SME Cyber Security
83.8K views | +0 today
Follow
SME Cyber Security
Your new post is loading...
Your new post is loading...
Scooped by Roger Smith
Scoop.it!

Why You Don’t Need (or Want) a SIEM Tool – Cyber Defense Magazine

Why You Don’t Need (or Want) a SIEM Tool – Cyber Defense Magazine | SME Cyber Security | Scoop.it
There are a lot of things that sound good on paper, but don’t work out as planned in practice: Hot dog buns that are sliced on the top, being a Detroit Lions fan, implementing a SIEM tool. Of course, you can just buy regular hot dog buns, and—thankfully—you don’t need to buy a SIEM tool. I can’t help you with being a Lions fan—it’s a curse I live with myself—but, two out of three isn’t bad. But I digress. Let’s get back to why you don’t want a SIEM tool. What is a SIEM? What is a SIEM, anyway? I suppose we should start by considering why someone might think about implementing a SIEM tool in the first place. In the Magic Quadrant for Security Information and Event Management, Gartner defines it: “Gartner defines the security and information event management (SIEM) market by the customer’s need to analyze event data in real time for early detection of targeted attacks and data breaches, and to collect, store, investigate and report on log data for incident response, forensics and regulatory compliance. SIEM technology aggregates event data produced by security devices, network infrastructure, systems and applications. The primary data source is log data, but SIEM technology can also process other forms of data, such as network telemetry. Event data is combined with contextual information about users, assets, threats and vulnerabilities. The data may be normalized, so that events, data and contextual information from disparate sources can be analyzed for specific purposes, such as network security event monitoring, user activity monitoring and security compliance reporting. The technology provides real-time analysis of events for security monitoring, query and long-range analytics for historical analysis and other support for incident investigation and management, and reporting (e.g., for compliance requirements).” That is an awful lot to expect from one enterprise security solution—especially if you don’t have the skills and expertise to properly implement, configure, and manage it. What SIEM vendors won’t tell you is that the value of a SIEM solution for cybersecurity depends heavily on the threat intelligence feeds it uses, and on having security experts capable of doing the log management, threat detection, and forensic analysis necessary to deliver the results you’re expecting. SIEM is Complex and Challenging Matt Selheimer, Chief Marketing Officer for Alert Logic, recently presented a webinar titled “Why You No Longer Need a SIEM Tool.” During the presentation, he asked the audience about their view on SIEM tools. More than 80 percent responded that a SIEM is challenging to get up-and-running and get value from, or that they’ve held off implementing a SIEM tool because they’ve heard of the significant difficulties involved. What you really want is confidence in your security posture and some peace of mind. There are a variety of tools that can help you achieve that goal. A SIEM is one such tool—but it’s a tool that requires significant effort from you to implement, maintain, and monitor. Let’s use an analogy. Breakfast. What you want is a meal. There is a wide array of things you could eat that would satisfy that need, but you decide you want an omelette. Good choice. However, instead of a delicious ham and cheese omelette, someone gives you a chicken, a pig, and a cow and leaves it up to you to get from there to your original goal: breakfast. All you really wanted was breakfast. You’re not a farmer. You’re not a chef. You don’t want to be either of those things, really. You just want breakfast. That is essentially what you get with SIEM software. SIEM systems are a concept that sounds good on paper—and can be effective in practice. The issue, however, is that it requires expertise to implement and configure, and it requires consistent updating and monitoring by someone with the right skill to identify and respond to suspicious and malicious activity. It is not something you can just buy and install and magically get the peace of mind you were looking for. SIEMless Threat Management I have good news. There is better way to get breakfast…I mean confidence in your security posture and peace of mind. Think of it like having an executive chef deliver the perfect omelette to your table rather than raising your own animals and making it yourself. If you want to know more about the pitfalls and challenges of implementing your own SIEM tool, and how Alert Logic SIEMless Threat Management can help you avoid that mess and provide the security you need at the same time, check out the recording of Matt Selheimer’s webinar: Why You No Longer Need a SIEM Tool. About the Author: Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002.  Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and DevOps.com. He has established a reputation for effective content marketing, and building and engaging a community and social media audience. Learn more about Tony at Alert Logic.
Roger Smith's insight:

The constant attitude that you can dumb down the capabilities of the cybr security fraternity is one of the largest problem we have in combating cybercrime.    Somewhere along the line you have to rely on someones capability to look at a SIEM and make decisions concerning input and output.   SIEM is not a set and forget process.   It requires knowledge of technology and the bad guys capability.   The issue is not whether you need a SIEM but whether it will be and internal or external process

