CTOvision.com https://ctovision.com Context for the CTO, CIO, CISO and Data Scientist Tue, 30 Jun 2015 10:36:25 +0000 en-US hourly 1 http://wordpress.org/?v=4.2.2 How OPM Could Have Avoided the Data Breach https://ctovision.com/2015/06/opm-avoided-data-breach/ https://ctovision.com/2015/06/opm-avoided-data-breach/#respond Tue, 30 Jun 2015 10:36:25 +0000 https://ctovision.com/?p=89696 Recently, a data breach at the Office of Personnel Management (OPM) demonstrated once again the vulnerability of data and how even when an organization has seemingly deployed the right tools, security holes can be exploited to gain access to highly sensitive information. OPM is the federal organization responsible for maintaining and protecting the federal records […]

The post How OPM Could Have Avoided the Data Breach appeared first on CTOvision.com.

]]>
Recently, a data breach at the Office of Personnel Management (OPM) demonstrated once again the vulnerability of data and how even when an organization has seemingly deployed the right tools, security holes can be exploited to gain access to highly sensitive information. OPM is the federal organization responsible for maintaining and protecting the federal records for all federal employees and contractors. This includes highly sensitive records about individuals with clearances and even information that could expose those living undercover. As the exact nature of the attack unfolds, and the damages are revealed, it’s important to consider how the breach could have been discovered earlier; how the attack could have been prevented; and what could have been done to limit the damage.

The latest data suggests that the attack was perpetrated by first stealing access credentials from KeyPoint, a government contractor that was hacked last year.  While the initial intrusion mostly impacted Department of Homeland Security (DHS) personnel, it was first detected in September, and it took DHS seven months to conclude their investigation.  During that time, the credentials were likely used to break into OPM’s systems.  Given this timeline it is clear that the hackers had plenty of opportunity to rummage through systems; some evidence even points to re-occurring attacks going back for at least the last year. The one thing that is clear is that this breach went undiscovered by the OPM team and its threat defense system for as much as several months.

Stopping cyber attacks is difficult, particularly when the perpetrator is seemingly a well-funded nation-state. Still, a well planned defense in depth strategy that highlights, in real-time, the vulnerabilities and risks associated with a given environment can help organizations narrow their focus onto the critical points and paths of egress and drastically improve the chances of preventing or stopping an attack before the "crown jewels," in terms of important data, are stolen.

To achieve this defense in depth, it’s important to first understand the security environment.  Knowing the interaction of firewall rules, and uncovering vulnerabilities introduced by misconfiguration, is vital.  Uncovering unused, hidden, and redundant rules, which can have unforeseen impact on overall security, would help to simplify the overall firewall environment.

Visualizing traffic flow can help to discover unexpected paths in and out of systems to pinpoint unexpected ingress and egress points for systems and the network.  This can signal the path a would-be hacker might take to get to data, and highlight where additional defenses are needed.

Good security hygiene, going forward, can assist in preventing further attacks.  Change management will be key, and can reduce the risk of existing holes, while ensuring changes don’t introduce new ones.  Understanding the impact a given change might have on the overall operating environment can discover potential new holes in perimeter defense, before they even get created.

Compliance to security standards must be maintained, and audits will help to ensure this compliance.  Cleaning up and optimizing firewall configurations can remove obscurity and improve security, manageability, and performance.  Testing network configuration against security compliance requirements helps to ensure the requirements are being met.

Finally, if an actual breach does occur, it’s important to be able to find it quickly.  Tools exist that can help separate indicators of a break-in from background noise, and pinpoint where data is exiting the network.  This can dramatically reduce the time it takes to discover a breach, which helps to limit the damage by helping to sever the data stream before much data has been stolen.

Finding an integrated set of tools can make the process easier.  One such integrated tool suite is produced by FireMon.  Their Security Manager tool helps to manage and monitor devices in one place, and integrates with the Policy Planner, Policy Optimizer, and Risk Analyzer tools to help clean up the environment, understand the impact of changes, and ensure compliance to security standards.  Immediate Insight can analyze the network in real time, to reduce the time it takes to identify an incursion and triage the event.  Together, the tools can be used to quarantine known infected networks to help cut an incursion off at its  source.

