The way of business solutions
www.insightssuccess.com December 2017
The Editors’ Perspective Educating Employees to Minimize the Risk of Cyber-Attacks
Info Network Data Center Security: Controlling Possible Threats
10
Maven’s Mentorship
Best Performing
Threat O Cure How to Minimize Cyber-Attacks On Your Organisation
Expert’s Insight What GDPR forgets: The physical security
Executive Voice
Secure Vision Traits to Possess the Best Enterprise Security
IT and Communication Trends for Critical Infrastructure
Solution Providers 2017
The Expert in Domain Data
Managing Corporate Communications on Mobile Devices
Editorial
N
Cyber Security: Prevention is Always Better than Cure
owadays, people are becoming more and more dependent on the world of web, wherein commercial activities, business transactions, and government services are comprehended. This over dependency over the internet has led to a significant rise in new cyber threats and information security issues which are being heavily taken advantage of by cyber criminals. As a relevant example, recent cyber-attacks by “Petya” and “Wannacry” has made leaders across the world vulnerable and enforced them to think twice about their cyber-security infrastructure. With Internet breaches touching millions of dollars, accessibility of these backdoors make criminals look like geniuses, and the security mavens like Keystone Kops. Unless authorities can effectively police its entrances, cyberspace could go on to become a no-go zone. The risk is so high that most recently even the FBI also came under the attack from the cyber criminals; the attack exposed as much as 20,000 agency employees’ personal online records, and another 9,000 Department of Homeland Security employees were also affected. Back in 2004, the global cybersecurity market was worth $3.5 billion and expected to be worth more than $120 billion with the end of 2017. Hence, within such a short span of time the cybersecurity market grew as much as 35x. Still, many of the organizations today are hesitant to announce the increment of their cyber security budgets due to breaches they have already suffered, mainly due to the fears of reputational damage. Still organizations such as J.P Morgan Chase & Co has stated that it has doubled its annual budget for cyber security and Bank of America has announced that it has an unlimited cybersecurity budget. Tech giants such as Microsoft Corp has also announced that it will continue to invest more than $1 billion annually when it comes to cybersecurity and R&D. Spending industry experts are predicting that cybercrimes will continue to rise even further, and will cost businesses more than $6 trillion annually by 2021. While these threats certainly pose a significant challenge to IT professionals across sectors, the determination will only increase as technologies such as cognitive computing, big data analytics, and the IoT further develop and influence our increasingly connected world in unprecedented ways. Enterprises can do their part by sharing threat data and investing in solutions and infrastructures that are secure by design. As always, users should exhibit good password hygiene and avoid opening suspicious or unsolicited emails and attachments.
Kaustav Roy
Editor-in-Chief Pooja M. Bansal Senior Editor Ariana Lawrence Managing Editor Kaustav Roy Co-Editors David Smith Jacob Thomas Sourav Mukherjee Visualiser David King Art & Design Director Amol Kamble Co-designer Alex Noel Picture Editor Rahul Kavanekar Art Editor Shweta Shinde Business Development Manager Mike Thomas Nick Adams Marketing Manager William Business Development Executives Andy, David, Peter, Kevin, John, Brian Research Analyst Jennifer Circulation Manager Robert Database Management Steve Technology Consultant Swapnil Patil sales@insightssuccess.com
December 2017 Corporate Ofces: Insights Success Media Tech LLC 555 Metro Place North, Suite 100, Dublin, OH 43017, United States Phone - (614)-602-1754 Email: info@insightssuccess.com For Subscription: www.insightssuccess.com
Insights Success Media and Technology Pvt. Ltd. Ofce No. 513, 5th Floor, Rainbow Plaza, Shivar Chowk, Pimple Saudagar, Pune, Maharashtra 411017 Phone - India: 020-69400110, 111, 112 Email: info@insightssuccess.in For Subscription: www.insightssuccess.in
Copyright © 2017 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights success. Reprint rights remain solely with Insights Success. Printed and Published by Insights Success Media and Technology Pvt. Ltd.
COVER STORY
Whois API Inc.: The Expert in Domain Data
08 18
Info Network Controlling Possible Threats
22
Editor’s Perpective Educating Employees to Minimize the Risk of Cyber-Attacks
34
Threat O Care How to Minimize Cyber-Attacks on your Organization
42
Enterprize concern Traits to Posses the Best Enterprise Security
14
Expert’s Insight What GDPR forgates: The physical security
Executive Voice Managing Corporate Communications on Mobile Devices
28
Maven’s Mentorship IT and Communication Trends for Critical Infrastructure
40
CONTENTS certgate GmbH: Protecting Users Since Inception
20 onShore Security: Protecting the Freedom of Information by Revolutionizing Cyber Defense and Governance
Seceon: Detecting and Stopping Threats that Matter
32
38
Silent Circle: Securing Enterprise Communications in the Cyber-Espionage Era
26
ShadowDragon: Solving the Challenges of Modern Investigations
24
Tackling the Woes of Cyber Security
N
owadays people are becoming more and more dependent on Internet, where various commercial activities, various business transactions, and government services are comprehended. However, with more such usage, the world has seen a sharp rise in cybercrimes and information security issues. Unfortunately, the web has become a valuable vehicle for criminals to anonymously prey on victims through cyber breaches and corporate espionage. The dark web now provides platforms for nefarious businesses operations of all kinds from identity theft, to money laundering, to human trafficking. If that’s not all, Edward Snowdens’ latest leaks have pointed out that various intelligence agencies across the world were using Google, Yahoo, Microsoft, Facebook, Twitter, and various other global services to keep eyes on their users. Snowdens’ documents even revealed that, intelligence agencies hack their domestic and foreign companies to wiretap their users. So, the dire need for competent cybersecurity solution providers has made us to look for “The 10 Best Performing Cyber Security Solution Providers 2017”. On our cover page we have Whois API, which is a big data and API company that provides domain, whois, dns, ip, and threat intelligence data to a variety of industries. Further, we have certgate GmbH, one of the leading German based security solution providers, focused on mobile security products and solutions. OnShore Security, which is on a mission to protect the freedom of information by revolutionizing cyber defense and governance. Seceon, OTM provides a simple, fully automated approach to detecting and stopping the threats that matter. ShadowDragon, who develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies. Silent Circle, whose enterprise mobile privacy platform delivers flexible, modular, no-touch deployment with zero maintenance, hardware or additional manpower required. So, flip through the pages to more about cyber-crimes. Do not miss out articles viz, ‘Traits to Possess the Best Enterprise Security’, ‘Educating Employees to Minimize the Risk of Cyber-Attacks’, ‘Data Center Security: Controlling Possible Threats’, and ‘How to Minimize Cyber-Attacks On Your Organization’. Also, while flipping the pages please go through CXO Standpoints viz, What GDPR forgets: The physical security by Gisle M. Eckhoff, CEO of DigiPlex, Managing Corporate Communications on Mobile Devices by Andrew Silver, Co-founder, Tango Networks, IT and Communication Trends for Critical Infrastructure by Bobbi Harris, VP of Market Strategy & Development, Utilities Telecom Council.
X i pjt BQJJod/; Ui f Fyqf su jo Epn bjo Ebub
‘‘ ‘‘ P
erpetrators who commit cybercrime are in possession of abundant technical knowledge in the domain. To make matters grimmer is the fact that they are constantly evolving. Hence, with technology rapidly evolving, so is the nature of crime. These crimes are relatively old and will be in existence as long as computer related accessories and internet breathes freely in the society. It should come as no surprise that our unprepared society and the world, at large, finds it a lot difficult to combat against these booming crimes. To overcome these cybercrimes, Law enforcement agencies yield help from industry experts, such as Whois API Inc., which caters its resources & data to identify all the connected domains, websites and IP addresses associated with such fraudulent activities and the criminals involved in the same. Whois API Inc. is a big data and API company that provides domain, WHOIS, DNS, IP, and threat intelligence data to a wide-variety of industries. It serves its services from
large Fortune-500 companies to smallsized companies, which include cybersecurity companies, corporations within a cyber-security division, government agencies, domain registries & registrars, brand agents, marketing data warehouses, banks, financial institutions and many more.
Mathematics. I enjoy creating products that can satisfy a meaningful market demand and companies that have a viable business model.”- asserts Jonathan.
