make our web site and social media interesting.<br />
<br />
#cybersecurity #integrissecurity #Miraibotnet #smallbusiness #healthcare #financialservices</div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-89663066063941860782018-09-17T13:39:00.001-07:002018-09-18T11:05:11.841-07:00<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjn1zcYnsjW_IKHHa1IRupM6-UPihQW9cLEudfwGXS8qsaMrDUy_pyboWak85ct6tDNJAREM24Ex1PMClc_MKh3fC_or5Q8t7Ombc3-luWgozc1qX5UXxtrEeyNtOSOaM6vAl3h7VlMoy2l/s1600/safe_image+%25282%2529.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="57" data-original-width="155" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjn1zcYnsjW_IKHHa1IRupM6-UPihQW9cLEudfwGXS8qsaMrDUy_pyboWak85ct6tDNJAREM24Ex1PMClc_MKh3fC_or5Q8t7Ombc3-luWgozc1qX5UXxtrEeyNtOSOaM6vAl3h7VlMoy2l/s1600/safe_image+%25282%2529.jpg" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKx5O0n7H_DbpLLbTizXBlptMl6W2r_UNR62pNbEzkc1hyphenhyphenTSzYn-WISzqqbSB6k4rZYPYH3bqp-IPM9vxUDMAGgJfdhhENatTmsyZtXF1clDvTCzulHgy8wYyPwOepDzK9DInJa7vJIC1l/s1600/Target.jpeg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><br /></a></div>
<div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;">
<br /></div>
<div align="left">
<br />
<br />
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKx5O0n7H_DbpLLbTizXBlptMl6W2r_UNR62pNbEzkc1hyphenhyphenTSzYn-WISzqqbSB6k4rZYPYH3bqp-IPM9vxUDMAGgJfdhhENatTmsyZtXF1clDvTCzulHgy8wYyPwOepDzK9DInJa7vJIC1l/s1600/Target.jpeg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="259" data-original-width="195" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKx5O0n7H_DbpLLbTizXBlptMl6W2r_UNR62pNbEzkc1hyphenhyphenTSzYn-WISzqqbSB6k4rZYPYH3bqp-IPM9vxUDMAGgJfdhhENatTmsyZtXF1clDvTCzulHgy8wYyPwOepDzK9DInJa7vJIC1l/s200/Target.jpeg" width="150" /></a></div>
<div align="left">
<b>WELCOME</b><br />
<b></b><br />
Welcome and yes we are back! Our <b><u>target</u></b> is our clients, our prospects, our friends and family in the industry. We are passionate about assessing risk, we run deep in security issues and also like to take some time to laugh as well. We hope each of you enjoy the <a href="http://www.integrissecurity.com/" target="_blank">blog</a> and contribute. <br />
<br />
<a href="https://www.ready.gov/risk-assessment" target="_blank">Risk</a> and <a href="https://focus.forsythe.com/articles/382/How-to-Start-an-IT-Security-Conversation-in-the-Boardroom" target="_blank">security</a> discussions start at the top of every organization. This isn't just jargon. It is serious and when reading our blog you'll keep this in mind as you read along. The CEO is the chief <a href="https://www.ready.gov/risk-assessment" target="_blank">risk</a>/<a href="https://focus.forsythe.com/articles/382/How-to-Start-an-IT-Security-Conversation-in-the-Boardroom" target="_blank">security</a> evangelist for your organization. While we all love to laugh and make light of some things, in earnest we all need to focus when it comes to <a href="https://www.ready.gov/risk-assessment" target="_blank">risk</a> and <a href="https://focus.forsythe.com/articles/382/How-to-Start-an-IT-Security-Conversation-in-the-Boardroom" target="_blank">security</a>. If the CEO isn't talking about <a href="https://www.ready.gov/risk-assessment" target="_blank">risk</a> and <a href="https://focus.forsythe.com/articles/382/How-to-Start-an-IT-Security-Conversation-in-the-Boardroom" target="_blank">security</a> than it just hasn't become a priority for your organization and your board of directors need to bring him/her in and explain the priorities for your organization. We point in earnest to the your audit committee and its chairperson. If things go wrong and they will in even the best organizations the chair of the <a href="https://focus.forsythe.com/articles/382/How-to-Start-an-IT-Security-Conversation-in-the-Boardroom" target="_blank">board of directors audit committee</a> will be the first person interviewed. </div>
<div align="left">
<br /></div>
<div align="left">
If your like us and become aware of an issue, a solution, a best practice or new application and/or free or pay for tools that you just couldn't let slip by let us know. If you'd like to be considered for a guest blog entry keep this is in mind: One focused topic, 400 words tops email us at: info@integrissecurity.com. We know everyone has access to some cool graphics which help understanding the concepts and theories being put forward so choose carefully and send it along. Our focus is to explain issues as simple as possible and to have the graphics bring the point home. The ah ha moment. </div>
<div align="left">
<br />
<b>SOCIAL MEDIA</b><br />
<b><br /></b>
Did someone say social media? In the past we have put our toe in the water with social media. We plan to go full throttle with social media and may even add to our current setup. So on our web site you'll see <a href="https://www.facebook.com/integrissec/" target="_blank">Facebook</a>, <a href="https://www.linkedin.com/company/integris-security/" target="_blank">LinkedIn</a>, <a href="https://twitter.com/integrissec" target="_blank">Twitter</a> and of course this Google+ Blogger Blog. We may expand on this and add You Tube if we think it brings additional value. We think that we need to bring everyone the full impact of the web via our associated media outlets. If you want to be part of this and share your wisdom let us know. Email us: info@integrissecurity.com.</div>
<b></b><br />
Thanks everyone and welcome back.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0New York, NY, USA40.7127753 -74.005972839.9423093 -75.296866299999991 41.483241299999996 -72.7150793tag:blogger.com,1999:blog-3547356781881548648.post-39948459135277527752016-10-21T08:25:00.003-07:002016-10-21T20:57:23.638-07:00Cyber Security Month: Looking for Answers Part II?<br />
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<b>
</b><b>NEW YORK METRO JOINT CYBER SECURITY CONFERENCE</b></div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8UDgXgJcdRxy-dxdGniwGmmoFzHDrm_-r6anI6TzJ1QFH_twjZlWmE9tryJgNLA6sqrPtsgJ4ak9QjaS7gjLsFo3dZJnUF6HbyUPfRt-wMlvaBfljd2V0u-tvy4sMuIyvSCMtiPsz-3lo/s1600/clip_image002.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="108" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8UDgXgJcdRxy-dxdGniwGmmoFzHDrm_-r6anI6TzJ1QFH_twjZlWmE9tryJgNLA6sqrPtsgJ4ak9QjaS7gjLsFo3dZJnUF6HbyUPfRt-wMlvaBfljd2V0u-tvy4sMuIyvSCMtiPsz-3lo/s200/clip_image002.png" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">NY Metro Joint Cyber Security Conference</td></tr>
</tbody></table>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
I recently attended
the Third Annual New York Metro Joint Cyber Security Conference (<a href="http://nymjcsc.org/">http://nymjcsc.org/</a>), held in mid-town
Manhattan.<span style="mso-spacerun: yes;"> </span>Security conferences are now
a dime-a-dozen, but this event is unique in that it is a collaborative effort
developed by a consortium of eight leading security, audit, and risk focused,
NY metropolitan area, not-for-profit professional associations. Each
organization brings its best to the table, creating a rare combination of
expertise and diversity of talent.<span style="mso-spacerun: yes;"> </span><br />
<br /></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin-bottom: 8pt; margin-top: 0pt;">
There
were many informative sessions – some standing room only – but some of the
greatest value was in the interaction with the other professionals.<span style="mso-spacerun: yes;"> </span>For example, in sessions, we learned that
security professionals must adopt the language of Directors to be understood by
a Board.<span style="mso-spacerun: yes;"> </span>The Internet Security Alliance
is even working on metrics for Boards to use in evaluating security risks and
controls.<span style="mso-spacerun: yes;"> </span>But, after all the talk of
security maturity models, cyber risk management frameworks, and “cyber balance
sheets,” CISOs (Chief Information Security Officers) will tell you that Boards
still “just don’t get it” and don’t seem to be that interested.<span style="mso-spacerun: yes;"> </span>Perhaps CISOs as a group aren’t very good at
explaining how greater focus on preventing and mitigating cyber threats is in
the self-interests of very diverse sets of Directors.<span style="mso-spacerun: yes;"> </span>Maybe, despite approaching the problem with
the best of business concepts and lingo, CISOs just don’t have influence with
Directors.<span style="mso-spacerun: yes;"> </span>(As one CISO put it,
“formulas don’t work.<span style="mso-spacerun: yes;"> </span>Relationships
do.”) Or, perhaps it’s because, as one speaker put it, there is not a single
instance of a cyber breach that has been demonstrated to have a <span style="font-style: italic;">material </span>impact on a company.<span style="mso-spacerun: yes;"> </span>In the end, the surprising takeaway may not
be that CISOs are becoming more adept at speaking the language of the Board,
but that some Boards are beginning to listen at all. </div>
<div style="font-family: Calibri; font-size: 11.0pt; margin-bottom: 8pt; margin-top: 0pt;">
This
