BFSI VISION | Cyber Security

1. How You Think About Big Data For Cyber Security--And What You're Doing About It--May Not Agree
Source- Forbes

It’s inevitable. Whether in the boardroom or around the office, you’re bound to have “the talk” about big data analytics for cyber security if you haven’t already. At issue is whether or not your organization is optimizing its data collection and analytics efforts to your best ability to detect and defend against cyber intrusions.

Actions speak louder than words
Before continuing your quest for the silver bullet that puts an end to cyber-attacks, it might be wise to take pause; and turn your attention inward to your own IT and senior management teams. Gauging their overall perceptions of cyber security awareness and measures—versus what your organization is actually doing about it—just may surprise you.

In 2013, the Ponemon Institute conducted the Big Data Analytics in Cyber Defense* study to learn about organizations’ cyber security defenses and the use of big data analytics to become more efficient in recognizing the patterns that represent network threats. As a result, some surprising statistics surfaced, along with powerful insights that are helping forge more productive conversations on cyber security in organizations of all sizes.

Here’s what the study revealed.

Perceptions about cyber readiness
Most everyone agrees on this alarming reality: cyber security challenges continue to grow, with new threats expanding exponentially and with greater sophistication. However, what may shock you is how organizations perceive their understanding of readiness and vulnerabilities—as well as their views on big data cyber security analytics—versus reality.

For example, a whopping 61 percent of respondents believe big data analytics can solve pressing security issues faced by companies and government; though only 35 percent say they have solutions in place that are the same or comparable to big data analytics for cyber defense.

Sixty percent of respondents agree that launching a strong defense against hostile actors and other cyber criminals requires their organization to see and quickly contain anomalous and potentially malicious traffic in networks. However, interestingly, about 51 percent say that what is hindering their efforts to do so effectively is the scarcity of in-house personnel or expertise. When asked specifically where their organizations are most deficient in their ability to become more proactive in their approach to cyber threats, 36 percent say it is enabling security technologies and 35 percent say professional expertise.

When asked specifically where their organizations are most deficient in their ability to become more proactive in their approach to cyber threats, 36 percent say it is enabling security technologies and 35 percent say professional expertise.

Cyber security risks, consequences and barriers to improvement
Based on a 12-month benchmark period, most organizations represented in the study determined they are not achieving a more effective security posture in combating cyber-attacks and intrusions. In fact, 33 percent say their organization is less effective, while 47 percent say their security posture is the same in terms of effectiveness.

IT respondents admit the most difficult challenge is the ability to reduce the number of false positives in the analysis of anomalous traffic, followed by the difficulty in stopping anomalous traffic, and seeing anomalous traffic entering their networks.

Big data analytics and cyber security solutions
The majority of respondents, 56 percent, say they know of security technologies that provide big data analytics for cyber defense, and 61 percent believe they solve pressing security issues faced by their organizations.

However, only 35 percent have these solutions in place.

The study reveals an astounding gap between what organizations acknowledge as indisputable risks associated with a subpar cyber defense posture and their efforts to procure a solution. The result? Trends in data breaches persist, costing billions of dollars annually from theft of information assets, disruption of service, and more.

So, where does your organization stand on the grand scale of perception vs. reality for combating cyber-crime? If you’re not sure, find out. It just might be the single most important step you take toward finding a solution to protect your organization’s valuable data, and your company’s trusted reputation.

2. Fire Eye predictions for cyber security in 2015
Source- Zdnet

Mobile ransom ware, insurance claims and striking the supply chain are all expected to make an appearance in 2015.

Sony is still smarting over a cataclysmic cyber attack, US banks, Target and Staples have all been targeted, and it seems hackers are always one step ahead.

But what can we expect from next year?

Security flaws Heartbleed, Crypto locker and Shellshock have all had their time in the media spotlight, companies are reviewing their risk management and damage control processes, and investment is being pumped into training the next generation of cyber security experts in an attempt to keep corporate network intrusion to a minimum. Mobile and Web-based viruses remain a scourge, and hardly a week goes by without hearing of another data breach or a new strain of malware being discovered in the wild.

According to Greg Day, CTO of the EMEA region at security firm FireEye , these situations are likely to deepen and worsen over the coming year and into 2015.

The security and forensics firm predicts that in the technical realm, mobile ransom ware will surge in popularity. Crypto locker attained a measure of success this year, and so attention is expected to further turn to mobile in order for attackers to gain access to your phone and contacts. The data which will end up locked is centered on cloud accounts, which will be encrypted before the victim is hit with a lock screen and demand for money.