Mr. Zhang completed his four years Bachelors’ degree in Applied Mathematics and started his career in The Tech-savvy CEO the IT sector as a Software Engineer. Technology is rebranding our He devoted most of his time & skills in organizations & society, and one of the organizational growth, and always pillars of technical development started played an important and valuable role back in 2002 when Jonathan Zhang in any organization he worked for. completed his Degree from the With his resolute vision of providing Berkeley University of California. His services against cyber-related extensive experience in the software problems, he inscribed his footprints as industry has helped him in laying the a resourceful information provider to foundational steps of Whois API Inc. in organizations and various agencies 2010. Since then, he has been related to law, auditors and enterprise shouldering the responsibilities that businesses. come being the CEO of an expanding company. Tackling Against the Obstacles of Cybercrime “I run Whois API Inc, a leading To tackle cybercrimes at present and in provider in Whois API Webservice and future, the company is creating a realWhois Data. I graduated from time whois database and ensuring that University of California, Berkeley with the most up to date and accurate a bachelor degree in Applied information is provided to its
Long-term Relationship Bond History has witnessed the growth story of Whois API, due to which it attained 18th rank in the Top IT services by Inc.500 companies in 2017 and had recorded 1640% growth, cumulatively, in the last three years. The growth figure was possible due to its development-oriented technology results and with its client retention strategies. It is continuously striving hard to analyze and meet the requirements of its huge customer base by offering various planning options to meet their specific business needs. The company has been particularly active in engineering tools that gather domain Whois records, domain availability, reverse Whois, brand alert, registrant alert, bulk Whois, DNS lookup, and email verification. These steps help in serving the clients for a longer period of time and sharing a stronger bond with the clients.
The Future in Cyber Security Sector The cyber-security service sector will continue its phenomenal growth in the next 5-10 years and beyond. Right now, there are hundreds or even thousands of cyber-security companies. However, down the line, a consolidation will occur where only the big players will remain in the market. Seeking future, the company has also been collaborating with numerous cybercrime units and government agencies in identifying malicious websites, domain and IP addresses associated with fraudulent practices, credit card fraud, geographical locations of possible offenders, as well as fraud, hackings, and other online illicit activities. To cope up with these situations, the company is collecting data, which is unified, consistent, well parsed, and accurate, and providing it through realtime APIs, Database Downloads, and online tools. Thus, as long as it holds data advantage, it will also continue to hold solid-footprints over the market.
‘‘
‘‘
customers and clients. The Whois API body focuses on providing key data points for domains with the registered name, data related to organization, email addresses, registration addresses, registrar information, updated date, creation date, expiration date, domain availability, and domain age. Along with this, the Cyber Security researchers use Whois API’s services for investigating & curbing down cybercrime. Cyber Security & antimalware solution provider use Whois API information data to detect spams, malicious websites, intrusions, and other online misbehaviors. It also provides data to its competitors, and these strategies go a long way in serving its Fortune-500 customers in the best possible way.
Continuing its Expansion Down the Road Dedicated efforts are being deployed in data development for the company's customer base which includes cybercrime units, government agencies, registrars, domain resellers, marketing researchers and others. It (what) continuously strives hard to understand and meet the demand of its huge customer base by offering various planning options to meet their specific business needs. The company is striving to be at its best in monitoring and researching of domains. Its unique and innovative tools will allow its customers to monitor, research, uncover and protect everything related
‘‘
This is just the start of a long and fruitful journey. With our comprehensive Whois products and services, government agencies & cyber security solution providers can trust the data provided by WhoisXmlApi for threat prevention & investigation!
‘‘
While talking about threats, the organization believes internal threats are much more successful due to the access to the data.As an insider, it is likely to have the sensitive material or data available to them on a daily basis without question. An attack from the inside is also more difficult to detect, because it’s not always flagged as Securing Devices According to Whois API, there are few security breach and goes unnoticed. simple steps needed to be followed in Attacks from the outside usually require intense hacking and firewall order to keep a mobile device safe. Keeping the operating system and apps breaching, while insiders already have access to the threatened data. Another updated is super simple and usually internal threat is simply accidental automatic. These updates are often release or leaking of sensitive made by the vendors to block vulnerabilities found. Mobile devices information, with no malicious intent. also come with built-in security Establishing an Organization-Wide features that should be utilized. Awareness Campaign Reviewing app permissions is a huge Whois API (It will be better if you use step to keeping a device secure, as CEO's name) believes, employee hackers will often try to sneak in awareness training is extremely unneeded permissions when an app important in order to keep an installs. The device should be locked with a passcode, password, fingerprint organization safe and secure from outside attacks. According to (which) or some other sort of access code to allow only the authorized user access. research, 61 percent of organizations Users should always avoid connecting are often exposed to malware or devices to unsecured Wi-Fi networks, viruses due to employee ignorance. Most of the employees are often likely as using an unsecured network opens up devices to others who are utilizing to open an email from someone they don't know due to the nature of their the same network. to a domain name and cyber-security. Hence, by providing excellent support and taking acute feedback concerning the clients’ needs, Whois API will be able to help in providing the bestcustomized solution to its clients in the near future.
jobs or because they often open emails from people they don't know for business purposes, and are therefore easier to trick into clicking a bad link or opening a damaging attachment. Various studies have shown that traditional training techniques won’t have a lasting effect on employee awareness. It’s something that continually needs to be reinforced and put in the forefront of their minds. The behavior needs to be taught over a long period of time, it isn’t just a one and done kind of thing. Employee awareness should start during the onboarding process for all new employees, and continue throughout their career with the company. Regular testing to reinforce the proper reaction to suspicious emails may be necessary. The (CEO) organization also added that, there’s no need of over-educating employees with too much information about threats. Companies should teach them exactly what they need to know and what they need to be watchful for, which is enough. Additionally, rewarding employees, who effectively find malicious emails or similar is a great technique to reinforce the instinct to be watchful.
SUBSCRIBE
READ IT FIRST
TODAY Never Miss an
Issue
Yes I would like to subscribe to Insights Success Magazine.
Global Subscription 1 Year.......... (12 Issues) .... $250.00
6 Months ..... (06 Issues) ..... $130.00
3 Months ... (03 Issues) ....
1 Month ...... (01 Issue) .....
$70.00
$25.00
Date :
Name : Address :
Telephone : Email :
City :
State :
Zip :
Country :
Check should be drawn in favor of : INSIGHTS SUCCESS MEDIA TECH LLC
CORPORATE OFFICE Insights Success Media Tech LLC 555 Metro Place North, Suite 100, Dublin, OH 43017, United States Phone - (614)-602-1754,(302)-319-9947 Email: info@insightssuccess.com For Subscription : www.insightssuccess.com
Company Name
Management
Brief
Atende Software www.atendesoftware.pl
Paweł Pisarczyk President
Atende Software develops software and use it to create products and services. We build our Capital Group, which focuses on developing innovative technology.
Aurionpro Solutions www.aurionpro.com
Samir Shah CEO
Aurionpro is a leading technology products and solutions provider that helps enterprises to accelarate digital innovation, securely and effeciently.
CDNetworks www.cdnetworks.com
Andrew Koo President & CEO
CDNetwork's content delivery network supports its customers' success by making their websites and applications secure, reliable, scalable, compliant with local regulations and high-performing. .
Certgate GmbH www.certgate.com
Jan C. Wendenburg CEO
certgate is one of the leading German based security solution providers, focused on mobile security products and solutions.
DERMALOG Identification Systems GmbH www.dermalog.com
Gunther Mull CEO
As a pioneer in the development of biometric products and solutions, DERMALOG has been shaping the world of security for more than 20 years.
onShore Security www.onshore.com
Stelios Valavanis Founder & CEO
Founded in 1991, onShore Security is a leading provider of managed cyber-security services.
Seceon www.seceon.com
Chandra Pandey Founder & CEO
Seceon OTM provides a simple, fully automated approach to detecting and stopping the threats that matter.
ShadowDragon www.shadowdragon.io
Daniel Clemens Founder & CEO
ShadowDragon develops digital tools that simplify the complexities of modern investigations that involve multiple online environments and technologies.