sold-out event offered excellent, high-quality presentations with plenty of
actionable content. If you weren't able to attend, you can still benefit
from the recordings of many of the sessions. They are available at <a href="http://livestream.com/internetsociety/nymjcsc/">http://livestream.com/internetsociety/nymjcsc/</a><span style="color: black;">. Presentation slides may be found at </span><a href="http://tinyurl.com/z3fz44d">http://tinyurl.com/z3fz44d</a><span style="color: black;">. I would highly recommend reviewing them. </span></div>
<span style="color: black;">And, don't forget to sign up early for next year's
conference. It's one of the best values in information security education
that you'll find anywhere. Follow </span><a href="http://www.nymjcsc.org/">www.nymjcsc.org</a><span style="color: black;"> and
@NYMJCSC for details. </span><br />
<br />
<div style="color: black; font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<span style="font-style: italic;">Phil Froehlich is Chief Operating Officer of Integris
Security and a member (who listens) of the Executive Board of New York Metro
InfraGard. </span></div>
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike>Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-67573419480938105002016-10-21T08:25:00.002-07:002016-10-21T20:55:09.371-07:00Cyber Security Month: Looking for Answers: Part I?<br />
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<b>
</b></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<b>LONG ISLAND BUSINESS NEWS</b></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<a href="http://libn.com/2016/10/06/cyber-attacks-trickle-down-to-smaller-cos/" target="_blank">Long Island BusinessNews’ second annual Cyber Security event</a>, on October 6th 2016 at the Huntington
</div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAjYtwisLu3ShnJy596ZRL2ZNp8g2aGpLwndJfNQGgP76XIDIOaef4s3T-nXKSg8_Zus4MaZohU_VXpufBpZJT2xqFkWGmwkW6fW2XIS52wOclM5tw39_W9REAqZedTKo0k_i2FXgld2d1/s1600/20161006_083505.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjAjYtwisLu3ShnJy596ZRL2ZNp8g2aGpLwndJfNQGgP76XIDIOaef4s3T-nXKSg8_Zus4MaZohU_VXpufBpZJT2xqFkWGmwkW6fW2XIS52wOclM5tw39_W9REAqZedTKo0k_i2FXgld2d1/s200/20161006_083505.jpg" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">LI Business New Cyber Conference</td></tr>
</tbody></table>
Hilton, was once again informative, invigorating and enrolling. With a number
of panelists participating, including both the <a href="http://www.integrissecurity.com/" target="_blank">Integris Security</a> CTO, Blake
Cornell, and <a href="https://zeldin.house.gov/" target="_blank">United States Congressman US District 1, Lee Zeldin</a>, nearly 100
individuals attended the breakfast event.<br />
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
Topics of interest
had included Cyber Terrorism, Business Continuity, Government Legislation,
Small Business Best Practices and other wide ranging topics. Some of the
information shared, information that attendees can use in their day to day
business operations.</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
A goal of Integris
Security CTO, Blake Cornell, was to provide “simple and sound information that
is short and sweet” further stating that “if your employees are untrained then
no amount of technical information will help them understand. You can’t make them
understand but you can help them understand”.</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
</div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<div style="font-family: Calibri; font-size: 11.0pt; margin: 0in;">
Blake Cornell is the CTO of Integris Security LLC.</div>
<div style="color: black; font-family: Calibri; font-size: 11.0pt; margin: 0in;">
<br /></div>
<b></b><i></i><u></u><sub></sub><sup></sup><strike></strike>Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-4012533707184369482016-10-16T20:54:00.000-07:002016-10-21T16:13:28.953-07:00Ransomware: Osterman Research Survey for Malwarebytes<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><div style="text-align: left;">
<a href="https://www.integrissecurity.com/index.php?aboutus=JosephConcannon" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;" target="_blank"><img alt="https://www.integrissecurity.com/index.php?aboutus=JosephConcannon" border="0" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjP5o1wHdITOdspOlaY3b99qsLVMnObEZRtvH3y2gPlJv1kEkN3FsKxS-KTNpp9WUJomNmyPGtjitRRbouM5P5ttEggi3L5yTDSKzhUDKKSJPkg_-1yAtnTBjO8SGGB4Yg7hBX91wRgg-GE/s200/IMG_2000.jpg" title="Integris Security LLC., President" width="200" /></a></div>
</td></tr>
<tr><td class="tr-caption" style="text-align: center;">Joseph Concannon</td></tr>
</tbody></table>
Today I receive a note from a friend who said he had fallen victim to a <a href="http://www.trendmicro.com/vinfo/us/security/definition/ransomware/" target="_blank">Ransomware</a> attack. So I figured its a good time to review some up to date expert research. This review is a product of <a href="http://www.integrissecurity.com/" target="_blank">Integris Security LLC</a> and we gladly share this with the community.<br />
<br />
First, <a href="https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx" target="_blank">Ransomware</a> is a global issue effecting enormous sized companies as well as my local friend. Ransomware is a global threat/problem. We must recognize the size and depth of this issue. A survey was conducted during June of 2016 that included CIO's, CTO's, CISO's and other executives. The survey included 165 corporations in the United States as well as companies from around the world. 39% percent of the companies that were contacted were impacted by a <a href="http://video.foxnews.com/v/4758742944001" target="_blank">ransomware attack</a> in the U.S. alone. This is truly a global problem and issue but let's keep the focus here at home. The report shows the various priorities by country. <br />
<br />
<a href="https://www.fbi.gov/investigate/cyber" target="_blank">The FBI</a> talks about Ransomware as a, "an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them". <a href="http://www.integrissecurity.com/" target="_blank">Integris Security LLC</a> evangelizes through its <a href="https://www.integrissecurity.com/index.php?aboutus=JosephConcannon" target="_blank">President, Joseph Concannon</a> the value of <a href="http://www.iso.org/iso/home/standards/iso31000.htm" target="_blank">Risk Management</a> and the ongoing development of a solid business continuity program. Concannon states: "this isn't a once a year review, this is a daily, weekly, monthly, quarterly and semi-annual program. Risk Management opens the eyes of the Executive Team and Boards of Directors".<br />
<br />
Second, it comes as no surprise that the survey results identified healthcare and financial services industry as the prime target. Each are highly dependent upon <i><a href="http://www.businessdictionary.com/definition/critical-business-function.html" target="_blank">business critical information</a></i> according to <a href="http://ostermanresearch.com/" target="_blank">Osterman Research, Inc.</a>. <a href="https://www.fbi.gov/investigate/cyber" target="_blank">Cyber criminals</a> lay and weight until they find the prime target for an attack; one which they can not recover from due to the lack of ransomware fighting software. In Osterman's survey U.S. companies were most likely to fall victim to a ransomware attack (79% fell victim according to the survey).<br />
<br />
Third, Ransomware ranks the fourth highest security concern for senior executives in the United States as surveyed by Osterman Research, Inc., and more:<br />
<br />
<blockquote class="tr_bq">
U.S. organizations are also more likely to place a high or very high priority on investing in <u><b><i>education and training about ransomware</i></b></u> for their end users; and for investing in resources, technology, and funding to address the ransomware problem. </blockquote>
<br />
<u>Note well:</u> What the Osterman Research reveals is the power play between tenured industry executives and newly appointed CIO's, CISO's, CTO's learning the mine field of budgeting. Where do these technology executives make the push to gain budget for their projects and can they convince business unit managers to join their team? Who pays for training and education and how does that weigh in the balance of getting things done? Here's how its playing out so far:<br />
<div>
<blockquote class="tr_bq">
Somewhat ironically, however, U.S. organizations are also<span style="background-color: yellow;"> the least likely to have implemented</span> any sort of ransomware training for their end users, and are among the most likely to offer only <span style="background-color: yellow;">minimal training</span> when they actually do so. U.S. companies rate Ransomware as a high or extremely high priority, unlike their European counterparts in Germany and the UK or Canada which consider it less of a threat. </blockquote>
Yet the training dollars in the U.S. continue to lag behind. </div>
<br />
