Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

2/17/2020
09:00 AM
By Karen Burke, Director of Corporate Communications, Farsight Security, Inc.
By Karen Burke, Director of Corporate Communications, Farsight Security, Inc.
Sponsored Article
100%
0%

Let's Talk: Why Language Matters in Cybersecurity

Like the latest security tools on the RSAC show floor, how we choose to communicate about the latest cyberthreats and more can play a key role in improving the security for all on the Internet.

Last week, I received a notification from Yahoo stating my "account may have been the target of government-backed actors." After validating its source, I shared the notice with my four sisters, who don’t work in the security industry, to see if they knew what "government-backed actors" meant. None of them did; one sister had to look it up on the Internet, while another said she would have not opened the mail, assuming it was a phishing attack. While far from a scientific poll, my sisters’ responses, in their small way, underscore why using simple, direct language is the key to keeping us all safer on the Internet. 

Language matters beyond data breach notifications. In his Venturebeat piece, Gusto CISO Frederick "Flee" Lee calls for more creativity to address the current cybersecurity skills shortage, including changing how we communicate about our industry, our open positions, etc: 'Expanding our recruiting pool and increasing the size of our talent pipeline starts with dropping our "dark arts" attitude and making security more accessible and easily understood."

The right communication is important; not only in attracting new talent, but also in winning new customers. How are you communicating with prospects? A single pitch does not work for every opportunity. Let’s say your marketing department has done a great job outlining the value prop of your products, and you have secured an initial call with a potential customer. Do you have a basic understanding of their industry and current security challenges? Has your pre-sales team done their homework about the organization, its industry, etc.?  Have you checked-in with financial, healthcare, automotive, retail and other vertical ISACs and threat-sharing associations? Empathy should be a core component of our work together. The ability to speak a common language and ask the right questions is the foundation for every relationship – prospects or otherwise.

In our industry, certain words like "speed," "real-time," and "faster" are often used to describe cybersecurity tools, capabilities, etc. According to the Verizon’s 2019 Data Breach Investigations Report (DBIR), one in two organizations doesn’t manage to discover a breach until several months after it happened.  At Farsight Security, we recognize the urgency and our responsibility to help organizations detect and quickly respond to cyberattacks, which is why we have heavily invested in delivering real-time data solutions to commercial and government organizations.

Our real-time (data-in-motion) and historical (data-at-rest) DNS data solutions help organizations reduce attacker dwell time as well as monitor and prevent many of today’s top cyberattacks, including phishing and DNS hijackings. These tools can also be used to audit your own and your partners digital infrastructures. What do we mean by "real-time"? At Farsight, we process more than 200,000 observations of DNS resolutions every second - including all DNS record types.

Our Newly Observed Domains, NX Domains, and the recently announced Newly Active Domains, the industry’s first real-time DNS Intelligence data feed that reports domains as they resume activity on the Internet after a period of inactivity (10 days or more), are all real-time solutions with proven benefits. However, not every organization has the right team or infrastructure to consume and leverage real-time data. To help organizations better access our real-time solutions, we have created SIE Batch, a new easy-to-use and easy-to-integrate delivery method to access our many real-time solutions. Both SIE Batch and Newly Active Domains will debut at the RSA® Conference in San Francisco from February 24-28, 2020. Visit us at Booth #3338 South to see “real-time” in action and learn how we can help your organization.

As we head into one of the industry’s primary conferences, let’s keep in mind that "government-backed actors" represent just one of the cyberthreats we face today. Language – like the latest security tools on the show floor – can be another important and vital tool we can use to help organizations reduce risk and improve our industry as a whole.      

About The Author
Karen Burke, Director of Corporate Communications, Farsight Security, Inc.
Karen Burke is the director of corporate communications for Farsight Security, Inc., the world’s largest provider of historical and real-time passive DNS data. She has extensive experience managing corporate communications and public relations for cybersecurity companies.

  

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...