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Brace yourselves: New variant of Mirai takes aim at a new crop of IoT devices

Brace yourselves: New variant of Mirai takes aim at a new crop of IoT devices | SME Cyber Security | Scoop.it
Virulent malware updated to add 11 new exploits.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Australia cyber hack raises privacy concerns 

Australia cyber hack raises privacy concerns  | SME Cyber Security | Scoop.it
Australia's Parliament House computer network suffered a "malicious intrusion" on Feb. 8, according to Prime Minister Scott Morrison; on Feb. 18, he revealed before the House of Representatives that a number of specific political parties were hacked as part of that intrusion, among them his own...
Roger Smith's insight:

What happned to the implementation of the Australian Signals Directorate essential 8. Was it implemened?  What security framework was being used and why was the implementation not checked.   Sounds like security for political parties is follow the bouncing ball and sign off on the form because that is what we always do.

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Cyber security services top priority for fifth of MSPs, says Kaseya

Cyber security services top priority for fifth of MSPs, says Kaseya | SME Cyber Security | Scoop.it
Security and infrastructure are "key" to MSPs successfully building their businesses...
Roger Smith's insight:

Still focusing on the technology.  


When it comes to compliance and governance, cybersecurity should be a primary focus of all SME’s, but most MSP’s are still focussed on the technology.   It is not about technology, it is about people, policy and frameworks.   Getting the correct “systems” in place is absolutely critical in protecting your “crown jewels”, if you are asking your MSP to do it you are getting incorrect information.

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Check Point exposes yet more shared responsibility misunderstandings for cloud security

Check Point exposes yet more shared responsibility misunderstandings for cloud security | SME Cyber Security | Scoop.it
Almost one in five organisations polled by cybersecurity solutions provider Check Point Software say they have been victim to a cloud security incident over the past year, while more than a quarter still believe security is the responsibility of the cloud provider.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Cyber security for Kids – Cyber Defense Magazine

Cyber security for Kids – Cyber Defense Magazine | SME Cyber Security | Scoop.it
Sitting on the couch: Talking about security with the kids. by Pedro Tavares,  Founder of CSIRT.UBI & Cyber Security Blog seguranca-informatica.pt Talking about cybersecurity is crucial these days. Children are born in a cyber age and they represent a weakness from the security point-of-view. Due to that, it’s essential to provide them with cyber-knowledge, show what kind of information is available online and how they should protect themselves — after all, education begins early in our lives. This is a concept that many children may not care about, or even understand. Now is the moment to sit down on the couch with your little ones and start a conversation about online security, for they are now entering a phase of greater independence. We will show them how to keep personal information protected and only expose the strictly necessary information online. 1. Integrity check Sometimes we like to tell stories, talk about serious subjects or even tell nonsense stuff. — “Have you ever said something very bad to a friend and have regretted it?” Over time, everything was resolved and forgotten. In the digital world, things do not work out that way. We should consider carefully whether or not we should leave certain information displayed online, because when the information is available on the Internet, it will be available for all people to access. — “Imagine you write nonsense about a teacher. Remember that he can easily to obtain your post and that can have negative repercussions on your future life.” 2. Do you know the person you’re talking to? The Internet is a dangerous channel and as proof, we can speak about personification. At the moment we have a conversation with another person over the Internet and it isn’t possible to identify if the person on the other side of the computer screen is the person we would most like. — “If an unexpected message comes from someone you know, be careful. It could be someone representing that person”. Source 3. Save your data We must protect our personal information when using online applications or services, such as a computer game, social networks including Facebook, Twitter or Reddit, and even any kind of website where information can be exposed. Information such as our full name, date of birth, the place where we pick up the bus to go to school, where we live and even what places us typically go to can be used for the most strange purposes by cybercriminals. Rule of thumb: — “If anyone asks for details, don’t trust them.” Talk to other people you trust, expose the strange situation.” 4. Do not be lazy with your password It may seem like the easiest thing to do – except enter it and memorize it, right? – But using the same password across all services and applications is a bad idea. Many services are being hacked; it is constant. Moreover, many services are hacked because criminals use leaked passwords from other services (called credential stuffing). — “So, if you use the same password in a hacked online game and in your social network account, you can have your social network account blocked the next day because your profile has also been hacked.” — “Using a strong, complex and difficult guessing password for each system or application you use in your day to day life is the solution. Never use the same password to access two different systems.” 5. Use Two-Factor-Authentication (2FA) to keep hackers away Currently, a large number of online platforms and services, such as e-mail, social networks, gaming platforms, etc., already have this functionality called multi-factor or second factor of authentication – and therefore, we must strengthen our security with other authentication factors in addition to a simple password. 2FA appears in the form of an additional form where we have to enter a Personal Information Number (PIN) that is sent to us by e-mail or to another device, such as our smartphone, or can be generated by other third-party software such as Google Authenticator. — “Even if this functionality is not mandatory by the system, we should use it (if available).” 6. Think before you download it What we don’t want is that our computer or our smartphone becomes compromised and used by others. For this reason, before downloading any kind of Internet, be it files, computer game cracks, web browser extensions, applications, or other software, we must validate if they are reliable. — “We should look at the rating assigned to the program, comments from other users – even an Internet search should be done to validate if the program is trustworthy.” 7. Do not share accounts with friends This may sound natural, but do not share your passwords with friends or colleagues. If your friend is hacked you can also be! Or even, if you and a friend with whom you shared accounts or accesses create a confront /discussion, he can access your account and change the password at some point of anger. The solution is simple: — “If you or a friend of yours wants to use the same service or application you are using, each of you should have your own account and own password.” 8. Always log out If you use a public computer or some other type of shared device, such as in a public library, shop, or lab, remember to sign out of any accounts you have logged in, otherwise unauthorized people can access your information. — “Before you leave, make sure you always log out of third-party devices.” Final Thought Children are living in a constant digital transformation. These tips are just part of the conversation we should have with the little ones. Of course, there are other types of controls to set the limits of browsing, access, and even transactions, as we see fit, and this can be very useful. Nevertheless, these methods are not infallible, and one day the smaller ones will have access to a wider digital world. That is why it is vital that, when that day comes, they are well equipped with the knowledge they need to take control safely. About the Author Pedro Tavares is a cybersecurity professional and a founding member and Pentester of CSIRT.UBI and the founder of seguranca-informatica.pt.In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, hacking, cybersecurity, IoT and security in computer networks.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Hackers used Karma tool to hack iPhones of prominent Govt officials