The survey that I am reviewing is called, <a href="https://www.malwarebytes.com/pdf/white-papers/UnderstandingTheDepthOfRansomwareIntheUS.pdf?aliId=16879769" target="_blank">"Understanding The Depth of The Global Ransomware Problem"</a> a report promoted by a company called <a href="https://www.malwarebytes.com/" target="_blank">Malwarebytes</a>. <br />
<blockquote class="tr_bq">
The perceived importance of regular, on-premises backups as a ransomware-recovery tool is quite high among U.S. and German organizations, but somewhat lower among the organizations we surveyed in Canada and the United Kingdom. However, Canadian and UK-based organizations were more likely to use regular, cloud-based backups to recover from ransomware. Other capabilities in place to address ransomware included on-premises ransomware-detection solutions (highest penetration in the U.S.), network segmentation (highest in Germany), and air gaps between data stores and the Internet (highest in Canada).</blockquote>
At<a href="http://www.integrissecurity.com/" target="_blank"> Integris Security LLC</a> we point out that <a href="https://www.sans.org/reading-room/whitepapers/hsoffice/design-secure-network-segmentation-approach-1645" target="_blank"><span style="background-color: yellow;">segmentation</span></a><span style="background-color: yellow;"> and </span><a href="https://www.techopedia.com/definition/17037/air-gap" target="_blank"><span style="background-color: yellow;">air gaps</span></a> are important as well as on-premises backups NOT connected to the network you are backing up. Strong passwords that are changed every 90 days. Here are the <a href="https://www.integrissecurity.com/index.php?resources=Top15" target="_blank">top 15 Cyber Security Precautions</a> to follow. Here are some very good tips for enterprise environment security teams to review (<a href="https://www.fbi.gov/investigate/cyber" target="_blank">FBI</a>):<br />
<br />
Here are some tips for dealing with ransomware (primarily aimed at organizations and their employees, but some are also applicable to individual users):<br />
<ul>
<li>Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.</li>
<li>Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).</li>
<li>Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.</li>
<li>Manage the use of<span style="background-color: yellow;"> privileged accounts</span>—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.</li>
<li>Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.</li>
<li>Disable macro scripts from office files transmitted over e-mail.</li>
<li>Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).</li>
<li><span style="background-color: yellow;">Back up data regularly and verify the integrity of those backups regularly.</span></li>
<li><span style="background-color: yellow;">Secure your backups. </span><i><b><span style="background-color: yellow;">Make sure they aren’t connected to the computers and networks they are backing up</span></b></i><span style="background-color: yellow;">.</span></li>
</ul>
<br />
For those at home we strongly recommend backup on <a href="http://www.storagereview.com/kingston_secure_usb_flash_drives_with_eset_usb_30_review" target="_blank">USB stick, or other storage drive</a> with proper security "on board" to assess the devices health each time the device is accessed. Saving important documents to a computer is a thing of the past. Time to think 2016 and the threats that come with the technological age we live in. Store important documents in a safe deposit box (whether in paper or USB or storage drive or other form). If its important, then take the extra security steps.<br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://www.stopthinkconnect.org/" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;" target="_blank"><img alt="https://www.stopthinkconnect.org/" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgw9dhOV2N5yg1Fy0b41wNEG_NRqBiUucmDbBx4shsvpW-lS6dqo_2T-PHHodx__qBOm63DwdLsdFMHypjTDGq-jiriTfVlwjVHu9b61v-BJGniGsWN2vloIntZR6Y4BlgAkq8_RnrQ_T03/s200/CyberAwareness.jpg" width="198" /></a><a href="https://www.blogger.com/"><span id="goog_1754313420"></span>STOP THINK CONNECT<span id="goog_1754313421"></span></a> is the <a href="https://www.dhs.gov/" target="_blank">U.S. Department of Homeland</a> Security Campaign promoted during <a href="https://www.dhs.gov/national-cyber-security-awareness-month" target="_blank">Cyber Security Awareness Month</a> (October each year). However, the evil email attachment continues to lure an seemly endless waterfall of users into the brink. Nothing beats education and awareness in preventing the lost of your computer to a cyber attack. While on the computer remember you are not in your living room. You are in the "Wild West" and everyone's your friend. You wouldn't leave your front door open at night, so don't leave your computer open either. </div>
<div class="separator" style="clear: both; text-align: left;">
<b>Integris Security LLC</b> grew from our passion for protecting our nation’s critical infrastructures and years of providing industry professionals with best of breed solutions, proven best practices and top notch security education. We work tirelessly to nurture our clients’ TRUST. We will work equally diligently to EARN your trust.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-40655681220344543422016-10-06T16:28:00.002-07:002016-10-21T16:05:42.043-07:00LIBN Cyber Security Conference - October 6th, 2016<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT4BmEswXLdiVbN6BQrdc2xTlAoKSpIpesuItqGhzJiatqA5-AbX1MqDUz9Ei_j9arFPDXeX297aygr06WMnW5ERYhtoAfrsqgrjoG_jQOrEKh1_WfRSmnrRAOPw2z6L265M6U_3MujX6A/s1600/20161006_083505.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT4BmEswXLdiVbN6BQrdc2xTlAoKSpIpesuItqGhzJiatqA5-AbX1MqDUz9Ei_j9arFPDXeX297aygr06WMnW5ERYhtoAfrsqgrjoG_jQOrEKh1_WfRSmnrRAOPw2z6L265M6U_3MujX6A/s200/20161006_083505.jpg" width="200" /></a></div>
Today's cyber security conference held by the Long Island Business News at the Huntington Hilton was a huge success. The conference was packed and the panel with headliner U.S. Congressman Lee Zeldin was both informative and far reaching.<br />
<br />
A wide range of cyber security topics included a discussion of the potential federal funding of security awareness strategies like, "If you see something, Say Something". Attendee's suggested a new cyber security awareness strategy like see something be started. Blake Cornell, CTO Integris Security suggest we use, "Think twice before you click twice". The simple message was something that everyone agreed was needed.<br />
<br />
The panel touched upon some key areas and agreed that security awareness training when implemented correctly brings everyone into the company's security strategy and not just the security team. Twenty - thirty employees watching the security posture of a company is better than 3-5 employees from the security team. Chief Security Officers have their hands full and gaining the trust and confidence of all employees to be on the look out makes the CSO's job 100% easier. <br />
<br />
Is it IT or is it Business? A lively discussion broke out concerning the politics, budgeting and organizational culture in which professional security people work in. This environment is not always 100% on board with a strong security posture. General agreement was reached on the theory of security starting from the top down works best. If the boss is concerned about security so is everyone else. The next discussion was about whether it was the business or IT department. Well, this was put to rest quickly. The IT staff and security personnel need to team with business unit managers and ask them to take ownership for what belongs to them and what is enabling their success. The better the integration with business leaders on function and feature of the computer tools used to bring profits to the business, the smoother the discussions will be for improvements to strengthen the security budgets so that the profit center environment is safe and secure. The better everyone will sleep.<br />
<br />
Their are a great many things that people can do to keep the internet secure. Unfortunately their are a great many things which LURE us away from this common sense approach to internet safety. Changing (long with symbols, CAPS, lowercase letters and numbers) passwords every 90 days is driving a positive change for your safety and security on the internet. Writing those passwords down and storing them in a secure place is also a good idea. See more ideas on our web site.<br />
<br />
For a two hour conference this one was packed with information and many new contacts as well. Good job to LIBN and we look forward to next years conference and some of the articles to appear in LIBN which should keep everyone on their toes.<br />
<br />
