Endpoint Security Makes Quantum Shift: Part I

Posted by Michael Davis    Feb 24, 2015 12:17:50 PM

Rest in peace, antivirus tools. You had a good run for a security technol­ogy — 1987 to 2014.

In case you missed it, in May, Sy­mantec called time of death for antivirus software. It did so not because AV technologies suddenly became less effective. Rather, the company finally acknowledged that it’s not a matter of if, but when, an orga­nization will be targeted and that antivirus products will stop only some attacks. Plenty of security bloggers and pundits reacted with glee, given that antivirus software reportedly represents 40% of Symantec’s revenue.

Read More

Topics: endpoint security

Intelligent Algorithms and Feature Design

Posted by Yan Glina    Jan 27, 2015 2:16:45 PM

If you live and breathe at the intersection of Cyber Security and Data Science, you have probably seen Alexandre Pinto’s DefCon22 talk, #SecureBecauseMath (https://www.youtube.com/watch?v=TYVCVzEJhhQ).  In this talk, Alex makes great points regarding some blatantly poor yet commonplace practices. #MathIsAwesome, but pushing not-quite-real science by overeager marketing departments, or being an overly receptive, starry-eyed audience waiting for pronouncements from the next super-genius, are still problems.  Alex also alludes to some things that are of immediate consequence to algorithms and Machine Learning researchers operating in the security space.  For example, Feature Design.

Read More

Topics: Cyber Security, data science, feature design

The Era of Big Data EDR

Posted by Nate Buell    Jan 13, 2015 10:00:00 AM

Looking ahead to 2015 in cybersecurity, it really is vital to understand how the threat environment impacted organizations through exploits and breaches in 2014.

Toward the tail-end of the year it seemed like there was a new, major data leak or cyberattack in the headlines every week.  There was no pattern, no single industry targeted (no pun intended) and no actions taken to punish those involved, even if the attribution was defined and accurate, and there was a definitive perpetrator or organization to charge in the criminal act. (http://www.justice.gov/opa/pr/us-charges-five-chinese-military-hackers-cyber-espionage-against-us-corporations-and-labor)

Is there knowledge that can be gained from the cyberattacks of 2014? Yes. There's certainly a large amount of information that can be applied from the numerous hacks and breaches to understand trends and techniques, but the most important lesson to be learned from this past year may just be the fact that enterprise organizations are heading towards a new approach to endpoint security – Big Data Endpoint Detection and Response (EDR). 

Read More

Topics: Big Data Security, Big Data Analytics, EDR, Big Data EDR

Don't Look Back in Anger: Make Security a Priority in 2015

Posted by Tom Bain    Jan 7, 2015 3:43:58 PM

It’s typical at this time of year to look back at the previous years’ data breaches and high-profile exploits, and say things got worse. However in 2014, things really did get worse from the standpoint of damage to some of the biggest organizations globally.

From the direct impact on enterprises to the direct impact on consumers in the wake of retail industry breaches. From the indirect impact on businesses like wasted time cycles, downtime and mis-allocated resources, to indirect overall impact felt by consumers - like NOT making purchases at specific retail stores or websites, or perhaps NOT investing money or doing business with financial organizations based on a security breach - we all felt the pain.

We've seen enormous swings financially, and in confidence of organizations, attributed to this year's attacks. But it’s not really just about the attacks. They are going to happen. I'd argue that its more about the nexus of forces around the way organizations and employees are computing, and the devices that are used (endpoints) for multiple purposes within the corporate network.

Read More

Topics: Cyber Security, data breach

The Unmeasured Cost of a Security Breach

Posted by Nate Buell    Dec 11, 2014 11:46:00 AM

Everything in today’s society is analytical.  Everyone wants to see the numbers associated with every piece of information available. Improvements in technology, namely Big Data, have made dollar amounts, stats and percentages readily available allowing us to measure everything now. 

As is the case for cyberattacks. In August, the New York Times had the cost of the Target breach at $148m, not including the drop in earnings on the stock market, or the total cost of the resources the company extended to recover from the hack – incident responders, PR teams etc.

Read More

“The Internet of Things” – Security Vulnerabilities Can Cause Bodily Harm?

Posted by Tom Bain    Nov 5, 2014 5:18:00 PM

We may have hit a ‘data breach fatigue’ saturation point across the market as of late, but there were a few other security vulnerability stories swirling this past week that seemed to deviate from the standard reports.

DHS is actually probing a number of medical device manufacturers to see if there are legitimate cybersecurity vulnerabilities in a number of pumps and implantable heart devices.

One thing that comes to mind with respect medical devices with internet connectivity, is that devices, like any other technology, have evolved. Medical devices are now programmable, configurable and are more advanced to accommodate so many patient conditions, complete with automation, data collection and storage requirements.

Read More

Topics: Cyber Security, endpoint security

When Zombies Attack - Hacker Halted and CISO Forum Wrap-up

Posted by Tom Bain    Oct 24, 2014 1:11:00 PM

It’s only so often that you can attend a conference with the dominant theme being the Zombie Apocalypse.

And no more fitting location than Atlanta, where it all started for the ‘Walking Dead.’ Yes, the walkers took Atlanta first and swarmed in an outward fashion from there to swarm the rest of the world for complete domination.

Read More

Topics: APT, cybersecurity, Tom Bain, Sentinel, endpoint security, CounterTack, cybersecurity research, Hacker Halted, CISO Forum 2014, Michael A. Davis, Zombies, EC Council, Hacker Halted 2014, CISO Forum

West Point Focuses Efforts on Cyber Defense with the Army Cyber Institute

Posted by Neal Creighton    Oct 7, 2014 2:33:38 PM

CounterTack would like congratulate the Army Cyber Institute (ACI) at West Point on its ribbon cutting ceremony on October 3, 2014. The ACI’s mission is an important one for our country and they have assembled an incredible team led by Colonel Greg Conti and Chair LTG (R) Rhett Hernandez. I was fortunate enough to be present for the ribbon cutting on a beautiful, sunny day along the Hudson River at West Point. 

Read More

Topics: Cyber Defense, APT, cybersecurity, endpoint security, CounterTack, Breaches, Security Intelligence, Neal Creighton, Gartner Cool Vendor, Army Cyber Institute, General Rhett Hernandez, Colonel Greg Conti, U.S. Army

The First Federally-Funded Cybersecurity Center of Excellence

Posted by Tom Bain    Sep 30, 2014 12:33:26 PM

This news flew under the radar for the most part, and I neglected to pick this up in a timely fashion through my feeds. But MITRE announced that it was awareded $29M to start the first federall-funded cybersecurity of excellence of its kind. Reports also state that this initiative could receive over $5B over the next 25 years. 

Read More

Topics: Cyber Defense, Network Security, APT, cybersecurity, Tom Bain, endpoint security, CounterTack, Security Intelligence, cybersecurity research, cybersecurity R&D

Do More Records Breached Necessarily Mean a More Severe Incident?

Posted by Tom Bain    Sep 22, 2014 5:03:00 PM

It has been reported that Home Depot has experienced a near-record data breach. We are talking 56M debit and credit cards.

Read More

Topics: malware, Cyber Attack, APT, cybersecurity, Tom Bain, Sentinel, endpoint security, CounterTack, threat detection, Breaches, Zero-day Attack, Breach, Gartner Cool Vendor, Microsoft XP Security, POS system data breach, Microsoft XP, Home Depot Data Breach, retail data breach

Blog covers topics related to detecting and monitoring in-progress cyber attacks for IT security operations teams.

Subscribe to Email Updates

2014 Gartner Cool Vendor Report

Posts by Topic

see all