Silent Circle www.silentcircle.com
Gregg Smith CEO
Silent Circle Enterprise mobile privacy platform delivers flexible, modular, no-touch deployment with zero maintenance, hardware or additional manpower required.
Whois API www.whoisxmlapi.com
Jonathan Zhang CEO
Whois API Inc. is a big data and API company that provides domain, whois, dns, ip, and threat intelligence data to a variety of industries.
WHAT
GDPR
THE
FORGETS:
PHYSICAL SECURITY he EU’s GDPR legislature will have consequences for every company doing business in Europe, including American companies. The new directive promises sizeable fines to anyone that does not take personal data seriously. Meanwhile, the data center company DigiPlex urges companies to focus on another important aspect: physical security.
T
-Data security is not just about protecting yourself against hacking and other digital threats. The overall security critically depends on where your data is stored. Companies who actively select a secure data centre to host their data will gain a competitive advantage in the market as the management of personal information is in the spotlight, says Eckhoff.
The General Data Protection Regulation’s (GDPR) purpose is to harmonize legislation related to personal information across the EU’s member states. It does however also create radical challenges for American businesses holding information on EU customers. Come May 2018, when the legislation enters into force, companies will have publicly disclosed how the data is used, in addition to offering transparency for individuals seeking access to their data. The GDPR includes a sanction mechanism, and the fines for non-compliance can reach 4 percent of a company’s annual revenue.
Physical security is forgotten
-Business will obviously change for everyone not taking personal information seriously. This will clearly raise awareness regarding how the data is secured, but it’s also vital not to forget where the information is located, says DigiPlex CEO, Gisle M. Eckhoff. Moving data to safety American computer security company, McAfee, published a study of over 800 company leaders from different sectors. The report reveals that 50 percent of the respondents state that they would like to move their data to a more secure location. A motivating factor is the new EU legislation. The report also reveals that 74 percent of the business leaders specified that they thought protecting the data correctly would attract new customers.
14
While EU-based companies are in the process of adapting to the GDPR, Gartner predicted only 50 percent of American firms will be ready for the strict regulation by the end of 2018. It’s primarily the largest companies and public enterprises that are furthest along in the process of adaptation. According to Eckhoff, they are usually the ones that are the most concerned with data security and where it is stored. Fire and operational safety are two obvious challenges, but physical security also includes securing yourself against theft. -Several smaller businesses and organizations keep their data servers at their offices, and the physical security in many of the smaller data centers is almost absent. If your data is stored in such a data center, where someone easily could break in and physically remove the hardware containing your information, then you are very vulnerable – both operationally and in relation to GDPR At DigiPlex’s data centers, several layers of security ensure the safety of the data and the personal information that is stored there. Physical security is one of the most complicated and expensive features when building or updating a data center. That is why newly established data centers have to reach critical mass, allowing them to store enough data to compensate for the large security investment.
| December 2017 |
Expert’s Insights
About The Author Gisle M. Eckhoff joined DigiPlex in August 2014 as Chief Executive Ofcer. He brings nearly thirty years’ experience in senior positions in the IT industry in the US, Sweden, UK and Denmark as well as at home in Norway. Gisle is the former Senior Vice President and Managing Director of CGI’s operation in Norway, and has also held a number of senior management roles at both country and regional levels in CSC Computer Sciences Corporation. The experience and knowledge gained from heading up the Financial Services vertical in the Nordic region, before becoming Vice President and Managing Director of CSC in both Norway and Sweden, is of great value when implementing DigiPlex’ growth strategy in the Nordic markets. Gisle holds a Degree in Business Administration from the Norwegian School of Management.
Adapting to GDPR One consideration to take, as we are getting closer to the implementation date of GDPR, is where your data center should be located. Several US based companies are already relocating their centers to the EU in order to comply. Multiple database providers are helping non-EU companies organize and segregate EU data from other personal information. The data center industry is well established in Europe, and some of the most cost and climate efficient centers are located in the Nordic countries.
cooled down solely by electricity. Additionally, the electricity that is required by data centers to run their operations is supplied through easy access to affordable renewable energy. -In recent years, we have seen political turbulence in larger parts of the world, Europe included. The stabile political environment in the Nordic countries is also a climate to consider, as the establishment of data centers is a long-term investment, says Eckhoff.
In the Nordics, the cool climate helps chill down vast amounts of hardware that otherwise would have been
| December 2017 |
15
DATA CENTER SECURITY: T
he rise in cyber-crimes is one of the main causes of Data center outages. As per the recent survey conducted by industry insiders, cyber-crime caused 22 percent data center outages in 2015 opposed to 2 percent outages in 2010. Adding to all these, now most of the data centers are re-evaluating their security policies after the recent WannaCry ransomware attack. Data center outages cause companies to loss revenue in many ways. However, the costliest loss is service interruption and loss of IT productivity. So, the organizations are now realizing that traditional security is no longer secure enough to secure any data center. A recent study has found that 83 percent of traffic travels east/west within the data center, which stays undetected by the perimeter security. In this environment, when an attacker infiltrates the perimeter firewall, then can jump across the system with ease, extract information and compromise valuable data. Additionally, data centers can fail due to trespassers or a terrorist attack or by natural calamities. So, how can one secure a data center in the best way possible from any kind of cyber threat? Don’t worry we’ve got you covered, with the points below. As the first step, one should Map the Data Center and flag the hackers within the virtual and physical infrastructure. The CSOs and CIOs with a system map of their systems can react to any suspicious activity and take steps to stop data breaches. Being able to visualize different traffic patterns within a network helps to understand threats, that eventually elevates the level of security. Understanding and measurement of traffic flow within the data center boundary are very important. In the case of any interruption in traffic across east/west vs north/south, protected vs unprotected one can get to know about a threat.
18
Additionally, vulnerable zones and unprotected traffic need to be monitored for a better result. Firewall rules need to be defined and implemented as per requirements. Additionally, one should allow traffic only after thorough verification and selectively allow communication to ensure maximum protection. The key is to identify, what;s legal and secured and what can be blocked to enhance security. One needs to Build a Team with executives who understand how traffic flows within the premises and can access & secure information, take necessary measures to secure important assets along with the implementation of roadblocks for the attackers. Security must move as fast as a data center’s technology adoption and integration. Security Strategy Should Change Alongside the Technology and it should not be treated as an add-on option. Additionally, businesses also should ensure that their virus protection, signatures other protection features are up to date for better protection. Businesses should Identify and Place Controls over highvalue assets, which will help to reduce risk. However, older security solutions are completely blind to new threats, new security companies have produced latest solutions that protect data in the virtual world.
| December 2017 |
Info Network
Possible Threats Access Restriction also needs to be imposed. Every business should thoroughly check a person’s background before giving the access to a prized possession. Access to the main site and the loading bay must be limited, additionally, two-factor authentications and fortified interiors with security guards and roving patrols would help to safeguard the employees and the data center. Installing Surveillance Cameras around the data center, alongside removing signs which may provide clues to its function helps to locate an intruder. A buffer zone between the data center and all the entry points will limit unlawful trespassing to a great extent. Additionally, the data center needs to be far away from the main road and it should not have any windows other than administrative purposes for better security. A data center should Check Test Back-Up Systems regularly as prescribed by the manufacturer. It should also ensure to make a list and of Do’s and Don’ts in the event of an attack. Recovery plans and security plans also need to be checked thoroughly. Data centers are always a Soft Target for The Terrorists, as an attack on them can disrupt and damage major business and communication infrastructure. So, security needs to be taken seriously and to do that proactive steps should be taken to limit the impact of a terrorist attack. Trained Security Guards needs to be posted inside a data center and they should be well trained. Security officers must undergo strict site-specific training to monitor surveillance footage. Depending on the size of data center and the number of security cameras multiple security officers may be required on duty. Security officers dedicated to inspecting surveillance footage helps when it comes to securing a data center. Disaster Recovery is very much important, that must be in place. If the data center stops functioning after an attack or natural calamity, it must have a way to restore operations as soon as possible. To be ready for a disaster and to evaluate the disaster recovery plan, it’s necessary to train staffs well and experience simulated disasters. To avoid these obstacles, one needs a fair bit of knowledge of new security systems, solid plans, and comprehensive visibility. The more work a data center can do up front in the above-mentioned areas the better the chances of success with lesser outages.
| December 2017 |
19
We protect your mobile communication. Whether text, voice or email, with our
certgate GmbH: Protecting Users Since Inception
W
ith the growing usage of smart phones and internet, privacy has become a thing of past. Nowadays, most of the mobile service providers and the internet service providers store all the critical data of a user for at least six months, up to two years, which they can keep it forever. Analyzing this data maps society behavior patterns, creates a blueprint of social communications. It is possible to detect communication hubs, define who is more important and switch off communication leaders. It questions the very basic terms of freedom and privacy.
easy-to-use apps and services you are well equipped for global competition
Jan C. Wendenburg CEO
However, that’s not all Edward Snowdens’ latest leaks was about, it even pointed out that the US Intelligence agencies were using Google, Yahoo, Microsoft, Facebook, Twitter and other popular global services to keep an eye on the users. Snowdens’ documents even revealed that the intelligence agencies hack their domestic and foreign companies in order to wiretap their users. Adding to the government agencies, there are also a few private organizations that specializes on extremely sophisticated surveillance techniques. They collect and analyze data about their target from different sources i.e., mobile phones, social media, personal computers, communication contacts of their contacts, web cameras, mobile cameras, and so on.