For additional information on security tips, visit www.integrissecurity.com. we have a full page of tips on our web site.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-59050443145645855922016-09-28T13:58:00.000-07:002016-09-28T13:58:57.234-07:00Information Security in Corporate Valuation<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgah62WtE7JjytG1kREOVkl_vA-z51hHR9k63gjODgAYShGJlM4YsXIntiReumI05o1539Ofxwocq7cThOfvdW8B3vYi4k_lf1oEwNkv7paZ-Nv1HoJ0gRfU36bXcPujmbeJQF9XzWFVJJL/s1600/YahooLogo.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="106" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgah62WtE7JjytG1kREOVkl_vA-z51hHR9k63gjODgAYShGJlM4YsXIntiReumI05o1539Ofxwocq7cThOfvdW8B3vYi4k_lf1oEwNkv7paZ-Nv1HoJ0gRfU36bXcPujmbeJQF9XzWFVJJL/s200/YahooLogo.jpg" width="200" /></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgah62WtE7JjytG1kREOVkl_vA-z51hHR9k63gjODgAYShGJlM4YsXIntiReumI05o1539Ofxwocq7cThOfvdW8B3vYi4k_lf1oEwNkv7paZ-Nv1HoJ0gRfU36bXcPujmbeJQF9XzWFVJJL/s1600/YahooLogo.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgah62WtE7JjytG1kREOVkl_vA-z51hHR9k63gjODgAYShGJlM4YsXIntiReumI05o1539Ofxwocq7cThOfvdW8B3vYi4k_lf1oEwNkv7paZ-Nv1HoJ0gRfU36bXcPujmbeJQF9XzWFVJJL/s1600/YahooLogo.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgah62WtE7JjytG1kREOVkl_vA-z51hHR9k63gjODgAYShGJlM4YsXIntiReumI05o1539Ofxwocq7cThOfvdW8B3vYi4k_lf1oEwNkv7paZ-Nv1HoJ0gRfU36bXcPujmbeJQF9XzWFVJJL/s1600/YahooLogo.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a>What do you look at when considering the corporate valuation of a company? Chief financial officers pour over spreadsheets, public filings and much more to get a temperature so they can inform investors, boards and others in the decision making process. Where is Information security in this discussion? Who is the chairman of the board's audit committee and how comprehensive are the details and reports? How accurate and truthful are these reports and details? Who is the chairman of the technology committee and are his/her reports accurate, timely and reflective of the needs of the company to support the basic operations of the company.</div>
<div style="clear: both; text-align: left;">
Whether your a big box company like Target, credit card processor like Hartland Payment Systems or just one of the largest email giants like YAHOO! these and many other questions have to be answered, accurately, timely and honestly and yes, sometimes even painfully.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
We have all read in the news that VERIZON is on the path to make an offer to Yahoo! with finalization next year and this latest exposure is certainly going to figure large into pricing. Verizon </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZrHlX_ToKZmCZt6Y6nRvV4ubHw2zQ3Bw6haccN3nJWh3Dsc1Gbp4qwz47JSPn36ZvNRAa37kPp-gFmjsj3iFax6glC1cEvuDGjt71iV8Ez0orXNpYPlwQmu1lhsBqeLiTKVHNrUk8JBSi/s1600/VerizonLogo.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZrHlX_ToKZmCZt6Y6nRvV4ubHw2zQ3Bw6haccN3nJWh3Dsc1Gbp4qwz47JSPn36ZvNRAa37kPp-gFmjsj3iFax6glC1cEvuDGjt71iV8Ez0orXNpYPlwQmu1lhsBqeLiTKVHNrUk8JBSi/s200/VerizonLogo.jpg" width="200" /></a></div>
will pay a competitive price, but will not buy based on a hunch. They will skillfully look at every single part of the Yahoo! digital empire and figure out just how much work will be needed to mend the broken system. Information security practice will loom large as the price for Yahoo! could potentially shrink. Information security is going to have to push its way into the board room and profit center discussions. If not the corporate valuation is just not honest and leaves a lot to be desired when looking at the totality of the circumstances concerning corporate valuation. Assessing a computer environment can be a very straight forward business. But what we're seeing are limitations put on security professionals or very narrow scoping of projects which is shaving away a more wholesome look into the entire computer enterprise. This is just a delaying tactic which is putting off the unavoidable. Auditing should be ongoing quarter to quarter, year to year and used in helping to set budgets for the out years. Audit chairs should be apart of the internal profit center discussions and everyone should be mindful of function over feature creep without warranted information security checks prior to implementation. The sales guys are going to have to get involved in security the environment which they play a critical role in.<br />
<br />
Integris Security is your trusted IT Security team that can help you as we provide tailored, high quality security solutions based on industry best practices and our principals combined experience of more than eighty years. Call us for an appointment and free consultation.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com1tag:blogger.com,1999:blog-3547356781881548648.post-66675863487803778732016-06-24T19:50:00.006-07:002016-07-01T13:02:18.614-07:00Drones: Are they on your radar?<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s1600/Drone.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s200/Drone.jpg" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Drones - friend or foe?</td></tr>
</tbody></table>
Early in the computer industry programmers used to write computer code to automate many functions and features. As the years progressed the same code was used for more nefarious purposes. Computer code used for these nefarious purposes is commonly called malware: Viruses, Worms and Trojans. <br />
<br />
Now early in the drone industry we are being teased with visions of Amazon dropping boxes in our rear yard, fast food deliveries arriving with piping hot pizza via a drone and many other examples of how the use of this technology can enhance our lives. The examples are endless.<br />
<br />
However, while drones can in fact do much to enhance our lives the use of drones can also be pointed to more nefarious purposes. Common perimeter defenses can be easily undermined with relatively little effort for the determined attacker. With a few thousand dollars your intellectual property can vanish in seconds. Installation of an onboard camera with pan tilt and zoom could steal your ideas right out of your board room. The drone can do this and more while still being blocks away. As drones mature and their payload capability increases security directors and facility personnel concerns will only increase.<br />
<br />
Integris Security LLC has for years identified both leading and bleeding edge technologies. Today, we have identified a strategy, a technology and method to address not all but some of the issues concerning drones. We would like to set an appointment to speak with you and see if this is on your radar screen. Drones can be managed and can be one less thing that keeps you up at night.<br />
<br />
<b>Press Release:</b>
<br />
<div style="margin: 0in 0in 0pt;">
<a href="http://tinyurl.com/hjwpt54"><span style="color: #0563c1; font-family: "calibri";">http://tinyurl.com/hjwpt54</span></a><br />
<br />
<b>FAA News:</b><br />
<br />
http://thecipherbrief.com/article/exclusive/tech/implications-new-faa-commercial-drone-rules-1092<br />
<br />
<b>Integris Security Web Site 6/25/16:</b><br />
<br />
<div style="margin: 0in 0in 0pt;">
<a href="https://www.integrissecurity.com/index.php?solutions=DroneDefense"><span style="color: #0563c1; font-family: "calibri";">https://www.integrissecurity.com/index.php?solutions=DroneDefense</span></a><br />
<br />
<b>Recent news 7/1/16:</b><br />
<br />
<span style="font-family: "calibri" , sans-serif; font-size: 11.0pt;"><a href="http://www.vocativ.com/334024/prison-smuggling-drones/"><span style="color: #0563c1;">http://www.vocativ.com/334024/prison-smuggling-drones/</span></a></span><br />
<br /></div>
<br />
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-56915025631369732742016-06-24T19:50:00.005-07:002016-06-24T20:04:11.019-07:00Drones: Are they on your radar?<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s1600/Drone.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s200/Drone.jpg" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Drones - friend or foe?</td></tr>
</tbody></table>
Early in the computer industry programmers used to write computer code to automate many functions and features. As the years progressed the same code was used for more nefarious purposes. Computer code used for these nefarious purposes is commonly called malware: Viruses, Worms and Trojans. <br />
<br />
Now early in the drone industry we are being teased with visions of Amazon dropping boxes in our rear yard, fast food deliveries arriving with piping hot pizza via a drone and many other examples of how the use of this technology can enhance our lives. The examples are endless.<br />
<br />
However, while drones can in fact do much to enhance our lives the use of drones can also be pointed to more nefarious purposes. Common perimeter defenses can be easily undermined with relatively little effort for the determined attacker. With a few thousand dollars your intellectual property can vanish in seconds. Installation of an onboard camera with pan tilt and zoom could steal your ideas right out of your board room. The drone can do this and more while still being blocks away. As drones mature and their payload capability increases security directors and facility personnel concerns will only increase.<br />
<br />