All reports indicate that the data security team at OPM took many measures to prevent this breach, including deploying a number of commercial and custom tools to monitor the environment. Still, this breach highlights the need for a comprehensive approach to cyber defense, complete with a tightly integrated toolset. It’s about more than just having firewalls and SEIMs deployed; it’s about having the right set of tools and applications that give needed visibility into the vulnerabilities and risks associated with a given environment. Deployed properly and as a part of a broader integrated defense strategy, these tools can help dramatically reduce the risk of a successful cyber attack, and can aid in discovering the intrusion and concluding the investigation much faster.

The post How OPM Could Have Avoided the Data Breach appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/opm-avoided-data-breach/feed/ 0
CTOvision Pro: A Subscription Based Research and Analysis Service https://ctovision.com/2015/06/ctovision-pro-a-subscription-based-research-and-analysis-service/ https://ctovision.com/2015/06/ctovision-pro-a-subscription-based-research-and-analysis-service/#comments Mon, 29 Jun 2015 12:40:04 +0000 https://ctovision.com/?p=89682 CTOvision Pro is our subscription based research and analysis service. CTOvision Pro provides subscribers with more in-depth research, analysis and reporting on topics that matter to enterprise IT. Subscribers receive a weekly newsletter with up to date context and analysis, as well as logins to our market research, technology assessments and special reports. If you are from […]

The post CTOvision Pro: A Subscription Based Research and Analysis Service appeared first on CTOvision.com.

]]>
CTOvision Pro Research and Advisory ServicesCTOvision Pro is our subscription based research and analysis service.

CTOvision Pro provides subscribers with more in-depth research, analysis and reporting on topics that matter to enterprise IT. Subscribers receive a weekly newsletter with up to date context and analysis, as well as logins to our market research, technology assessments and special reports.

  • If you are from the technology community you will gain insights into your market and enterprise mission needs.
  • Enterprise architects, program managers and acquisition professionals gain insights into the rapidly shifting technology landscape.

Subscribers also receive priority responses from our analysts via our special “Ask The CTO” service.

Start your 7 day free trial of CTOvision Pro today!

The post CTOvision Pro: A Subscription Based Research and Analysis Service appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/ctovision-pro-a-subscription-based-research-and-analysis-service/feed/ 1
Verisign’s Q1 2015 DDoS Trends Report: Mitigating More DDoS Attacks This Quarter than in 2014 https://ctovision.com/2015/06/verisigns-q1-2015-ddos-trends-report-mitigating-more-ddos-attacks-this-quarter-than-in-2014/ https://ctovision.com/2015/06/verisigns-q1-2015-ddos-trends-report-mitigating-more-ddos-attacks-this-quarter-than-in-2014/#respond Thu, 25 Jun 2015 12:55:33 +0000 https://ctovision.com/?p=89584 Verisign's Q1 2015 DDoS Trends Report reveals some interesting trends we should all be aware of. The report captures analysis and insights from Verisign including information derived from mitigations enacted on behalf of, and with cooperation with, customers of Verisign's DDoS Protection Services. Key contributing analysts include the security research team at Verisign’s iDefense. Some […]

The post Verisign’s Q1 2015 DDoS Trends Report: Mitigating More DDoS Attacks This Quarter than in 2014 appeared first on CTOvision.com.

]]>
Verisign's Q1 2015 DDoS Trends Report reveals some interesting trends we should all be aware of. The report captures analysis and insights from Verisign including information derived from mitigations enacted on behalf of, and with cooperation with, customers of Verisign's DDoS Protection Services. Key contributing analysts include the security research team at Verisign’s iDefense.

Some trends worth highlighting include:

  • Every industry is being targeted, some more than others. 18 percent of DDoS attack targets were organizations in the public sector
  • DDoS attacks were up more than seven percent over the last quarter alone
  • Attack size remains significant, with more than 50 percent of the attacks peaking at more than one Gbps

DDoS attacks can be mitigated, fast, by leveraging the services and technologies of Verisign. Their DDoS protection services are delivered by the same talent that is responsible for maintaining the .com, .net .gov and .edu DNS infrastructure.

For more precision on which industries are being attacked the most and insights into mitigating these attacks, you can download the DDoS Trends Report here.

