What is it?
Free Whitepaper
Unveiling the Security Illusion: The Need For Active Network Forensics
The Need for Active Network Forensics
The media is rife with examples of why current security tools and strategies aren't enough. Organizations have too much confidence in deployed security solutions.
- Too much attention is given to prevention - there is no way to stop everything.
- Companies trust that compliance to government mandated regulations equals security.
- They have a false belief that updating, patching, meeting compliance requirements, and deploying new technologies will protect them. "Sit back and relax–all is well."
- Even if organizations acknowledge that new threats will be introduced into the wild and that security updates will not be immediately available, they still tell themselves, "It will happen to someone else, it can't happen to me."
- Because of this faith, trust, or ignorance, organiztions don't prepare for detection, response and recovery.
Below are just some of the news stories chronicling this dangerous trend:
Breaches Down, Insider Attacks Up, Verizon Business/Secret Service Study Says July 28th, 2010 While the volume of breaches shifted dramatically between Verizon's 2009 report and the 2010 report, so did the source of the attacks, Sartin notes. While external forces still reign supreme -- 70 percent of all breaches resulted from external agents -- the percentage of cases that involved insiders rose to 48 percent, an increase of 26 percent over the previous year. |
|
Tech Insight: IT Security’s Most Time-Consuming Tasks July 9th, 2010 "Security pros are stuck trying to detect malware before it gets deep into the internal network and has access to sensitive data. Knowing some piece of malware is on a system isn't enough, though. There's a need to analyze what's there to see what credentials or data it was attempting to steal. And the C-level execs want to know whether it was part of a targeted attack." |
Risk of Cyber threats seriously underestimated July 6th, 2010 "a vast majority of enterprises of all sizes regularly fall victim to advanced cyber threats, at the same time, more than half of these organizations recognize their defensive technologies, personnel and budget as 'inadequate.'" |
|
Six Messy Database Breaches so far in 2010 July 2nd, 2010 "Whether it be insecure Web applications, poor password management, or a lack of database policies and monitoring, the average database today is at risk of exposure through a host of different threat vectors that many organizations are not even aware of." |
|
More than 80 Percent of US Enterprises Hit by Advanced Attacks July 1st, 2010 Even more disconcerting ... was how long it took organizations to realize they had been victimized by these attacks. Around 80 percent say it took a day or more to detect the threat, and 46 percent say it takes 30 days or more. Overall, nearly 60 percent say it takes anywhere from a week to 60 days to discover the presence of an advanced attack.
|
|
Data Breaches Will Increase This Year, Security And Compliance Officers Say June 21st, 2010 "Ninety-five percent of security and compliance pros believe that data breaches will increase in 2010, according to a survey (PDF) published today by security vendor nCircle." |
Targeted cyberattacks test enterprise security controls April 7th, 2010 "Companies need to strengthen their ability to detect intrusions and respond quickly… Since targeted attacks are designed to siphon out data via the network, keeping a close eye on network traffic can help detect anomalies" |
|
RSA Survey: Security Pros Worry That Current Defenses Aren't Enough March 8th, 2010 "...two-thirds of those surveyed said they estimate their network security solutions thwart fewer than 25 percent of network-based security threats" |
February 2nd, 2010 "Sensitive information is stolen daily from both government and private sector networks... We often find persistent, unauthorized, and at times, unattributable presences on exploited networks... We cannot be certain that our cyberspace infrastructure will remain available..." |
U.S. 'Severely Threatened' By Cyber Attack February 2nd, 2010 "Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication...Cyber criminals' capabilities presently exceed the response capabilities of those defending networks." |
Fearing Hackers Who Leave No Trace January 19th, 2010 "The offensive technical capability to play this game is well within the reach of the principal adversaries of the United States. In fact, one could argue that some of our adversaries are better at this game than we are." |
Data breach costs top $200 per customer record January 19th, 2010 "2009 brought more sophisticated criminal attacks that didn't show up on our radar screen" |
Internet heading for 'perfect storm' January 19th, 2010 "...the biggest challenge revealed by the survey is simply the sheer number of challenges that have come along at once" |
|
Hackers wield newest IE exploit in drive-by attacks January 19th, 2010 "Hackers are attacking consumers with an exploit of Internet Explorer (IE) that was allegedly used last month by the Chinese to break into Google's corporate network" |
IE6 exposed as Google China malware unpicked January 19th, 2010 "This attack involved very advanced methods, with several pieces of malware working in concert to give the attackers full control of the infected system, at the same time it attempts to disguise itself as a common connection to a secure website" |
|
Poisoned PDF pill used to attack U.S. military contractors January 18th, 2010 "Unidentified hackers are running an ongoing cyber-espionage attack targeting U.S. military contractors." |
Hackers are defeating tough authentication, Gartner warns January 18th, 2010 "Cybercriminals are using increasingly sophisticated tactics to outmaneuver security systems so they can steal customers' log-in credentials and pillage their bank accounts, according to a Gartner analyst" |
Google Hack Attack Was Ultra Sophisticated January 14th, 2010 "Hackers...used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer" |
|
More Victims Of Chinese Hacking Attacks Come Forward January 14th, 2010 "This attack involved very advanced methods, with several pieces of malware working in concert to give the attackers full control of the infected system, at the same time it attempts to disguise itself as a common connection to a secure website" |
|
January 12th, 2010 "Every organization has these problems...They may not realize it, but they're just waiting for a smart kid to come along and copy off every critical piece of information they have" |
|
Conficker worm just keeps on coming January 11th, 2010 "...some cleverly designed spam is getting past our filters as well...problems are examples of evolving network threats that present some challenges to the security team" |
|
Heartland breach shows why compliance is not enough January 6th, 2010 "Theft of a ...staggering 130 million credit and debit cards... certified as fully compliant with the requirements of the Payment Card Industry Data Security Standard (PCI DSS)" |
Symantec predicts: In 2010, 'antivirus is not enough' December 10th, 2009 "...the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioral capabilities, are not enough to protect against today's threats." |
Two Official Kaspersky Websites Hacked December 10th, 2009 "That investigation must have missed something, because the grey hat just performed a nearly identical hack on Kaspersky's Malaysia and Singapore websites" |
|
Most Security Products Don't Initially Work As Intended November 16th, 2010 "Fifty-eight percent of failures were attributed to incomplete or inaccurate logging of who did what—and when" |
Survey: Most organizations struggling to secure data September 23rd, 2009 "79 percent of respondents said their organization has experienced a data breach" |
|
NY Times Website Infected With Fake Antivirus September 15th, 2009 "It's a fake page for a nonexistent antivirus app, which is actually malware...It's a multimillion dollar business" |
|
Network Solutions was PCI compliant before breach July 27th, 2009 "...despite its being PCI compliant, a breach had compromised approximately 573,928 individuals' credit card information" |
|
Major Secure Email Products Miss Spear-Phishing Attack January 19th, 2010 "The problem is that most anti-phishing technology is built to catch large-scale phishing attacks, but not the insidious and dangerous small, targeted ones" |
Heartland data breach proves PCI compliance is not enough January 19th, 2010 "Achieving PCI compliance does not imply that a business has achieved real security" |