Integris Security LLC has for years identified both leading and bleeding edge technologies. Today, we have identified a strategy, a technology and method to address not all but some of the issues concerning drones. We would like to set an appointment to speak with you and see if this is on your radar screen. Drones can be managed and can be one less thing that keeps you up at night.<br />
<br />
Press Release:
<br />
<div style="margin: 0in 0in 0pt;">
<a href="http://tinyurl.com/hjwpt54"><span style="color: #0563c1; font-family: "calibri";">http://tinyurl.com/hjwpt54</span></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-54256923271532426422016-06-24T19:50:00.004-07:002016-07-01T13:13:25.887-07:00Drones: Are they on your radar?<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s1600/Drone.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAnC9AU3BfpA2c8xp_5ByI7mnS3nIG2ctOAIGDTCVUGcL98DgQd9pdvDUeXLmMX7jrd5fIQnQiv_NBPJQc3eQQttgGiHuKfpU4kGw7JTEoWeh_Z1cPT8CJiCI0ukMCjsxSNDKF-dGNgsro/s200/Drone.jpg" width="200" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Drones - friend or foe?</td></tr>
</tbody></table>
Early in the computer industry programmers used to write computer code to automate many functions and features. As the years progressed the same code was used for more nefarious purposes. Computer code used for these nefarious purposes is commonly called malware: Viruses, Worms and Trojans. <b><i>See our updated posts below.</i></b><br />
<br />
Now early in the drone industry we are being teased with visions of Amazon dropping boxes in our rear yard, fast food deliveries arriving with piping hot pizza via a drone and many other examples of how the use of this technology can enhance our lives. The examples are endless.<br />
<br />
However, while drones can in fact do much to enhance our lives the use of drones can also be pointed to more nefarious purposes. Common perimeter defenses can be easily undermined with relatively little effort for the determined attacker. With a few thousand dollars your intellectual property can vanish in seconds. Installation of an onboard camera with pan tilt and zoom could steal your ideas right out of your board room. The drone can do this and more while still being blocks away. As drones mature and their payload capability increases security directors and facility personnel concerns will only increase.<br />
<br />
Integris Security LLC has for years identified both leading and bleeding edge technologies. Today, we have identified a strategy, a technology and method to address not all but some of the issues concerning drones. We would like to set an appointment to speak with you and see if this is on your radar screen. Drones can be managed and can be one less thing that keeps you up at night. <br />
<span style="font-family: "calibri";"><br />
<b>Press Release:</b> <br />
</span><br />
<div style="margin: 0in 0in 0pt;">
<div style="margin: 0in 0in 0pt;">
<span style="font-family: "calibri";"><a href="http://tinyurl.com/hjwpt54"><span style="color: #0563c1; font-family: "calibri";">http://tinyurl.com/hjwpt54</span></a></span><br />
<span style="font-family: "calibri";"><br /></span>
<span style="font-family: "calibri";"><b>FAA News:</b></span><br />
<span style="font-family: "calibri";">http://thecipherbrief.com/article/exclusive/tech/implications-new-faa-commercial-drone-rules-1092</span><br />
<span style="font-family: "calibri";"><br /></span>
<span style="font-family: "calibri";"><b>Integris Security Web Site 6/25/16:</b></span><br />
<span style="font-family: "calibri";"><a href="https://www.integrissecurity.com/index.php?solutions=DroneDefense"><span style="color: #0563c1; font-family: "calibri";">https://www.integrissecurity.com/index.php?solutions=DroneDefense</span></a></span><br />
<div style="margin: 0in 0in 0pt;">
<span style="font-family: "calibri";"><br /></span>
<span style="font-family: "calibri";"><b>Recent news 7/1/16:</b></span><br />
<span style="font-family: "calibri";"><span style="font-family: "calibri" , sans-serif; font-size: 11.0pt;"><a href="http://www.vocativ.com/334024/prison-smuggling-drones/"><span style="color: #0563c1;">http://www.vocativ.com/334024/prison-smuggling-drones/</span></a></span></span></div>
</div>
</div>
<span style="font-family: "calibri";">
</span>
<br />
<div style="margin: 0in 0in 0pt;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-19179548750039616792015-02-09T06:38:00.001-08:002015-02-09T06:44:45.862-08:00Are You A Farmer Maybe A Network Engineer?<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7S_mIcPrapLlzzOV177ltRaMpaXxjUuMUQW_gOcRbrcWPaskLXw0JPPSk_izpADA52UVp8lFQqHQRuFLGft0rlgl_rCkD5gVh-bawUV_1bX-Sg431PfXa2LpHYPeQK-rJeuzqaUIFgkjK/s1600/JohnDeerTractor.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7S_mIcPrapLlzzOV177ltRaMpaXxjUuMUQW_gOcRbrcWPaskLXw0JPPSk_izpADA52UVp8lFQqHQRuFLGft0rlgl_rCkD5gVh-bawUV_1bX-Sg431PfXa2LpHYPeQK-rJeuzqaUIFgkjK/s1600/JohnDeerTractor.jpg" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">John Deer Tractor</td></tr>
</tbody></table>
While I'm not a farmer at hand I have dabbled with backyard gardening tools and have proudly planted and harvested several groupings of tomato plants and boy were they delicious. Did I own the tools, the knowledge and the capability? I thought so...but boy have times changed.<br />
<br />
Today I'm reading a wired article and learning that farmers need to improvise and tinker around just as much as any one else in order to keep important and valuable machinery at work - working. However the article which you can find here: <a href="http://www.wired.com/2015/02/new-high-tech-farm-equipment-nightmare-farmers/">http://www.wired.com/2015/02/new-high-tech-farm-equipment-nightmare-farmers/</a> tells a story which applies much further then a central Illinois corn farmer sitting on top of his combine.<br />
<br />
The story written by Kyle Wiens of Wired brings up a great point. Who really owns it and what does it hold for me, the owner? A farmer in Wiens article spends over a hundred thousand for is top flight John Deer Tractor let's say and at the end of the day the question prevails, who really owns it? You buy a top flight network appliance and we ask you, who really owns it?<br />
<br />
While the seller wants you to buy their state of the art machinery or device, they do not release the software, hardware or for that matter everything inside which makes the machine or network device in the very first place so invaluable. You of course get to ride it sometimes and use it for its intended purpose watch the lights bubble on/off. You even get to clean it and shine it up with wax and polish if so inclined or just dust it off. But if this 100,000 dollar baby decides to shut down or its circuits get glued or jammed up what you own is a 100,000 dollar shinny piece of metal and perhaps a bill for getting it towed off your lot or pulled off your network when it decides to shut down.<br />
<br />
Like so many things today from a John Deer Tractor to a state of the art upstream protection appliance for your network the question prevails who really owns it? The point being that you really need to be reading the fine print upon purchase, understand your operating system, learn about the configuration and understand what the long term consequences would be for owning such a machine or device. In one case after the next we're witnessing not the lack of budget to purchase an upscale machine or network appliance but the long term ongoing problems associated with ownership, such as: maintenance, upgrades, proper configuration, segmentation, alarming and enumeration. <br />
<br />
While I'm not a farmer, things are rapidly changing and we'd better be changing with them or for sure the consequences will lay right in our own laps. Failure to fully understand the value of modern day machinery/network devices, lack of service level agreements or understanding thereof, maintenance contracts whether your a farmer or network engineer machinery breaks down and so do network devices. Of course if they are not setup and configured correctly in the first place you could say you're just throwing money out the window. Times are changing, better be nimble and change with them. Its not just about buying that state of the art "thing" but understanding the long term consequences of ownership can be just as expensive as "Ownership" in the first instance. Buyer beware.Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com1tag:blogger.com,1999:blog-3547356781881548648.post-19432998574048531292015-01-08T21:49:00.001-08:002015-01-08T21:57:07.668-08:00"Support Your Local Police" interview<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="http://nws.mx/1IwF1bA" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;" target="_blank"><img alt="http://nws.mx/1IwF1bA" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipyWNqhdIEs3ML2JUpDX2V2oP7imsU7pP5yyqJBX7MdlWPyefq3mPSsWeZofyDWngIdHdblyMgi3Ypx9R3rQlw3UmJy_je3ztl7I-QdJRI1HV7HreFK0EgWBTKD2o-F6o5oVMGT-jHVP0/s1600/JConcannon_on_Malzberg.jpg" height="221" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Joe Concannon speaks with Steve Malzberg</td></tr>
</tbody></table>