20
| December 2017 |
To keep users safe from various kinds of privacy and security breach, Germany based security solution provider certgate GmbH came into the fray. The organization is completely focused on mobile security products and solutions, with offices in Nuremberg (near Munich), Hannover and Dusseldorf, certgate is owned by the largest private equity company in Germany and the management. The company’s offering is twofold and works hand in hand. First, certgate APPs secure corporate mobile communication with regards to End2End encrypted voice, chat and email. Its solutions protect data at flexible security levels, from software based to hardware protected 2-factor authentication and encryption. Secondly, certgates’ wireless smart cards enable organizations to expand proven desktop security into mobile platforms. The company’s solutions integrate with global mobile device management solutions and improve protection for enterprise mobile data on travel and on rest. A Veteran Leader Jan C. Wendenburg is the CEO of certgate GmbH. At certgate, Jan is currently advancing the further development of the “Mobile IT Security solution provider,” with patented and new concepts and technologies for improving mobile security for companies and authorities. Throughout his career Jan has worked in the IT industry. While serving for IBM, he was responsible for worldwide customers, Germany’s largest systems integrator, in multiple locations and for hundreds of millions of sales. Jan then actively changed as managing director to an international IT company. Afterwards, he led the
| December 2017 |
transformation of the company into an international venture capital fund with offices in Berlin, Hong Kong and Los Angeles.
to receive feedback on current products and future concepts.
When the Success is Based on Restless, and Paranoid Approach certgates’ success is completely based During this time, he founded on a restless, paranoid approach in AuthentiDate International AG in order to combine maximum security Dusseldorf, which was the first German accredited certification service with minimum user impact. The for time stamps and leading IT security company is now working intensively with its partners and clients, no matter specialist. In 2005, AuthentiDate was the platform, geography, or language. awarded the highest prize for IT security pioneering work in Germany. certgate believes that within IT However in 2011, he sold the organization to exceet Group S.E. and security, there are a few major trends, supported them on their successful IPO which are important to watch: • Everyone and everything goes on the Frankfurt Stock Exchange. mobile. • Users request simple user interfaces. Standing out Amongst the Crowd • Consumerization is key. and Maintaining Long-term • IT security should have no user Relations with Clients impact. certgate has been a long-term IT • IT attacks will increase dramatically. security innovator. Its patented and • Artificial intelligence automation will unique mobile security products and put almost any software based solutions provide maximum security at security concept at high risk. minimum user impact. In general, software-based mobile security However, certgate is very well solutions rely on the safety of prepared to drive, follow and comply underlying operating systems. In case with these trends. While the first trends one encrypts the confidential data and stores the key on a vulnerable device are short to medium term – the last one or Operating System all the data “artificial intelligence” (AI) will have possesses a massive threat. certgate the biggest impact. AI will be the most comes to the rescue by letting its dangerous one with regards that clients store their valuable keys hackers will use AI to find wirelessly on global certified secure vulnerabilities and completely new elements. The company truly protects ways to invade infrastructures and its clients’ mobile data, mails, chat and gather user keys and credentials. voice communication. This works certgates’ solutions combine high mostly independent of the security of security with consumerization and the operating system, i.e. Apple/iOS, include the option to use proven, Android, Windows, MacOS or Linux. certified secure elements. They are perfectly protected against new According to certgate GmbH, IT weapons and attacks, which might security is a matter of trust and the core arise in future. fundament of all its clients and partner relationships. The organization includes all its clients and partners into the product roadmap plan discussions
21
Educating Employees to Minimize the Risk of
Cyber-Attacks
D
uring 480 B.C., in The Battle of Thermopylae, merely three hundred Spartans held off a huge Persian army. However, in reality Spartans were not alone in the battle, alongside them fought Athenians, Thebes and other Greek forces. Until the last day Greeks had a force of around seven to eight thousand soldiers at the battle ground. The key differentiator in the battle was that, Spartans were already professional soldiers, whereas the Greeks were not professional soldiers and they fought in the army while called upon. Cut to modern days, the world is now completely dependent on internet, and it posses a massive threat from a modern-day nuisance which is called Cyber Attacks. The worst part is, sadly the users are not Spartan warriors, instead most of them are working professionals or casual users. These professionals are not at all security geeks, most of them don’t understand what cyber security is, and for that we can’t blame them either as their jobs aren't focused on information and cybersecurity. So, in order to be safe in the bad world of cyber attacks and breaches, one just can not develop a single cyber security program and claim that his staff is well-trained to tackle the security breaches. In real world, not everyone is a Spartan warrior, so one needs to educate his employees and start awareness programs that will eventually help to educate users to be safe from security breaches.
22
| December 2017 |
Editos’s Perspective
Already confused? Don’t be, we are here with few steps that can eventually help to ensure safety in the risky cyber world. An organization might interact with several vendors, which can involve various purposes. So, the first step towards safety is to determine which members would be of highest-impact to the organization in case of a breach. Additionally, it is also important to consider what type of data the vendor is handling, which can be anything from cardholder data to protected health information. One always need to reinforce messages through policy, internal videos, in staff meetings and other sources that works in the environment. In order to create an awareness program, one must understand that awareness is a process and it always takes time. Lastly one must Set the expectation that the elements of the awareness program will be updated, and repeated on a regular basis. Another blunder most of the internet users commit is using same password for multiple services. Same passwords always tend to leave the entire digital life at a stake and vulnerable to breaches. As if one hacker has got the hold of a single password, then he can access all the accounts of the user. Nowadays hand-held devices like cell phones and tablets have become a necessity and many of the employees use them for official purpose. However, the user should always be extra careful while installing new apps in the phone or tablet as this is one of the most-easy ways in which malicious apps can gain access to the personal information of a user. An app can always ask for a big list of permission in order to function, but it's important to be aware of what types of information the app is accessing for better safety. Always be aware of phishing scams. When it comes to phishing scams, cyber criminals design a website or email-id to steal sensitive data. Most of the time the attacker installs malicious software onto the user's pc. The worst part is, one can barely differentiate these websites or email from the genuine ones. However, phishing scams are quite easy to spot, but for that one must know what to look out for. Companies must also tell their employees to avoid logging into any of their important accounts from public computers or public networks. A public pc or a network is open to all the users, which eventually leaves many security holes in them. However, sometimes people might not have the access to a private pc or a network, so in that case the user must delete the browser history once done and only log into a network after making sure that it is completely safe. Applying necessary software updates are very critical nowadays. Tech giants like Microsoft, Google, Apple, etc. releases bug fixes, security patches in their recent updates. These fixes mostly help users to be secured in the risky world of web. Above all these key points, one must remember that one must train his employees such a manner that it eventually increases the staff's ability to make much more secured decisions that to consciously. Employers must remember that they are not making any cyber security experts, for that role the company already has specialized geeks. They only need employees who are good and has the enough presence of mind so that they can help to protect the organization. So, here are few points from us that can eventually help you to minimize risks of cyber-attacks which can wreak havoc in your organization.
| December 2017 |
23
onShore Security: Protecting the Freedom of Information by Revolutionizing Cyber Defense and Governance
We want to bring the full freedom of the Internet to all
W
ith a dedicated mission to protect the freedom of information by revolutionizing cyber defense and governance, onShore Security came into existence in 1991. Initially incepted as network consultants and software developers, onShore launched managed cyber-security in 1998 with a purpose to provide freedom via security. Being the leading provider of managed cyber-security, the company believes that cyber-security requires a well-developed process with a 24x7 analysis of network and application data throughout an enterprise to inform policy; onShore calls it Panoptic Cyberdefense.