Hackers used Karma tool to hack iPhones of prominent Govt officials | SME Cyber Security | Scoop.it
UAE (United Arab Emirates) Launched Aggressive Cyber Espionage Campaign using KARMA and Expertise of Ex-NSA Operatives.
Roger Smith's insight:

Interesting!   They used a base level hacking application that can be purchased for $50 - $150, to hack secure systems?

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Why risk-based security is the key to driving business value in 2019

Why risk-based security is the key to driving business value in 2019 | SME Cyber Security | Scoop.it
NTT Security's Azeem Aleem explains why it's time for businesses to rethink their approach to cybersecurity.
Roger Smith's insight:

Working out the risk and assertaining the gap between where your organisation should be and where it is.   This is critical to underlying cybersecurity.

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

What is a supply chain attack? Why you should be wary of third-party providers

What is a supply chain attack? Why you should be wary of third-party providers | SME Cyber Security | Scoop.it
The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

WordPress users beware: These 10 plugins are most vulnerable to attacks

WordPress users beware: These 10 plugins are most vulnerable to attacks | SME Cyber Security | Scoop.it
WordPress vulnerabilities tripled over the past year, more than any other CMS, according to an Imperva report.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

To understand what's coming in 2019, remember these five numbers from 2018

To understand what's coming in 2019, remember these five numbers from 2018 | SME Cyber Security | Scoop.it
To understand what's coming in 2019, remember these five numbers from 2018 - SiliconANGLE...
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

McAfee: 'Operation Sharpshooter' hack hit government, defense firms

McAfee: 'Operation Sharpshooter' hack hit government, defense firms | SME Cyber Security | Scoop.it
Hackers infiltrated dozens of companies around the world with advanced malicious software that extracted information from their systems, according to McAfee.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Australia Passes Anti-Encryption Bill—Here's Everything You Need To Know

Australia Passes Anti-Encryption Bill—Here's Everything You Need To Know | SME Cyber Security | Scoop.it
Here's Everything You Need To Know About Australia's New "Telecommunications Assistance and Access Bill 2018," also known as the Anti-Encryption Bill...
Roger Smith's insight:

The blantant stupidity of the Australian parliament shows they have no understanding of the requirements of encryption for everyday use of the digital world.  


This will have far reaching and catastrophic impact on the Australian digital sector and if not changed in the near future will have the multinational software companys removing their support and business from Australia.