<br />
Integris Security president Joe Concannon was recently on The Steve Malzberg Show on NewsmaxTV. Steve and Joe discussed the series of "Support Your Local Police" rallies that promote unity with the men and women in blue who serve the communities of New York City. Watch it on <a href="http://nws.mx/1IwF1bA" target="_blank">NewsmaxTV</a> (<a href="http://nws.mx/1IwF1bA">http://nws.mx/1IwF1bA</a>).Anonymoushttp://www.blogger.com/profile/06011937205173982075noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-76277919883429647262014-12-18T17:10:00.000-08:002014-12-18T17:17:57.344-08:00Banks: Federal/State RulesNo holiday would be complete with out a stern warning to the banking industry from both state and federal regulators, right? Ho, ho, ho Merry Christmas - can you please assure us that your security controls are in order!<br />
<br />
I was going to review Governor Andrew Cuomo's <a href="http://www.dfs.ny.gov/" target="_blank">Department of Financial Services</a> as it pertained to "new" security regulations for chartered banks in New York State. The Superintendent of the Department of Financial Services initiated a <a href="http://dfs.ny.gov/about/press2014/pr1412101.htm" target="_blank">press release</a> and <a href="http://dfs.ny.gov/banking/bil-2014-10-10_cyber_security.pdf" target="_blank">letter</a> to chartered New York financial institutions. After reviewing the memo I concluded that if all companies implemented the items in the Superintendent's letter, the public and private industries would be in a much better place. <br />
<br />
Then late yesterday the <a href="http://www.ffiec.gov/" target="_blank">FFIEC</a> (federal financial institutions examination council) <a href="http://www.occ.treas.gov/" target="_blank">OCC</a> (Office of the Comptroller of Currency) spokesman Joel Anderson spoke up. Mr Anderson responding in a interview in <a href="http://www.americanbanker.com/" target="_blank">American Banking Magazine</a> stated, "we already do this" and what's going on in New York is nothing new. <br />
<br />
This is what New York DFS said they would look for:<br />
<br />
<strong>New Rules: NYS</strong><br />
<ul>
<li>Corporate governance, including organization and reporting structure for cyber security related issues;</li>
<li>Management of cyber security issues, including the interaction between information security and core business functions, written information security policies and procedures, and the periodic reevaluation of such policies and procedures in light of changing risks;</li>
<li>Resources devoted to information security and overall risk management;</li>
<li>The risks posed by shared infrastructure;</li>
<li>Protections against intrusion including multi-factor or adaptive authentication and server and database configurations;</li>
<li>Information security testing and monitoring, including penetration testing;</li>
<li>Incident detection and response process, including monitoring;</li>
<li>Training of information security professionals as well as all other personnel;</li>
<li>Management of third-party service providers;</li>
<li>Integration of information security into business continuity and disaster recovery policies;</li>
<li>Cyber security insurance coverage and other third party protections</li>
</ul>
These are all things we at<a href="http://www.integrissecurity.com/" target="_blank"> Integris Security</a> does.<br />
<br />
New York State then went on to list more topics which chartered banks in NYS would be expected to furnish. We list them here for your review:<br />
<br />
<blockquote class="tr_bq">
<br />
1. <u> Provide</u> the CV and job description of the current Chief lnformation Security Officer or the individual otherwise responsible for information security, describe that individual's information security training and experience, and identify all reporting lines for that individual, including all committees and managers. In addition, provide an organization chart for your institution's IT and information security functions. <br />
2. <u> Describe</u> the extent to which your institution maintains information security policies and procedures designed to address the information security goals of confidentiality, integrity, and availability. Provide copies of all such information security policies. <br />
3. <u>Describe</u> how data classification is integrated into information risk management policies and procedures. <br />
4. <u>Describe</u> your institution's vulnerability management program as applicable to servers, endpoints, mobile devices, network devices, systems, and applications. <br />
5. <u> Describe</u> the organization's patch management program including how updates, patches, and fixes are obtained and disseminated, whether processes are manual or automated, and how often they occur. <br />
6. <u>Describe</u> identity and access management systems employed by the organization for both internal and external users, including all administrative, logical, and physical controls and whether such controls are preventive, detective, or corrective in nature. <br />
7. <u>Identify and describe</u> the current use of multi-factor authentication for any systems or applications. <br />
8. <u> Describe</u> your institution's due diligence process regarding information security practices that is used in vetting, selecting, and monitoring third-party service providers. <br />
9. <u>Describe</u> all application development standards utilized by the organization, including the use of a secure software development life cycle, and the extent to which security and privacy requirements are assessed and incorporated into the initial phases of the application development process. <br />
10. <u>Provide a copy</u> of, to the extent it exists in writing, or otherwise describe, the organization's incident response program, including how incidents are reported, escalated, and remediated. <br />
11. <u>Describe</u> the extent to which information security is incorporated into the organization's BCP/DR plan, how and how often the BCP/DR is tested, and the results of the most recent test. <br />
12. <u>Describe</u> any significant changes to the institution's IT portfolio over the last 24 months resulting from mergers, acquisitions, or the addition of new business lines. </blockquote>
<br />
<strong>Analysis:</strong><br />
<br />
It is a positive step forward for New York State Department of Financial Services to require its chartered financial institutions to meet minimum guidelines for the security of its information technology processes. These security baselines are critically important not just to financial services institutions but to all public and private entities. Since NYS has published these official rules it should now become the benchmark or de facto standard by which all other organizations are measured against. These rules are appropriate and an outstanding starting point for any one who is not sure where to start.<br />
<br />
The federal government provides an seemingly endless amount of guidance for the protection of information technology assets. The fed's use the <a href="http://www.nist.gov/" target="_blank">NIST</a> framework and numerous NIST publications to assist everyone involved in the security of IT assets. The federal regulators have been the go to professionals in the banking space for establishing standards so its not unusual to hear from Mr. Anderson of OCC or any of the regulators who are apart of the FFIEC. <br />
<br />
What is the news with this New York letter? The federal regulators often calibrate their examinations according asset size. Thus larger institutions receive more intense evaluation then smaller organizations. However, New York has a very specific set of rules in which every institution must be prepared to comply with. This is not a little matter and could have significant cost ramifications. <br />
<br />
Lastly, I have for years heard from administrators, mangers and CISO's who have tried to get budget authority to make the purchases necessary to secure their environments. I am suggesting that security personnel use the NYS standards to present to CFO's as justification for future purchases.<br />
<br />
<a href="http://dfs.ny.gov/about/press2014/pr1412101.htm">http://dfs.ny.gov/about/press2014/pr1412101.htm</a><br />
<br />
<a href="http://dfs.ny.gov/banking/bil-2014-10-10_cyber_security.pdf">http://dfs.ny.gov/banking/bil-2014-10-10_cyber_security.pdf</a><br />
<br />
<a href="http://www.americanbanker.com/news/bank-technology/occ-our-cybersecurity-exams-are-plenty-detailed-too-1071708-1.html">www.americanbanker.com/news/bank-technology/occ-our-cybersecurity-exams-are-plenty-detailed-too-1071708-1.html</a><br />
<br />
<a href="http://www.americanbanker.com/">http://www.americanbanker.com/</a>Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-10282452281790868072014-12-18T05:44:00.001-08:002014-12-18T05:45:14.035-08:00Happy Holiday!<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx1TWCmsl8i_T5IfOEzOEAwda6iTzXrHl34qZcUnewKAIlAASCB6ov1tag5tUA1HvW8S9xKAXI3LVn_QvIiCl6UlMj19hb95nN8XkTw-6datd5OsbzZyA1rimbMlSIWf7F4Xo_-Z6NvSU8/s1600/Christmas-Wreath-Vector-Illustration.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx1TWCmsl8i_T5IfOEzOEAwda6iTzXrHl34qZcUnewKAIlAASCB6ov1tag5tUA1HvW8S9xKAXI3LVn_QvIiCl6UlMj19hb95nN8XkTw-6datd5OsbzZyA1rimbMlSIWf7F4Xo_-Z6NvSU8/s1600/Christmas-Wreath-Vector-Illustration.jpeg" height="320" width="320" /></a></div>