Stelios Valavanis Founder and CEO
The core of what onShore Security does is its Panoptic Cyberdefense Security Operations Center. The company collects data throughout the network and hosts, which it analyzes on an ongoing basis. This is done to look for threats, anomalies, and compliance to inform policy and evaluate security posture. onShore also provides Cyber-security Leadership services such as virtual CISO and CISO mentoring. Path Breaking Services Most of its competitors in the cyber security space use off the shelf solutions, however onShore uses what it likes off the shelf but most of it runs on its own platform, developing integrations and customizations geared towards empowering analysts rather than simply automation. Eventually, the client receives high visibility and a rich understanding of their security posture. The company offers four services related to security, they are as follows:
24
| December 2017 |
Ÿ
Panoptic Cyberdefense SOC
It is a cyber-security professional service involving high-level consulting, monitoring, data collection, analysis, security management, and reporting. onShore typically serves regulated industries and enterprises with complex networks with its 24hours cyber-security response feature. It integrates its solution with its clients IT organization, thereby increasing security visibility, providing reporting for management and regulators, and inform policy. With cyber-attacks now often becoming multi-vector, multiexploitive, and 55% of them beginning with social engineering, onShore is using a holistic approach to tackle the same. In this post-Sony era, every single network is vulnerable both from inside and out. During onShore’s twomonth onboarding process, it heavily tunes its sensors to establish a baseline of its clients’ network with hundreds of parameters matched against characteristics of client policies, risk appetite, and regulatory compliance. Ÿ
Cyber-security Leadership
It is a cyber-security professional service provided by onShore security involving CISCO responsibility, augmentation, and direction. onShore CISCO leadership serves clients and satisfies regulatory requirements at a fraction of the cost. The core function of CISCO is to report on a company’s cyber-security program, at least annually to the Board of Directors, including the effectiveness of the program or any material events that were addressed during the time period. Ÿ
service involving a suit of tests and assessments to determine cybersecurity posture. Cyber-security Insurance
reporting for our clients making it easier for them to present to their board of directors,” exclaims Stelios.
Cyber-security Insurance is Cyber Liability Insurance Coverage underwritten by the Lloyds of London. onShore Security has engaged with the best in cyber liability insurance market to provide a comprehensive Breach Response.
It truly infuriates onShore Security to see cybercrime creating a sense of fear and slowing down the innovative force i.e., The Internet. The company envisions bringing full freedom of the Internet to everyone. It is via security that this vision could be fulfilled; hence justifying the company’s tagline "Because Security Gives Us Freedom.”
The Farsighted Leader
Picture of the Future
An investor in several early stage companies, Stelios Valavanis is the Founder and CEO of onShore Security. Graduating from the University of Chicago in 1988 with a Bachelor’s degree in Physics, Stelios held various technical positions back there. Currently, he serves on the board of ACLU of Illinois and advisory boards and committees for several other organizations and companies.
onShore Security deeply believes that security is a process, not any other product. Slowly, many more enterprises will begin to outsource their security operation center, once they realize that security is more than a technical process; it is a business process. As enterprises recognize the need to answer outside of IT, onShore stands ready with all its available technical tools and the right governance, which it garnered in the banking space.
Ÿ
Stelios business and technical prowess revolves around network and security, designing internet security for trading firms in the 90s and building a managed security company with an emphasis on banking. He is a big advocate of open source software and its contribution to the internet security industry.
Moving forward, onShore is looking to utilize small and cheap sensors to capture more and more distributed data for mass correlation, with core and edge network data ad to give much more powerful tools to its engineers, like heuristics threat detection.
onShore and its Satisfied Clients “We are always improving our offering and providing additional value. We also customize data collection and
Cyber-security Assay
This is a cyber-security professional
| December 2017 |
25
Seceon is a leading solution when it
Seceon: Detecting and Stopping Threats that Matter
comes to cybersecurity, and we continue to prove this to our clients by allowing them to feel secure and by enabling them to focus their attention on successfully running their respective
C
yber security has now become one of the most discussed things in the digital universe. Despite investing vast amounts of resources on cyber security solutions, data breaches are increasing every day, and the traditional methods to solve these breaches are flawed, requiring people to use a variety of complex tools to identify and stop threats. The problem with this approach is that 95% of attacks exfiltrate or corrupt data within just a few hours of a breach, which gives hardly enough time for experts to react. An advanced cyber-security threat management startup, Seceon, recognized this flaw and developed an innovative disruptive solution by establishing an approach that deploys analysis of all traffic, logs, flows, identity data and processes in and out of the network and correlates them nearsimultaneously with behavioral analytics. The company recognizes threats, zero-day exploits and policies to surface threats and propose responses in near record real-time. Moreover, the security measures can be deployed within a few shorts hours in any size organization with little to no cybersecurity expertise required of enterprise or service provider staff.
businesses Chandra Pandey Founder & CEO
A Proven Undisputed Business Leader Chandra Pandey is the Founder and CEO of Seceon. He is an expert in data center architecture and highly scalable network solutions, and a proven business leader with experience of more than twenty years in developing and marketing innovative technology solutions. Before founding Seceon, Chandra served BTI Systems as a General Manager and Vice President of Platform Solutions for a brief period. He led a global team through the creation, development and launch of the Intelligent Secure Cloud Connect platform to more than 20 Web 2.0─focused customer deployments in less than 18 months. Additionally, Chandra has held senior leadership roles at companies like Juniper
26
| December 2017 |
Networks, Internet Photonics (Ciena), Lucent and 3Com (HP). While serving Juniper, he led the worldwide Solutions Architecture & Engineering teams and was also responsible for delivering integrated security solutions for Juniper’s enterprise, service provider, managed service organization and major OEM partners, driving billions of dollars in revenue for the company. Chandra is an inspirational leader, who is always empowering his team to take on the continually evolving cybersecurity challenges that businesses face nowadays and in the process created a new market category. As the CEO of Seceon, Chandra works closely with customers to define and address the problems, implications, and solutions of defending corporate assets in today's highly-connected enterprise. A Different Cyber Security Solution Provider When it comes to tackling competition, Seceon’s strategy is to differentiate itself from others. Seceon’s Open Threat Management (OTM) platform provides the industry’s first and only fully-automated threat detection and remediation software platform. The platform helps customers detect threats as they happen and enables them to take immediate automated action on all those threats. Seceon’s unique platform is also capable of handling millions of inputs from logs and flows and correlates all those together into actionable alerts that can be put into action automatically or manually. Thanks to its ability to scale at speed, the platform can process data in real time, ingesting and running threat models through DRAM; updating and activating these models within minutes through advanced correlation with intelligent application of machine learning—and therefore “see” how systems talk to each other. This capability allows the system to look for anomalies and correlate them to get full view while minimizing false
| December 2017 |
positives and then triggers easy to understand alerts with associated appropriate actions for elimination and remediation. On the other hand, Seceon’s competitors take a linear approach into ingesting and analyzing data. Seceon’s in-memory, fast analytics processing enables a more global approach; ingesting and analyzing data in realtime while correlating with information about existing threats or zero-day exploits to deliver prioritized threat alerts to IT analysts on staff or with an MSSP. According to the organization, there's no other company in the market that can automatically provide threat alerts and immediate, automated remediation without any human intervention, thereby dramatically speeding up the time it takes to identify and stop an attack and prevent data loss with financial implications.
motivated and make a difference. Another factor in Seceon’s success is the strength of its leadership team members, who have decades of diverse experience. The massive experience allows Seceon to move in the right direction and to be prepared for the future. The organization’s leadership coupled with its mission of empowering customers, drives Seceon to be successful. Lastly, the organization attributes all its success to its approach in the industry. Seceon’s approach and platform is completely different and unique from anything else in the market, which will eventually allow the company to separate itself from the rest.
