Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Black Hat Survey: Security Pros Expect Major Breaches in Next Two Years
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
7/13/2017 | 7:36:06 AM
Defining "cyberattack"
> Sixty percent of respondents to the Black Hat survey believe that a successful cyberattack on U.S. critical infrastructure will occur in the next two years.

How loosely or strictly are we defining "cyberattack" here?

Because, depending upon the definition, there have already been such successful cyberattacks.

Case in point from six years ago here: pastebin.com/Wx90LLum
Dario.Forte
50%
50%
Dario.Forte,
User Rank: Author
7/10/2017 | 9:08:48 AM
Disparity in priorities
I think the concern over the disparity between the practitioner priorities and those of top management in their organizations is probably one of the most relevant of the survey and it denotes a misalignment between business and technical requirements. While it is clear that compliance is a driver (and probably it always will be), the importance of creating a common playground for technical and business management is mandatory. I think GDPR will provide a huge opportunity to create (and maintain) this common layer, as it is a clear example of how compliance cannot be reached without technical execution.
tcritchley07
50%
50%
tcritchley07,
User Rank: Moderator
7/7/2017 | 9:57:54 AM
Re:Breaches over Next 2 Years
The 'breach' (in its broadest sense) figures are climbmg inexorable despite all the talk and flannel os vendors and consultants. It is like fixng rust spots on a rust bucket car whre as soon as you fix one, another appears. This will never work and the whole issue needs a new, solid cybersecurity architecture. This will take much of the onus off the end user or organisation and quite rightly. When I fly, I am not expected to take my own oxygen, life vest etc. It is supplied by the body that sold me the ticket. We expect the equivalent of users/organisations over cybersecurity.

The architecture wil inevitabky involve:

1. Changes to existing internet SW (DNS, Windows etc.) or even scrapping and repleacing. This will allow intimate knowledge of 'user', whether good guy or bad guy, including location, SW level, his PC ID/serial no. etc.

2, Hardware innovation such as built in memory and storage encryption.

3. Judicious data placement ( I am working on this) and other tricks of the trade to prevent malicious encryption and possibly make it theft-proof. These things will not happen by fiddling, patching and twiddling with the current setup. The internet is open, was conceived that way and the SW around it reflects that ethos. It MUST change if we are to have true security.

4. The redoubt (miltary fallback for a last stand); this means a proper disaster recovery (DR) plan where the organisation or user is not wiped out when data is lost (deleted) or encrypted. The recent UK NHS Wannacry debacle showed the need for, and in this case the absence of, a good, rapid recovery DR plan.

If you think about this you will see the sense in it. The architecture must be agreed by all (conforming nations at least) which will get over the disaster I see promised by the dozen or more cybersecurity initiatives being developed by government bodies and other bodies. If they all come to pass, I dread to think what will happen when a system with cybersecurity 1 tries to talk to one with cybersecurity 6; it will be 'request rejected. I don't recognise you'. Take a look at the US and UK cybersecurity initiatives as a starter, then look at all the cybersecurity vendors (about 50 or more) and what their initaitives are and you will see what I see as a final result; a complete dog's breakfast'.

Terry Critchley
Joe Stanganelli
0%
100%
Joe Stanganelli,
User Rank: Ninja
7/6/2017 | 12:30:41 PM
2 years, and compliance
Coincidentally, as per an old stat that's been floating around a few years now (from Gartner, I think? I don't quite remember) indicating that within two years of a major breach, a small business goes out of business.

On a separate note, I'm not sure how I feel about compliance gaining a bigger percentage of the "top priority" pie here. On the one hand, it's good to see more security pros taking it seriously. On the other hand, it's kind of sad when you think about it that compliance has to take so much away from actual security and privacy issues. While compliance can help make you way more secure, compliance and security are not the same thing -- and, sometimes, even contradict each other!


Commentary
What the FedEx Logo Taught Me About Cybersecurity
Matt Shea, Head of Federal @ MixMode,  6/4/2021
Edge-DRsplash-10-edge-articles
A View From Inside a Deception
Sara Peters, Senior Editor at Dark Reading,  6/2/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21554
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit t...
CVE-2021-21555
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, a...
CVE-2021-21556
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, ...
CVE-2021-21557
PUBLISHED: 2021-06-14
Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Ma...
CVE-2021-32682
PUBLISHED: 2021-06-14
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration...