Some of my ‘so-called’ friends that help organize the RSA Security Bloggers event have decided that folks that attend should actually have blogged something recently, well I haven’t so to make them happy…
With the increasing frequency and severity of advanced threats perpetrated by highly-organized and sophisticated groups and nation-states, enterprises need to realize that they are either compromised or will be soon. Traditional techniques need to be augmented with more sophisticated and exhaustive methods to provide visibility into all aspects of the internal environment – this requires continuous monitoring and analysis of all ingress and egress traffic patterns from every host on the network regardless of the source, destination or type of traffic.
There are 5 key initiatives that every organization should implement:
- Invest in security professionals that have strong experience with forensic investigation and incident response
- Implement incident response programs that complement and extend current prevention approaches to information security
- Deploy network security technologies that provide deep visibility into the state of the internal network and can collect, analyze and archive massive amounts of all network flow data
- Ensure network monitoring solutions integrate with existing network security tools, such as IDS/IPS, SIEM, and firewalls
- Make security awareness throughout the organization an ongoing element of the information security program
Brevity is a gift shared by very few in the security industry =)
Posted in Security | Tagged Amrit Williams, APT1, China, chinese hackers, incident response, lancope, Mandiant, netflow, Obama, RSA, security bloggers, Unit 61398 | Leave a Comment »
I am not a big fan of AT&T (here), but this video from AT&T released in 1990 is about the most insightful view into modern day infosec I’ve ever seen (here) and since it was produced pre-brick walls on fire and simple clouds to depict complex relationships it is more believable than most security marketing crap.
We began homeschooling this year – why? convictions, ideals, teaching to excellence versus teaching to the medium – as part of this the boys (11 & 13) are to keep up with current affairs of their choosing. My older son was quite intrigued by a story in the Economist about **Iran, something about how if they are bombed it would only slow down their nuclear ambitions, not destroy them, and worse it would dramatically increase global crankiness.
As he was sitting down to prepare his report I received an email from a reporter in Azerbaijan asking for comment on Iran’s cyber-security capabilities, especially as it relates to their nuclear program…a topic I am uniquely unqualified to comment on, but here nor there…so the other morning my son read his report, which included his dad’s quotes from the Azerbaijani article. As a father it’s cool to draw the world full-circle like that, but the the entire experience made me feel really old and reminded me that a new generation of folks needs to be mentored and enabled.
* why would a disciple of the eternal order of the packet want to party like its 1999?
Perhaps 1999 was the first year that folks actually believed they could make a difference or more likely that was the year that the majority of security products in use today had all been invented by, since then its been a three-way battle between fail, bravado, and dreams deferred to produce iterations of the previously invented, but really nothing new
** disclaimer: I know very little about making money (or Iran), but the markets will be impacted as western powers continue to intentionally spread democracy across the Middle East, do with that information what you will
Posted in Family, Security | Leave a Comment »
On December 1, 2011 a Class-action lawsuit was filed in United States District Court Northern District of California against Hewlett-Packard, alleging violations of The California Consumer Legal Remedies Act for Injunctive Relief and the California Unfair Competition Law based on non-disclosure of a known security vulnerability (read the filing here)
Nature of the Action
l. Plaintiff brings this action individually and as a class action against Hewlett-Packard Company (“Hewlett-Packard” or “HP” or “Defendant”) on behalf of all others who purchased a Hewlett-Packard printer (the “HP Printers”).
2. The HP Printer’s suffer from a design defect in the software (which is also sometimes referred to as “firmware” ) that is resident on the HP Printers, which allow computer hackers to gain access to the network on which the HP Printers are connected, steal sensitive information, and even flood the HP Printers, themselves, with commands that are able to control the HP Printers and even cause physical damage to the BP Printers themselves.
3. Despite Defendant’s knowledge of the design defect in the software of the HP Printers. Defendant has failed to disclose the existence of the defect to consumers
4. As a result of the facts alleged herein, Defendant has violated California laws governing consumer protection.
Continue Reading »
Posted in Security | Tagged HP, Security, Vulnerability disclosure | 2 Comments »
<Warning: This post has nothing to do with technology, information security, or anything else I normally blog about>
This post is dedicated to the memory of Stephanie Renee Fong
When I was in my early 20s I met a young women named Stephanie, we quickly grew very close. Stephanie was special to me in many ways, but most of all she always seemed to provide me so much warmth and comfort.
One winter she had bought me this really cool warm coat, she ended up wearing the coat most of the time to the point that the coat smelled like her…which always brought a smile to my face.
Stephanie was allergic to legumes and also suffered from Asthma, which required her to use a special prescription inhaler. I never realized the extent that allergies can impact us until one day in August 1994. Continue Reading »
Posted in Family | Tagged Warm Coat, World Impact | 9 Comments »
I love data, I love the benefits that data analysis offers, and I love the concept of large amounts of data being massaged, queried, and providing insights through a whole new set of technical innovations – and there are many in data right now. In fact I believe that this year has probably been the largest year for VC investments in database technologies in a really, really long time (Recent VC investment in NoSQL companies; Neotech $10.6m, Datastax $11m, 10Gen $20m, Couchbase $14m + all the $ in big data, BI and analytics)
Continue Reading »
Posted in Analytics, BigData | Tagged Analytics, business intelligence, data-driven | 2 Comments »