Preparing for the Future Seceon believes that cybersecurity is one of the most prominent issues and concerns for organizations of all sizes, and for their customers as well. Empowering Enterprises to Detect Businesses are challenged to address and Stop Cyber Attacks this issue by finding automated, The company’s main mission and affordable, fast and effective vision is empowering all its clients to enterprise-class cybersecurity solutions detect and stop all existing and new that don’t require extensive and cyber threats. Seceon wants all of its resource intensive human intervention clients, regardless of their size or depth to analyze, detect, respond to, of technical talent, to have access to its remediate and report threats before technology in order to protect critical they cause extensive damage and loss. data from loss or damage. Seceon’s mission is as focused on creating and However, the good news is Seceon is continuing long-term relationships well-equipped to address these issues with its clients as it is about and empowers enterprises of any size empowering and protecting them. to have comprehensive cybersecurity solution for a digital era. With 12 Each quarter the organization launches patents pending, the platform a major release with improvement to automates data collection, analysis, and the organization’s platform in order to correlation with behaviors and threat meet growing needs of clients. models using machine learning for real-time detection and remediation. When the Culture and Leadership Finally, it provides companies with Team are the Two Biggest Factors proverbial virtual security analyst, One of the biggest factors that can be regardless of environment or attributed to Seceon’s success is the technology experience. Seceon OTM culture of the company. Seceon’s Platform can see and stop all threats culture is one of passion for work and proactively without any human constantly striving to improve. This intervention. culture is embodied by its team of employees, and allows them to be
27
28
| December 2017 |
Maven’s Mentorship
| December 2017 |
29
ShadowDragon: Solving the Challenges of Modern Investigations
T
oday, the internet is ubiquitous. It has revolutionized businesses and communications. It has also revolutionized crime. Unfortunately, the web has become a valuable vehicle for criminals to anonymously prey on victims though cyber breaches and corporate espionage. The dark web now provides platforms for nefarious businesses operations of all kinds from identity theft, to money laundering, to human trafficking. Cybercrime has been around for decades, but in 2010 there was a sharp rise in different attacks leveraging the Internet. It was around that time that Daniel Clemens began to get requests for his security consulting company -- Packet Ninjas -- to investigate malicious online activity. This was before the term “Threat Intelligence” was coined. There were no tools available to easily do this type of research. It all had to be done manually.
Our tools were developed to simplify the complexities of modern online investigations, making it easier for in-house teams to generate highly relevant, operationalized and actionable intelligence
Daniel Clemens Founder and CEO
To help his clients, Daniel and his team created a tool – a rudimentary version of today’s SocialNet -- to map social media alias’ and identities associated with malicious cyber activities. As new research demands arose over the next few years, he created other tools -- OIMonitor, Spotter and AliasDB. In 2014, with the addition of MalNet, he had created five tools to investigate criminal activity online or online communications. The next year, Daniel founded ShadowDragon to license these five solutions to customers. The goal -- empower in house teams with tools that enable the easy and safe collection, correlation and verification of diverse artifacts on the open, deep and dark web. Today, ShadowDragon solutions are used globally by U.S-based and international law enforcement, government, military and intelligence organizations, and Fortune 50 companies. Digital Tools Designed by Investigators, For Investigators The grassroots origin of ShadowDragon solutions set a course for them to become a suite of tools that uniquely support the needs of modern investigators. They are fairly simple to use for the non-
32
| December 2017 |
technical. And, they are geared toward helping in-house teams understand their cyber situational awareness by determining if they are a target, the identity of their adversaries and the adversary’s tools, tactics and history.
Ÿ OIMonitor – Performs live searches
Ÿ
Ÿ
Ÿ
Ÿ
on open, deep and dark web, and the darknet. Investigators choose data sources and define alerts to automate intelligence gathering, and eliminate the need to manually identify trends and correlate threat. SocialNet – Performs live searches and visualizes social media connections to uncover identities, correlations, networks of associates and available geographical information in just minutes. SocialNet can be invaluable for both cyber or physical criminal investigations and social media forensics. MalNet - Enables users to query, correlate and visualize Proofpoint ET in near real-time for malware investigations and incident response. MalNet helps identify and visualize malware connections and infrastructures in just seconds to expedite investigations, response, and malware protection. AliasDB - Historical database of 70,000 confirmed threat actors, 8,000 aliases and correlation of known associates that can be accessed through a customized interface that can be used for research and documentation. The AliasDB interface enables editing of profiles for customized updates. Spotter - Helps investigators gather key intelligence to move an investigation forward. Spotter works by allowing users to engage incognito with a target via a website redirect that tracks the technical aspects of the interaction.
How a Cyber Security Expert Became a Leader Daniel Clemens is the Founder and CEO of ShadowDragon. Daniel is a cyber security expert, entrepreneur, and
| December 2017 |
business leader who has dedicated his career in solving complex cybercrimes. Till date, he has assisted governments and businesses of U.S, Latin America, Asia, and the Middle East to solve complex cyber crimes ranging from money laundering to corporate espionage to large scale cyber security breaches. Daniel possesses extensive hands-on experience in both offensive and defensive security tactics as well as a deep understanding to worldwide threats. He has also provided security briefings to the FBI, Department of Homeland Security, the Department of Defense former presidential candidates and members of Congress. During his career Daniel has aided in the identification and apprehension of hackers, terrorists, human traffickers, and members of organized crime. Never loosing his passion for research, he also founded two companies – Packet Ninjas, a cyber security consulting company, and Shadow Dragon. Tackling the Competition “Marketing strategy can be made into a multi-dimensional and complex topic, but when you strip all those complexities away its very simple. Deliver what your clients need, do it with excellence, and do it better than the competition,” added Daniel Clemens.
company started selling its tools. Preparing for the Future According to industry analyst reports, the expenditure on threat intelligence services and solutions will eventually increase, and will become integral with security strategy. However, as this is a new category, ShadowDragon has found some confusion and misunderstanding about how threat intelligence tools can be smoothly integrated into security operations and generate relevant and actionable information. For this reason, the company has started to offer training courses to up the level of understanding and expertise among professionals on the front lines who are not always knighted with a title containing “cyber.” And, ShadowDragon also seeks to help those that do have a cyber focus to adeptly use information that is generated to forward a forensically sound investigative process. With the growing number of sophisticated data breaches or inside threats, more and more companies will need intelligence on who was behind the threat, the impact on long term business perspectives on capital investments, and alternative strategic tactics to disrupt/counter the humans behind the security issue.
ShadowDragon’s tools uniquely augment team investigative capabilities in support of BOTH physical and cyber In order to accomplish this, cases. They simplify online research ShadowDragon always listens making it easier and faster to source carefully to its customers and makes their own very relevant intelligence. sure to address client needs. Daniel Analysts and investigators like these believes that “perfection can be a tools because they can drive quick roadblock to progress”, so his team results through real-time drill down of focuses on pursuing excellence, investigation clues. It’s a faster, less instead, by imbuing his team with the confidence that they can solve any hard costly and more proactive approach. problem if they do their best. By focusing on these two things – customer needs and delivering with excellence – ShadowDragon has grown and succeeded organically since the
33
C
yber security plays a massive role in today’s tech savvy world. According to industry insiders, average cost of data breach for various companies has increased from $3.8 million to $4 million recently. Most of the companies today have embraced open source for infrastructure software; additionally they have also embraced cloud storage. Both of these comes with their own blend of positives and negetives. Like if a data centre gets attacked or fails then it could be deadly for a company, and most of the open source softwares are vulnerable to cyber attacks which posses a massive threat. So, here we are listing out some of the cyber security threats and their potential solutions, that can change the cyber world.
