Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Verizon Shares Glimpse Into Upcoming 2014 Data Breach Investigations Report
Newest First  |  Oldest First  |  Threaded View
Ulf Mattsson
50%
50%
Ulf Mattsson,
User Rank: Moderator
4/26/2014 | 12:01:43 PM
The Bad Guys are Winning
I agree when Verizon's Baker says "the bad news from this year's report is that the cybercriminals and other attackers are getting better at what they do, while the security community is not improving its game quickly enough to keep pace."

The bad news, as Wade Baker, principal author of the Data Breach Investigations Report (DBIR) series, says is that: "After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime – and the bad guys are winning."

My view is that that we are now more concerned about attackers that are targeting our data flow, including data in memory since the DBIR reported that "RAM scrapers" went from a low #17 in 2012 and shoot up the charts to a very concerning #4 spot in 2013. 

My view is that that we are now less concerned about attackers that are targeting our stored data since the DBIR reported that "Capture stored data" went from a #4 in 2012 and to a less concerning #9 spot in 2013 and "Privilege abuse" went from a #14 in 2012 and to a less concerning #17 spot in 2013.

I think that file encryption will not stop the bad guys. The bad guys are no longer attacking stored data. The bad guys are now attacking the data flow, including data in memory.

My view is that we now need to secure the data flow, including data in memory. The bad guys are no longer attacking stored data.

I'm increasingly concerned about Big Data and Cloud platforms, great targets for attackers.

An important development was the addition of coarse-grained volume or file encryption will only solve one problem, protecting data at rest, but considering one of the primary goals is using the data, one might suggest that it provided little in the grand scheme of Data security.  Sensitive data in use for analytics, traveling between nodes, sent to other systems, or even just being viewed is subject to full exposure.

What they're seeking is advanced functionality equal to the task of balancing security and regulatory compliance with data insights and data utility. This balance is critical for Big Data and Cloud platforms.

Emerging Big Data and Cloud platforms are presenting new use cases that are requiring data insight for analytics, high performance and scalability for Big Data platforms cannot be achieved by old security approaches.  New security approaches are required since Big Data is based on a new and different architecture.

Big Data is introducing a new approach to collecting data by allowing unstructured data to be blindly collected. In many cases we do not even know about all sensitive and regulated data fields that are contained in these large data feeds. Analysis of the content is often deferred to a later point in the process, to a stage when we are starting to use the data for analytics. Then it is too late to go back and try to apply data security and compliance to regulations.

My view is that we now need to secure the data flow. The bad guys are no longer attacking stored data in files.

Ulf Mattsson, CTO Protegrity


Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Ransomware Damage Hit $11.5B in 2019
Dark Reading Staff 2/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7914
PUBLISHED: 2020-02-21
btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag.
CVE-2016-4606
PUBLISHED: 2020-02-21
Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks.
CVE-2020-5243
PUBLISHED: 2020-02-21
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent hea...
CVE-2019-14688
PUBLISHED: 2020-02-20
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. The vulnerability was found to ONLY be exploitable during an initial produc...
CVE-2019-19694
PUBLISHED: 2020-02-20
The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable to a denial of service (DoS) attack in which a malicious actor could manipulate a key file at a certain time during the system startup process to disable the product's malware protection functions or the ...