<br />
<br />
Happy Holidays every one and a healthy and happy New Year! <br />
<br />
All the best<br />
<br />
<br />
Joe, Phil and Blake<br />
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-22305019905628915402014-12-03T13:04:00.000-08:002014-12-04T06:36:10.170-08:00The Rear View Mirror<span style="font-family: Calibri;">Typical in the information technology sector everyone is
always focused on what’s next, the latest, hottest new application, the coolest
mobile telephone and of course the work around that just makes life a little
easier.<span style="mso-spacerun: yes;"> </span>Not to be ignored are all those
newly fashioned functions and features. Technology at the speed of life forever
changing our lives for the better, right?<span style="mso-spacerun: yes;">
</span>Forward looking for ever.<o:p></o:p></span><br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdoDTFiEFwt0vKsUHd2w8wR7PkU_MrEMyr90y8t62mPO99aaZxvf-MqtY969LxPD5YcACK6d6eBn5hc397ICEo-ztKtkaP-B4A8WixYp5oeAb7jZZ6vT9PNo2YIesJ2WG33QOUhvq37k9x/s1600/safe_image+(2).jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdoDTFiEFwt0vKsUHd2w8wR7PkU_MrEMyr90y8t62mPO99aaZxvf-MqtY969LxPD5YcACK6d6eBn5hc397ICEo-ztKtkaP-B4A8WixYp5oeAb7jZZ6vT9PNo2YIesJ2WG33QOUhvq37k9x/s1600/safe_image+(2).jpg" /></a><span style="font-family: Calibri;">2014 hopefully has hopefully taught us some very important
lessons that should not be ignored even if we were not directly impacted.<span style="mso-spacerun: yes;"> </span>A look in the rear view mirror can sometimes
be very revealing.<span style="mso-spacerun: yes;"> </span>We are so focused on
what’s coming directly ahead of us that we refuse to see what’s going on right
behind us.<span style="mso-spacerun: yes;"> </span>So for 2014 let me list a
couple of things which could have made this a better year in the security
space.<o:p></o:p></span></div>
<br />
<strong>Network segmentation:</strong> You can’t get there from here should be the mantra, no? Did we learn anything this past year? Network segmentation is the act or profession of splitting a computer network into <a href="http://en.wikipedia.org/wiki/Subnetwork">subnetworks</a>, each being a <a href="http://en.wikipedia.org/wiki/Network_segment">network segment</a> or <a href="http://en.wikipedia.org/wiki/Network_layer">network layer</a>. Advantages of such splitting are primarily for boosting performance and improving security. <a href="http://www.eweek.com/security/slideshows/five-steps-to-pci-dss-compliance.html?utm_medium=email&utm_campaign=EWK_NL_GU_20141203_STR1L1&dni=197826247&rni=25875754" target="_blank">Please review a great eWeek article clicking here.</a><br />
<br />
<strong>Service Level Agreements:</strong> Service agreements are important and a quick web search can be helpful to identify some key questions for developing such important tools for your company. The Outsourcing Center has developed ten key questions for developing effective service level agreements. It’s a solid read and you’ll find plenty of similar research on the web. A service-level agreement (SLA) is a part of a <a href="http://en.wikipedia.org/wiki/Service_contract">service contract</a>[<a href="http://toolserver.org/~dispenser/cgi-bin/dab_solver.py?page=Service-level_agreement&editintro=Template:Disambiguation_needed/editintro&client=Template:Dn">disambiguation needed</a>] where a service is formally defined. Particular aspects of the service - scope, quality, responsibilities - are agreed between the service provider and the service user. A common feature of an SLA is a contracted delivery time (of the service or performance). As an example, <a href="http://en.wikipedia.org/wiki/Internet_service_provider">Internet service providers</a> and <a href="http://en.wikipedia.org/wiki/Telephone_company">telcos</a> will commonly include service level agreements within the terms of their contracts with customers to define the level(s) of service being sold in plain language terms. In this case the SLA will typically have a technical definition in terms of <a href="http://en.wikipedia.org/wiki/MTBF">mean time between failures</a> (MTBF), <a href="http://en.wikipedia.org/wiki/Mean_time_to_repair">mean time to repair</a> or <a href="http://en.wikipedia.org/wiki/Mean_time_to_recovery">mean time to recovery</a> (MTTR); identifying which party is responsible for reporting faults or paying fees; responsibility for various data rates; throughput; <a href="http://en.wikipedia.org/wiki/Jitter">jitter</a>; or similar measurable details. {Attribution: Wikipedia}<br />
<br />
<strong>Too big to fail:</strong> While not at all a technical term your company would do well to heed this warning. <em>No company is too big to fail</em>. No one. In our recent newsletter we talked about the breach of the week. The roadway is littered with companies failing over and over again until everyone in the industry is just tired of hearing of another breach. The breaches become “white noise” a distraction from the good work being performed by many security professionals in the field. Fight complacency, challenge everything and everyone with respect and “ASK Questions”. It won’t make you popular but it will certainly make you a very, very valuable employee. Please read the <em><strong>ARS Technica</strong></em> article <a href="http://arstechnica.com/tech-policy/2014/11/home-depot-hit-with-at-least-44-civil-lawsuits-due-to-data-breach/" target="_blank">HERE</a> because it puts good perspective of what can happen after a breach. <br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR-A1KgvOCIo_vFfTBBf7jc-E3CynyUy-L6XwTawHhiG8CTERbsaYcfir-Z_FFUk5f-Ot9Tiybdct-0l18W0-nDyI7ITVp6vo0YJTioQlFRfyo87xQge3J4505i3JxSB0RnKvRBQErMFmR/s1600/SPC118C_PMI.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR-A1KgvOCIo_vFfTBBf7jc-E3CynyUy-L6XwTawHhiG8CTERbsaYcfir-Z_FFUk5f-Ot9Tiybdct-0l18W0-nDyI7ITVp6vo0YJTioQlFRfyo87xQge3J4505i3JxSB0RnKvRBQErMFmR/s1600/SPC118C_PMI.jpg" /></a><strong>Alarms: </strong> Alarms are invitations that are yelling out, “come investigate me” I’m making noise and need your direct undivided attention. Please don’t ignore alarms. The story goes like this: Hey did you hear that alarm go off? Yeah, I’m getting a cup of coffee – you want anything? Hey, maybe I’ll come with you. Great! How many times do we ignore the obvious? Alarms are put in place for a reason to warn us, right? If the alarms are not configured appropriately and are creating noise, then someone has to go in and make a determination to turn them down and accept the consequences or turn them up and act each time they alert. <br />
<br />
<strong>Egress Filtering:</strong> Is that a freight train of information running out of our company? Egress filtering is protecting what’s going out as well as protecting others from malware coming from inside your own company. In <a href="http://en.wikipedia.org/wiki/Computer_networking">computer networking</a>, egress filtering is the practice of monitoring and potentially restricting the flow of information outbound from one network to another. Typically it is information from a private <a href="http://en.wikipedia.org/wiki/TCP/IP">TCP/IP</a> computer network to the <a href="http://en.wikipedia.org/wiki/Internet">Internet</a> that is controlled. Egress filtering helps ensure that unauthorized or malicious traffic never leaves the internal network. In a corporate network, typical recommendations <a href="http://en.wikipedia.org/wiki/Egress_filtering#cite_note-2">[2]</a><a href="http://en.wikipedia.org/wiki/Egress_filtering#cite_note-3">[3]</a><a href="http://en.wikipedia.org/wiki/Egress_filtering#cite_note-4">[4]</a><a href="http://en.wikipedia.org/wiki/Egress_filtering#cite_note-5">[5]</a> are that all traffic except that emerging from a select set of <a href="http://en.wikipedia.org/wiki/Server_(computing)">servers</a> would be denied egress. Restrictions can further be made such that only select protocols such as <a href="http://en.wikipedia.org/wiki/HTTP">HTTP</a>, <a href="http://en.wikipedia.org/wiki/Email">email</a>, and <a href="http://en.wikipedia.org/wiki/Domain_Name_System">DNS</a> are allowed. User <a href="http://en.wikipedia.org/wiki/Workstations">workstations</a> would then need to be configured either manually or via <a href="http://en.wikipedia.org/wiki/Proxy_auto-config">proxy auto-config</a> to use one of the allowed servers as a <a href="http://en.wikipedia.org/wiki/Proxy_server">proxy</a>. Corporate networks also typically have a limited number of internal <a href="http://en.wikipedia.org/wiki/Subnetwork">address blocks</a> in use. An <a href="http://en.wikipedia.org/wiki/Edge_device">edge device</a> at the boundary between the internal corporate network and external networks (such as the Internet) is used to perform egress checks against packets leaving the internal network, verifying that the source <a href="http://en.wikipedia.org/wiki/IP_address">IP address</a> in all outbound packets is within the range of allocated internal address blocks. The purpose is to prevent computers on the internal network from <a href="http://en.wikipedia.org/wiki/IP_address_spoofing">IP address spoofing</a>. Such "spoofing" is a common technique used in "<a href="http://en.wikipedia.org/wiki/Denial_of_Service">Denial of Service</a>" attacks. {Attribution: Wikipedia}<br />