FireEye predicts that point-of-sale (PoS) attacks will also become a more popular method of stealing data and money -- and PoS attacks will strike a broader group of victims with increasing frequency. The security firm believes that more creative targeting will evolve as retailers strengthen their defenses and more criminals get into the game. As a result, cyber attacks will spread to "middle layer" targets including payment processors and PoS management firms.

"The danger being that a single successful intrusion could provide access to pools of credit card data from many sources that could rival the numbers we have seen stolen from single large victims thus far," FireEye claims

While hackers aiming at PoS systems begin to target third-parties more, the same can be said for business as a whole. It is predicted that attacks on the enterprise supply chain will surge, as less mature or financially able companies become weak links in an ecosystem where only top firms can bolster their defenses to acceptable standards. Consequentially, large companies will demand evidence of adequate security controls from their suppliers in the future -- but whether smaller companies will have the funds available remains to be seen.

When something does go wrong and a cyber attack is successful, response plans are also expected to fail more often, with harsher consequences. FireEye believes that a lack of adequate response could result in a major brand going out of business in 2015. With such risks in the corporate realm, cyber insurance as an industry is expected to grow.

Breaches are an inevitable part of modern day business, but damage control is possible. Real-time network monitoring and forensic analysis after an attack has taken place can help identify attackers, detect a breach as it occurs, and mount a defense before severe damage is done.

3. Growing cyber security concerns
Source- Al Jazeera

With technology advancing faster than ever before, cybersecurity has become a major concern. Hackers aren’t the only ones, though, who are wreaking havoc online. Governments have also used cyberattacks as weapons against each other.

Stuxnet was a “worm” created in 2007, allegedly by the U.S. and Israel, that attacked Iran’s nuclear facilities. Neither government has claimed responsibility, but Stuxnet is now widely accepted as the first known cyberweapon to cause major physical damage to its intended target. The only problem was that the worm escaped Iranian facilities and spread among the general public.

It’s alleged that Iran launched a cyberattack on the world’s largest oil company, Saudi Aramco, in retaliation for Stuxnet in 2012, but that has not been confirmed. Although the attack was said to be primitive and unsophisticated, it still managed to wipe out the data in much of the company’s main computer network, and it affected 30,000 Aramco personal computers.

Last week in a cyberattack that shut down Sony Pictures for days, hackers released sensitive data from the studio’s network, including employee salaries and high-quality versions of several unreleased films.

Blame is being pointed at North Korea — and although Pyongyang has denied any involvement, it has praised the move nonetheless, citing the movie “The Interview” as offensive for alluding to an assassination attempt on North Korean leader Kim Jong Un. Previously, North Korea reached out to United Nations Secretary General Ban Ki-moon to file a complaint, calling the movie “an act of war.”

During Al Jazeera America’s Sunday night segment The Week Ahead, Thomas Drayton discussed cybersecurity and the ramifications of global cyberwarfare with Dan Guido, a hacker-in-residence at New York University’s Polytechnic School of Engineering, and with Allan Friedman, a research scientist at the Cyber Security Policy Research Institute of George Washington University.

Guido said it takes very little effort and small teams to break into major companies. He said, “It’s very simple to gather information about individuals on the Internet,” adding that clicking on the wrong link can give hackers complete control over the targeted computers and access to a company’s entire website, using very few resources.

Friedman said there are a number of different ways to trace the origin of a cyberattack. The forensics level is the most technical, unpacking clues as to who was involved. On an intelligence level, investigating things like who is the most likely to benefit or who may have been talking about an attack before one happens can help point to a culprit. On a national security level, hackers are generally trying to engage in a strategic attack to achieve a political outcome.

He added that there are different types of attacks. Organized crime groups may try to access random people’s credit card numbers. Some hackers engage in economic espionage, trying to steal companies’ secrets.

Al Jazeera’s Jacob Ward said certain hackers have the patience and skills to find vulnerabilities in a system, plant malicious code and comb through the results for what they need. But he said the most common type of hacking happens through social engineering, with predators gathering data from the plethora of information that Internet users give out voluntarily through social media.

Anyone can access personal information about a person’s likes, way of living and family members though sites such as Facebook or a person’s location through applications such as FourSquare. He added that anyone can do it with enough charm and creativity.