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Cybersecurity: Don’t let the small stuff cause you big problems

Cybersecurity: Don’t let the small stuff cause you big problems | SME Cyber Security | Scoop.it
If hospitals don't take cybersecurity seriously, a series of small issues could be as bad as a major cyberattack like WannaCry, warns NHS Digital chief.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Infographic: List of data breaches in 2018

Infographic: List of data breaches in 2018 | SME Cyber Security | Scoop.it
2018 saw some of the biggest data breaches yet, with Marriott, Under Armour and Facebook suffering breaches that affected 500 million, 150 million and 100 million people respectively. It was also the year of the GDPR (General Data Protection Regulation), which changed the way organisations handle...
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

New Arm Certification Aims to Secure IoT Devices

New Arm Certification Aims to Secure IoT Devices | SME Cyber Security | Scoop.it
A three-tier certification regimen shows adherence to the Platform Security Architecture.
Roger Smith's insight:

The problem is how do you stop insecure system getting to the public.  Shiny and new will always beat creditation

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Prepare to Be Hacked: Why Realtime Security is Crucial in 2019

Prepare to Be Hacked: Why Realtime Security is Crucial in 2019 | SME Cyber Security | Scoop.it
The threat of cyberattacks grows each year.According to a recent survey by Pew, cyberattacks now rank as one of the top global threats alongside climate...
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Hackers 'scramble' patient files in Melbourne heart clinic cyber attack | Technology | The Guardian

Hackers 'scramble' patient files in Melbourne heart clinic cyber attack | Technology | The Guardian | SME Cyber Security | Scoop.it
Federal agencies investigating breach, reported to be a ransom demand...
Roger Smith's insight:

It will be interesting to look back on this episode and see what was done right and what was done wrong.   I believe that this is the wrong - "The clinic said it was working through this issue with its IT provider and hoped to resolve it soon."

Without the right processes and policies in place this will happen more often.   

These issues are not IT issues, they are a whole of business issues and have to be faced from the board down to the receptionist.

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Australia SMEs are overconfident on cyber threats - Chubb survey

Australia SMEs are overconfident on cyber threats - Chubb survey | SME Cyber Security | Scoop.it
Some SMEs think they are "too small to fail," says cyber underwriting leader...
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

What Business Owners Need to Know About Protecting Their Data

What Business Owners Need to Know About Protecting Their Data | SME Cyber Security | Scoop.it
False sense of security? Even major apps and platforms can fall victim to security vulnerabilities.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Fighting Ransomware with 'No More Ransom'

Fighting Ransomware with 'No More Ransom' | SME Cyber Security | Scoop.it
The 'No More Ransom' project not only helps victims regain access to locked data but also educates users on how ransomware works and how they can prevent...
Roger Smith's insight:

When education and awareness training combined with a good back up fail, there is always this - maybe

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Seven Preventative Cyber Security Tips SMEs Should Take Today

Seven Preventative Cyber Security Tips SMEs Should Take Today | SME Cyber Security | Scoop.it
The fact is, SMEs are hacked just as often as the big guys, and they may even be more at risk. Verizon commissioned a study, and they found that 61 percent of the victims of data breaches were small businesses.
more...
CCI VAL D'OISE's curator insight, January 27, 2:13 PM

63% des attaques Cyber concernent les PME et TPE. Être "petit" ne doit pas être un alibi pour ne rien faire.. Surtout que les mesures de protection sont simples et pas forcément coûteuses. #CLUSTERSSV 

Scooped by Roger Smith
Scoop.it!

Too soon to attribute cyberattack that disrupted U.S. newspapers, researchers say

Too soon to attribute cyberattack that disrupted U.S. newspapers, researchers say | SME Cyber Security | Scoop.it
It’s too soon to tell whether North Korean hackers were responsible for a cyberattack that prevented multiple U.S. newspapers from delivering on time.
more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

School hackers steal personal data of half a million students & staff

School hackers steal personal data of half a million students & staff | SME Cyber Security | Scoop.it
A school district in the US has suffered a cyber attack in which hackers managed to steal personal data of 500,000 staff and students.
Roger Smith's insight:

One of the driving forces of cybercrime - ego

more...
No comment yet.
Scooped by Roger Smith
Scoop.it!

Marriott CFO calls $1B estimate on cyber breach premature

Marriott CFO calls $1B estimate on cyber breach premature | SME Cyber Security | Scoop.it
It’s too soon for Marriott International Inc. to estimate the cost of the massive cyber breach that the company disclosed last week, said Chief Financial Officer Leeny Oberg.
Roger Smith's insight:

This will show the teeth of GDRP.   The impact will be eventful.

more...
No comment yet.