DDoS Attacks Targeted On Internet of Things Devices As per recent trend, cybercriminals have got all out to target various IoT devices, that includes survellience cameras, security systems, electronic appliances, cars, commercial enviornments, vending machines, robots in various
34
| December 2017 |
Threat O Care
manufacturing plants etc. There are more than 12 billion IoT devices that can be connected to the Internet and researcher’s estimate there would be 26 times more IoT devices than people by the end of 2020. This threat came into spotlight recently after a revelation, where thousands of low security IoT devices were being used to launch massive-scale DDoS attacks. These attacks impacted various DNS service providers. DDoS is a kind of DOS attack which makes sure that multiple systems are compromised, with the help of Trojan virus. Ultimately, the victims of DDoS attack gets maliciously controlled and used by the hackers. To counter the threat, FTC has started targeting some IoT device manufactures, whose products come without adequet security. Ransomware Ransomware has seen steady improvement over the years since its first appearance way back in 2005. In its early days, cybercriminals would use fake apps and fake antiviruses to alert victims, and then they ask for fees as a charge for fixing some fake problems. Even it showed FBI warnings, which contained threat messeges. Ultimately, they began to lock down systems or any specific app until the demands were met. However, the main threat these days are crypto ransomeware, where the attacker encrypts the file and the victim needs to pay in order to get the key and unlock their own file. According to various agencies, Ransomware has caused damages of around $325 million till date. In order to stay safe from the Ransomware, the user must use reputed and original antivirus and anti maleware softwares. Users shouldn’t open email attachments, until they are completely sure. Use of storng password is must and one should not reuse older passwords. Keeping all the softwares up to date is another thing one must follow, and last but not the least a user must backup all the data to prevent data loss. Business Email Compromise Schemes A BEC attack is a form of fishing attack where the offender pretends to be an executive and targets a vendor or a customer who would transfer funds or classified information to the attacker.
| December 2017 |
BEC attack is completely different from other attacks, in case of BEC attacks, the attackers are highly motivated and these kind of attack mostly passes through spam filters and even evades email whitelisting campaigns. All these together makes it hard to recognize that the email is not from an authentic source. So how can one be safe from a BEC attack? Don’t worry there are few guidelines which will make life a bit easier. A company must implement a multi factor authentication, as a security policy, the authentication system will make the hacker’s life much more difficult and ultimately it will prevent the criminal from gaining access to a employee’s mailbox. One must also check on organiztion’s spoofability, that helps to know how secured the company is. There’s nothing like teaching employees how to spot phising attacks which will eventually help employees and the company to be safe. Risk Of Using Cloud Recently most of the companies have started using cloud services. Popular apps like Dropbox and Google Drive are being used by companies, and sadly there are many users who are using these services from their non-corporate mail accounts which eventually expose sensitive data to outside threats. Companies also lack specific usage policies when it comes to cloud service, that can lead to sharing sensitive information to unapproved apps, which can lead to severe data breach. So, to get rid of risk related to clouds, one organization must have a strict and clear policy about how and when to use it. An employee must be barred from sharing sensitive data to unapproved apps. Third Party Vendors Increases Risk A company might build brilliant security system with great policies to keep their customers and their data safe, but unless and until their third party vendors use the same level of security the data and customers will always be at risk. Just look at the recent Wendy’s incident, where more than 1000 franchised location of Wendy’s were hit by a Point-ofSale malware attack, that eventually led to massive data breach. Until companies make sure that policies are tighted up enough and the third party vendor is taking all the needed security measures, these kind of attacks will continue to
35
Threat O Care
take place. To prevent cyber attacks, organizations should come up with a policy, by which one should ensure that third party vendors are taking same security measures as the company. In addition to all these, stortage of skilled IT professionals is also hurting to a great extent; there are more than a million vacant IT professional jobs across the globe. So, with more skilled professionals and by ďŹ lling the vacant positions, the cyber threats can be minimized to a great extent. However, one still has to religiously update and patch ďŹ rewalls, ďŹ rmwares, changing the default password of the router and setting up strong passwords to not to get trapped in the world of web. So, these are the type of cyber attacks that could hurt your company to a great extent, we have also listed out the prevention methods, that will eventually help you to be safe in the web.
36
| December 2017 |
Protect
Silent Circle: Securing Enterprise Communications in the Cyber-Espionage Era
your business behind the shield of Silent Circle
E
ndowed with some of the best minds in mobile technology, encryption, security, and privacy, Silent Circle is the leader in the privacy and security of enterprise communications. It helps to keep conversations between employees, customers, and partners private.
Gregg Smith CEO
Silent Circle provides secure business communications in the cyber-espionage era, by delivering SaaS and hardware solutions in conjunction with its proprietary ZRTP cryptography. It helps companies and firms in managing their critical information ranging from desktop messaging to portable firewalls, with its products like GoSilent; and specializes in making data in motion incredibly safe. The answer to Cyber-criminals According to Silent Circle, mobile devices are an integral part of everyday human life, wherein people uses these devices 24 hours a day, seven days a week. Smartphones have already replaced computers, cameras, and is also helping humans in completing various day-to-day works like emailing co-workers, messaging friends, and in making phone calls. With so many smart devices performing mission-critical functions and transferring exabytes, if not zettabytes of data, mobile platforms and their vulnerabilities have become prime targets for cyber-criminals. These malicious actors use cellular monitoring, intercepting, and data exfiltration techniques and run its entire spectrum of criminal activities all across the nation states. To cope up with growing threat of enterprise data breaching, Silent Circle innovated Blackphone, which was created solely for the purpose of providing businesses with a completely secure
38
| December 2017 |
mobile device communication. Blackphone offers a seamless user experience, familiar Android environment, and frequently used apps and services. Additionally, Blackphone provides complete control over when and how data is shared. Its sequel of development – Blackphone 2 – offers additional support for MDM services and Android platform for work purposes. The Silent Phone software is designed to provide a fail-safe method of secure communications and file transfer on any device. This software and hardware combination is helping organizations in gaining greater technology integration, securing data, and communication in a variety of mobile environments. The Veteran in Mobile and Cybersecurity Gregg Smith, CEO of Silent Circle, is a veteran in the mobility and cybersecurity space. He joined Silent Circle in January 2017 and has, since then, leveraged his massive experience of more than twenty-five years to steer the company ahead. Gregg is a much sought-after speaker at mobile, wireless, and security industry events, and brings-in his thought leadership and expertise to the Silent Circle team. Prior to Silent Circle, Gregg served as the President of Aether Systems, which is one of the largest and most successful enterprise firms in the region. In recent years, Gregg has also lead teams at Koolspan and OptioLabs as its CEO, and currently serves on the Board of Directors for Datatribe—an early stage venture capital firm focusing on cybersecurity.
business.’ On the other hand, Mike Janke, Co-Founder of Silent Circle, is a noted privacy advocate and a former US Navy Seal.
protecting confidential & private communications and is recognized for its peer-to-peer encryption protocol and its impeccable user experience.
Technology to Tackle Future The biggest challenge society is facing in this cyber-crime prone era, is the failure of software or hardware as independent solutions for cybersecurity from a compliance or regulatory perspective. Silent Circles’ goal remains the same, wherein it wants to help people in managing and controlling their content, conversations, and data. Silent Circles’ platform can serve any device type across an entire organization, which is in a fixed location or with a mobile workforce. It brings the combination of hardware and software to effectively check all the boxes a business client needs, especially in a regulated industry like finance. With its history being a handset manufacturer, it knows a lot about what is possible and not, as all software resides on hardware or is accessible via the web. Silent Circle has already paired up with Cog System to create and provide the mostinnovative mobile security solution for enterprises available till now.
The new partnership of Silent Circle and Cog Systems aims to provide an in-depth mobile security defense through combined encryption technology on D4 Secure architecture for mobile; to protect voice and video call data on cellular and Wi-Fi networks from interception and eavesdropping. The technology works by combining the Silent Phone software on the HTC, secured by D4, which was designed to protect organizations and their users with an unparalleled level of data and system security. These technological advancements are helping the company to remain competitive in the market and in sharing a strong bond with its clients.
The Long-lasting Relationship with Clients The market is flooded with companies providing cyber-security solutions, but Silent Circle stands apart with a shining badge of Silent Network; it protects video and voice call data from eavesdropping and interception on WiFi and cellular networks. The Silent Phone has already set a standard for
It strongly feels that Silent Circle is positioned for more growth. Gregg Smith concludes by mentioning, “Data loss and breaches continue to be a problem. What is less reported on but happens very often is data loss for mobile devices. That is an area the company has always had a focus on giving our solution(s).”
Values and Attributes in Success and its Future Down-the-line Data security has been the hallmark for the company since its very inception. Whether it was helping consumers or helping businesses, the fundamental principle has not changed.