<br />
<strong>Enumeration:</strong> Thanks to Wikipedia we know that Network enumeration is a computing activity in which <a href="http://en.wikipedia.org/wiki/Username">usernames</a> and info on groups, shares, and services of <a href="http://en.wikipedia.org/wiki/Computer_network">networked computers</a> are retrieved. It should not be confused with <a href="http://en.wikipedia.org/wiki/Network_mapping">network mapping</a>, which only retrieves information about which <a href="http://en.wikipedia.org/wiki/Server_(computing)">servers</a> are connected to a specific network and what <a href="http://en.wikipedia.org/wiki/Operating_system">operating system</a> run on them. Network Enumeration is the discovery of <a href="http://en.wikipedia.org/w/index.php?title=Host_(computing)&action=edit&redlink=1">hosts</a>/devices on a <a href="http://en.wikipedia.org/wiki/Computer_network">network</a>, they tend to use overt discovery protocols such as <a href="http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol">ICMP</a> and <a href="http://en.wikipedia.org/wiki/SNMP">SNMP</a> to gather information, they may also scan various ports on remote hosts for looking for well-known services in an attempt to further identify the function of a remote host. The next stage of enumeration is to <a href="http://en.wikipedia.org/wiki/Fingerprint">fingerprint</a> the <a href="http://en.wikipedia.org/wiki/Operating_System">Operating System</a> of the remote host.<br />
<br />
<div class="MsoNormal" style="margin: 0in 0in 8pt;">
<span style="font-family: Calibri;">We hope that this short laundry list helps each of you.<span style="mso-spacerun: yes;"> </span>We understand the complications of local,
national and global enterprises.<span style="mso-spacerun: yes;"> </span>None of
this is easy, but neither is dealing with the stockholders and the media if
your company falls victim to a breach or other such incident.<o:p></o:p></span></div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-25723856075212728222014-12-02T19:57:00.000-08:002014-12-02T19:57:08.875-08:00Ten Mistakes that Boards Make<span style="font-style: italic;"></span><br />
<span style="font-style: italic;">Too often we are learning of executive level errors or omissions which cause massive breaches to the data or PI of millions of citizens. Here's the "Ten Mistakes That Board Make".</span><br />
<span style="font-style: italic;"></span><br />
<span style="font-style: italic;"> 1. Not
Asking Questions</span><br />
<span style="font-style: italic;"></span><br />
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">2.
Failing to Understand the Company and the Risks it Faces</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">3.
Failing to Lead on Ethics and Compliance</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">4. Not
Insisting on a Crisis-Management Plan</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">5.
Speaking out in a Crisis Before the Facts are in</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">6.
Relying on the Wrong Outside Counsel</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">7.
Failing to Understand Attorney-Client Privilege</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">8.
Underestimating Regulators</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">9. Giving
too Much Leeway to Rainmakers</span></div>
<div style="color: black; font-family: Georgia; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span><span style="font-style: italic;">10.
Getting Caught Up in the dilemma of False Options</span></div>
<div style="color: black; font-family: Georgia; font-size: 10pt; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<em>Taken from the magazine Corporate Board Members, an article written by Randy Meyers.</em></div>
<div style="color: black; font-family: Georgia; font-size: 10pt; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
Make <strong><a href="http://www.integrissecurity.com/" target="_blank">Integris Security</a></strong> your Chief Risk Officer (CRO) as the independent keeper of oversight in your corporate enterprise. It is the job/function of the CRO to keep regulator awareness at a high level and to let the business be in charge of risk management.</div>
<div style="color: black; font-family: Georgia; font-size: 10pt; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"><strong>Integris Security LLC</strong> grew from our passion for protecting our nation’s critical infrastructures and years of providing industry professionals with best of breed solutions, proven best practices and top notch security education. We work tirelessly to nurture our clients’ TRUST. We will work equally diligently to EARN your trust.</span><br />
<em></em><br />
<br />
<strong><em>Reference: </em>http://operationalrisk.blogspot.com/2014/11/top-ten-mistakes-board-of-directors-risk.html</strong>
</div>
<div style="color: black; font-family: Georgia; font-size: 10pt; margin-bottom: 22pt; margin-left: 0.375in; margin-top: 0pt;">
<span style="font-style: italic;"></span> </div>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-40421383818861214092014-11-26T07:29:00.001-08:002014-11-26T07:33:24.347-08:00Happy Thanksgiving 2014<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJRMmwPlTZPbU41NrkEkyRIU4H5FSDpo1WkreBK-AyRXzNMsn4YuE2nyyB-SN_Q0tOHGsNZTOxUDrkg_Ff7RFp0mN9OLdBJ130Vqe0gqeNPASjJaCnU_5JsKaGGPaBElbK0qqyzBZ0as7B/s1600/1024x768-Thanksgiving-Wallpaper-5.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJRMmwPlTZPbU41NrkEkyRIU4H5FSDpo1WkreBK-AyRXzNMsn4YuE2nyyB-SN_Q0tOHGsNZTOxUDrkg_Ff7RFp0mN9OLdBJ130Vqe0gqeNPASjJaCnU_5JsKaGGPaBElbK0qqyzBZ0as7B/s1600/1024x768-Thanksgiving-Wallpaper-5.jpg" height="300" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><strong>From our Integris Security family to yours Happy Thanksgiving</strong></td></tr>
</tbody></table>
Joseph Concannonhttp://www.blogger.com/profile/10254806611255067399noreply@blogger.com0tag:blogger.com,1999:blog-3547356781881548648.post-46963450916470565582014-11-13T15:45:00.000-08:002014-11-13T15:52:27.312-08:00<h2>
</h2>
<h2 style="text-align: center;">
Hacking With Glue</h2>
<h2 style="text-align: center;">
<span style="font-weight: normal;">How Integris Security Automated Hours of Testing With a Single Mouse Click</span></h2>
<div style="text-align: center;">
<br /></div>
The recent presentation by Integris Security CTO, Blake Cornell, titled "<a href="http://www.slideshare.net/IntegrisSecurity/integris-security-hacking-with-glue" target="_blank">Hacking With Glue</a>" ℠ has been published. It outlines some software we have been developing for internal use which saves time and increases the ROI for our clients.<br />
<br />
"Penetration Testing involves a lot of repetitive manual processes. This includes the execution of a multitude of security tools. These are traditionally executed based upon the analysis of an analyst over the duration of a vulnerability assessment. Automating a heuristic process allows an attacker additional resources for more valuable tasks through the automation of the acquisition, execution and information collection process.<br />
<br />
A tool framework was developed by over the last few months effectively gluing over 30 unique security tools together. Each of these tools are selectively executed based of your targets available networked services dynamically.<br />
<br />
The tools include a collection of open source, custom and commercial software with varying licensing requirements.<br />
<br />
Hacking With Glue ℠"<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EFqo03U3a12HtFwR5wG57AipJB28i65-gowDgm_a1UPZt-TIm6ltwNm3k8KQ8Coq7EyxG_ROVhtvEjA_qSlK3sA9OnnnjlJ_CHjHqMI2iWApr4L03I415tdyNkbx7ATafeQm_gvYwAs/s1600/robosaurus_eats_car.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img alt="Hacking With Glue - SMB Cyber Security Solutions" border="0" height="244" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EFqo03U3a12HtFwR5wG57AipJB28i65-gowDgm_a1UPZt-TIm6ltwNm3k8KQ8Coq7EyxG_ROVhtvEjA_qSlK3sA9OnnnjlJ_CHjHqMI2iWApr4L03I415tdyNkbx7ATafeQm_gvYwAs/s320/robosaurus_eats_car.jpg" title="Integris Security Hacking With Glue" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Robots are a hackers best friend.</td></tr>
</tbody></table>
<br />
If you would like access to this software, require our assistance with your own cyber security workflow/pipeline or simply want to see how Integris Security can help you with your cyber security needs then please <a href="mailto:blog at integrissecurity dot com" target="_blank">contact us</a>.Unknownnoreply@blogger.com0