Skip to main content

Posts

Showing posts from March, 2012

Infocrime Summit 2012 - London Keynote Review

This week saw the Spring Infocrime Summit at the Thistle Marble Arch in London.  With a great range of speakers and some fantastic Spring sunshine, it was a great 2 day event.

With the last event only in November, it was good to see a range of varied speaks and industry representatives have their opinion on a range of information security issues.

Jim Griffiths from Yodel make an interesting presentation referring to the curse of ‘Security Theatre’ often being applied by many organisations. The term was initial coined by information security leader Bruce Schneier, when referring to security counter measures that don’t actually reduce the threat per-se, but simply increase the feeling of being secure. In today’s complex threat landscape and with many organisations facing a finite security budget, it could often be a short term solution to a long term threat.

Jamie Cowper of Verocode, spent some time discussing the often overlooked aspect of 3rd party library usage and open source appl…

Are You Going to the 'Security Theatre'?

'Security Theatre' was a term coined by Bruce Scheiner in his book Beyond Fear and basically describes a situation, where a security countermeasure offers little or no protection from a real threat, but is simply applied in order to increase the feeling of being secure.

The term has generally been applied to many of the counter-terrorism scenario's we now face during our daily lives.  An example could include the sight of armed guards at airports (when really they're carrying unloaded guns) or the stop and search mentally of police forces (when in fact very few people are charged from this).

However, this approach is often being used by organisations in an attempt to secure corporate information assets.  Let me take for example, the Sarbanes Oxley Act of 2002, which saw many financial services organisations hurriedly implement new teams to manage the access review and control processes for their SOX 'critical' application estate.  Budgets became skewed and if a…

Cash The Real Cyber Driver

2011 saw a marked increase in the number of external web based cyber attacks.  Whilst the likes of wikileaks and Anonymous were driven mainly through ideals away from cash, I believe the main driver for complex command and control cyber attacks is indeed monetary.

As consumerization becomes internet driven and everything from smartphones, fridges and home appliances become connected, the attack vectors for a malicious user become larger.  There are more things to aim at and quite possibly they are less well protected.  As more people become switched on to decent speed broadband, more shopping, banking and general data transfer will occur online.

This, in addition to the general enterprise and SCADA style attacks that over the last 15 years continue develop in sophistication, the cyber criminal has a multitude of angles to attack from.

Aside from the hackitivism claims of recent months, the main driver for the cyber criminal is cash.  Whilst low level benign phishing attacks are now re…

Would You Pay For Privacy?

The protection of personal information is an important aspect of anybody's life.  Most people have a feeling of their 'personal space' when they're in a crowed public place such as the metro or bar and like to create an invisible barrier between themselves and others.

This personal space is often extended to the non-physical aspects of our life too, such as our contact information.  Many telephone directories give the option to be 'ex-directory', with screening options also available.  Electoral role information can also be masked, removing the opportunity for sales and marketing spam being aimed at individuals.

Most of these claims for additional privacy are not uncommon and are accepted as a standard way of protecting the personal attributes of an individual.

Today, most personal information for an individual, can be gained on line from doing some basic searches.  Certainly things like name, address and telephone number will be pretty widely available after a…

Interview Series - David Emm Snr Researcher at Kaspersky Lab

The next instalment in the interview series, sees a great interview with David Emm, Senior Security Researcher as Kaspersky Lab.
Ed:  Hi David, thanks for your time today with Infosec Professional.  How has information security changed in the last three years? David:  I believe there have been several key changes.
First, the traditional ‘work place’ is disappearing. So the task of securing data has become harder for businesses, as staff increasingly conduct business ‘on the go’: at home, at the airport, in the hotel – or anywhere else they can get a wireless signal. It’s not so much that the traditional network perimeter has disappeared. Rather it has become fragmented – and moves around as employees do. This has increased the points of exposure to malware and hackers. Second, we’re seeing a related development – the growing use of smartphones at work. IT departments now have to manage a heterogeneous mix of endpoint devices. This problem is compounded because many people use t…

RSA 2012 San Francisco - Keynote Review

So this week has seen the RSA Conference band wagon hit the track to San Francisco, with some interesting key notes and also a perhaps surprise inclusion of Tony Blair, as the token none-techy-heavy-weight making a few remarks on the closing Friday.

Looking at the main keynotes, the main underlying theme seems to have been one of connectedness and an ever changing threat landscape   Is this connectivity good or bad?  Social networking and BYOD obviously play a part in the that changing landscape, but also the internal supply chain interconnectedness has changed rapidly too, causing issues around things like federation, cross pollution of data and access.

Arthur Coveillo (EVP at RSA) delivered a pretty standard talk focusing on trust in an inter-connected world.  Phrasing Mick Jagger with you "can't always get what you want", he commented that while the internet is trust worthy 'enough', it is natural to see increased attacks on resources and services that become …