However, Silent Circle was founded by Phil Zimmerman—a legend in the cryptography world and the creator of PGP and ZRTP. He has been inducted into the Internet Hall of Fame and is named as one of the ‘Top 50 Tech Visionaries’ of the last 50 years as well as one of the ‘Top 10 Innovators in E-
| December 2017 |
39
Executive Voice
T
here is a strange inconsistency in how enterprises manage mobile communications compared to other types of business communications.
With traditional voice communications and data communications, we directly control how communications are deployed and used by our employees. But for mobile devices, we give up this control to external mobile service providers, creating expensive management and regulatory headaches. It doesn’t have to be this way, which is why I founded Tango Networks a decade ago to revolutionize business mobile communications. The Company is The Service Provider Consider how other forms of communications are managed for employees. For typical desktop phone service, the company purchases phones from a vendor along with a central system to provide voice calling, conferencing, in-office dialing, and other features. The company or its contractor will run cabling and power for the phones. Then the company contracts with a service provider for voice services. The enterprise is in control of the communications system, and sets the policies for each user. It’s the same for data communications. The company will contract with a service provider for Internet service. But then the company will install routers, firewalls, SBCs and Ethernet cabling, or Wi-Fi access points and similar infrastructure to get its employees online. The company similarly is in direct control of its local and wide-area networks, and sets the policies for each user. In both cases, the company is acting as a service provider
40
for its employees - delivering and supporting essential communications services. But this model has remained broken when it comes to mobile communications. The Broken Mobile Model In more traditional situations, the company will contract with a mobile communications service provider and buy or lease mobile phones and service for employees. The company pays the provider to handle support, configuration and management of the phones in addition to the primary voice and data service costs. While the company is incurring these expenses, the company does not have direct control over the devices to ensure that corporate policies are followed. Companies that must monitor employee voice calls and data sessions, or archive them for regulatory purposes, face added expenses. In some companies, this model has evolved into Bring Your Own Device (BYOD) programs, often when IT departments have simply given up trying to gain control over corporate mobile communications the way they have always been able to manage their other services. Instead of contracting for phones with a service provider, the employees are permitted to use their own devices. Then the company reimburses or otherwise subsidizes services. While this can be less expensive than a company-owned phone approach, it makes enforcement of policies very difficult, especially for regulated industries requiring communications recording. In both cases, the mobile devices and service subscriptions remain separate from the main form of corporate communications. If I call you from the office, you see my corporate number as the caller ID. If I call you from my | December 2017 |
About the Author A company co-founder, Andrew Silver now serves as Tango Networks’ Chief Technology Officer. Silver is an entrepreneur and business technologist who has held senior management and director roles in large and small wireless companies including Ericsson, Nortel Networks, Comverse and Spatial Wireless. He is an accomplished speaker at wireless industry forums and has been granted more than 50 patents in wireless communications systems. Silver holds an electrical engineering degree and an MBA from McGill University.
mobile, you see my personal mobile number, or another number you don’t recognize. If you call me on my mobile but I need to take the call from my desk phone for recording compliance, I need to call you back, or else start up a special app on my phone to record the call. In short, the user experience is messy, unwieldy, and less professional in appearance. The Better Way Imagine instead that your mobile phone could be an extension of your main corporate communications systems. You could make and receive calls using your corporate number. You could transfer, conference, call with inoffice dialing. You could send text messages from your corporate number and receive incoming texts to your corporate number - something your desktop phone probably cannot do. Your calls and texts could be archived for compliance. Your IT staff would have direct control over when and where you could make toll calls, or even route them through the corporate networks to reduce costs. | December 2017 |
Suppose all this were possible even with your own personal device. Your business communications would operate as an extension of your corporate phone system while your personal communications remained totally private. That’s exactly what Tango Networks’ solutions do. Our Kinetic Communications Platform enables a company to control mobile communications in an entirely new way. Shared Control The breakthrough is an innovation in how communications signaling and routing are managed. Our Kinetic platform creates a communications control system that is shared between your company and your mobile service provider, enabling the enterprise to be the service provider for their employees. This means your IT staff sets policies, determines call routing rules, turns on features, and executes similar control steps. These enterprise-managed policies and configuration settings interface directly with the service provider where they are enforced on the mobile communications in the
service provider’s network. This provides great advantages for both companies and their service providers. For service providers, it means that companies are taking on much of their own support and management tasks. For the companies, it means the IT staff is more directly in control of this critical form of corporate communications. Our system is supported by many Tier 1 mobile service providers around the world and is serving hundreds of thousands of users with enhanced mobile communications today. On networks where our solutions are not yet supported, we also offer many of the same control capabilities for employees that use Android, BlackBerry and IOS (Apple) devices. For the first time, mobile communications can be managed by your company precisely the way traditional fixed voice and data communications. In the end, this means easier regulatory compliance, lower mobile communications costs, and a better user experience that maximizes the productivity of your employees on the go.
41
Enterprize concern
Traits to Posses the Best
Enterprise Security T
he founders occasionally forget about implementing important fundamentals of security and start running after shining technology. The security budgets are limited, so they need to be sure about covering highest breach areas before moving onto other things.
IBM reported that more than a billion personal data was stolen and leaked in 2014 alone, which made it the highest recorded number in the last 18 years. Criminals are always a step ahead of the existing security systems. So companies should have best strategies and practices for enterprise security. So how do we ensure to have the best security systems? It all has to do with having a solid foundation, which starts with these basic practices. Strong Firewalls Firewalls are the first line of defense for any enterprise. It basically controls the flow of the data and decides the direction of flow of data. The firewall keeps harmful files from breaching the network and compromising the assets. The traditional process for implementing firewalls is at the external perimeter of the network, but to include internal firewalls is the popular strategy. This is one of the best practices of companies by making it the second line of defense to keep unwanted and suspicious traffic away. Securing Router Routers are mainly used to control the flow of the network traffic. But routers do have security features too. Modern routers are full of security features like IDS/IPS functionality, quality service and traffic management tools and strong VPN data encryption features. But very few people use IPS features and firewall functions in their routers. To have improved security posture companies need to use all the security features of routers. Secured Email It is highly common to receive emails from the suspicious sources. The email is the main target for the criminals. An 86 percent of the emails in the world are spam. Even if the latest filters are able to remove most of the spam emails, companies should keep updating the current protocols. If the no, of spam emails are large, then it only means the company is at greater risk of getting malware. Updating Programs To make sure your computer patched and updated is a necessary step if you are going towards fully protected enterprise. If you can’t maintain it right, then updating already installed applications is an important step in enterprise security. No one
42
| December 2017 |
Enterprize concern
can create 100 percent perfect applications, but one can make changes accordingly trying to keep it with the pace. Thus, making sure your application is update will let you know the holes programmer has fixed. Securing Laptops and Mobiles You may wonder that why securing laptops and mobiles is in the list. But it is true that securing laptops and mobile phones that contain sensitive data of enterprises. Unlike desktop computers that are fixed, laptops and mobiles are portable and thus are at higher risk of being stolen. Making sure you have taken some extra steps to secure laptops and mobiles is as important as implementing strong firewalls. Encrypting laptops and mobiles with the help of softwares is a great tactic to be followed for secured enterprises. Wireless WPA2 This is the most obvious feature of all. If companies aren’t using WPA2 wireless security, then they need to start using it. Many methods of wireless security are insecure and can be compromised in minutes. If companies have wireless WPA2 installed, then it will be difficult to breach for criminals. Web Security Verizon Data Breach Investigations Report stated that the attacks against web applications in the recent years have increased at an alarming rate, with over 51 percent of the victims. Simple URL filtering is no longer sufficient, as attacks are becoming more frequent and complex. The features that need to be considered for web security systems are AV Scanning, IP reputation, Malware Scanning, and data leakage prevention function. A web security should have the ability to correctly scan the web traffic. Educating Employees Making sure that employees are educated about safe and online habits is as crucial as securing enterprise with top class anti virus and firewalls. Educating employees about what they are doing and how to be pre-defensive is more effective than expecting IT security staff to take steps later. Because protecting end users against themselves is the most difficult thing to do. So, employees must understand how important it is to keep company’s data safe and the measures they can take to protect it. While the world is approaching with more and more cyber theft and crimes, these simple and standard tools based foundation of enterprise security can protect the companies from such attacks.
| December 2017 |
43