The post Verisign’s Q1 2015 DDoS Trends Report: Mitigating More DDoS Attacks This Quarter than in 2014 appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/verisigns-q1-2015-ddos-trends-report-mitigating-more-ddos-attacks-this-quarter-than-in-2014/feed/ 0
The Digital Risk Reduction Act of 2015 https://ctovision.com/2015/06/the-digital-risk-reduction-act-of-2015/ https://ctovision.com/2015/06/the-digital-risk-reduction-act-of-2015/#respond Thu, 25 Jun 2015 02:23:38 +0000 https://ctovision.com/?p=89656 Are you looking for ideas on how to improve the security of federal systems? Cognitio’s founders have been responsible for guarding some of the world’s hardest-to-penetrate networks, including the classified systems that lets case officers in hostile countries communicate with headquarters in the United States, and the networks that provide real-time information to battlefield commanders […]

The post The Digital Risk Reduction Act of 2015 appeared first on CTOvision.com.

]]>
Digital Risk Reduction and Cybersecurity Act of 2015Are you looking for ideas on how to improve the security of federal systems?

Cognitio’s founders have been responsible for guarding some of the world’s hardest-to-penetrate networks, including the classified systems that lets case officers in hostile countries communicate with headquarters in the United States, and the networks that provide real-time information to battlefield commanders so they can help save lives in conflict zones. We have helped some of the largest, most complicated commercial firms reduce their digital risk and enhance their cyber security posture. And we have participated directly on teams where organizations in challenging situations have risen above problems and excuses to mount formidable defenses of their infrastructure. We have authored and published the definitive book on adversaries in this domain: The Cyber Threat.

With this paper we offer lessons from experiences like the above and do so in a way we believe underscore the need for new governance over federal cyber security.

To grab attention and help move this idea forward we name this paper after something we would love to see Congress produce, the Digital Risk Reduction Act of 2015

Request your copy here.

The post The Digital Risk Reduction Act of 2015 appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/the-digital-risk-reduction-act-of-2015/feed/ 0
Naval Intelligence Professionals (NIP) and the International Spy Museum announce a joint presentation: Tracking the Elusive Pueblo https://ctovision.com/2015/06/naval-intelligence-professionals-nip-and-the-international-spy-museum-announce-a-joint-presentation-tracking-the-elusive-pueblo/ https://ctovision.com/2015/06/naval-intelligence-professionals-nip-and-the-international-spy-museum-announce-a-joint-presentation-tracking-the-elusive-pueblo/#comments Wed, 24 Jun 2015 20:45:25 +0000 https://ctovision.com/?p=89652 Naval Intelligence Professionals (NIP) and the International Spy Museum announce a joint presentation: Tracking the Elusive Pueblo, on Wednesday 1 July 2015 at 630pm. Location is the International Spy Museum, 800 F St NW, Washington DC. Here is more on the event: In January 1968, at the height of the Vietnam War, North Korea captured the USS […]

The post Naval Intelligence Professionals (NIP) and the International Spy Museum announce a joint presentation: Tracking the Elusive Pueblo appeared first on CTOvision.com.

]]>
Naval Intelligence Professionals (NIP) and the International Spy Museum announce a joint presentation: Tracking the Elusive Pueblo, on Wednesday 1 July 2015 at 630pm.

Location is the International Spy Museum, 800 F St NW, Washington DC.

Here is more on the event:

In January 1968, at the height of the Vietnam War, North Korea captured the USS Pueblo. The seizure of the ship, equipped with electronic and signals intelligence systems and 83 crewmen, provoked outrage in the US, with some calling for a nuclear response. What really happened during this hot Cold War incident? CDR Douglas Hackett, USN (Ret.) will explore the Pueblo’s surveillance mission, and provide the definitive naval intelligence assessment of whether the Pueblo was in North Korean waters, based on North Korean-provided information. He’ll also share the US government’s response to the crisis, North Korea’s motivation, what happened to the crew who were held prisoner for nearly a year, and what has become of the Pueblo today.

This event is open to the general public. Tickets are $8.00 but NIP members and the Spy Museum’s Inner Circle are admitted for free. Pre-registration is not required. This fee does not cover a tour of the Spy Museum.

Find more here: http://www.spymuseum.org/calendar/detail/tracking-the-elusive-pueblo/2015-07-01/

The post Naval Intelligence Professionals (NIP) and the International Spy Museum announce a joint presentation: Tracking the Elusive Pueblo appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/naval-intelligence-professionals-nip-and-the-international-spy-museum-announce-a-joint-presentation-tracking-the-elusive-pueblo/feed/ 1
Google, like Samsung, is eavesdropping on your private conversations https://ctovision.com/2015/06/google-like-samsung-eavesdropping-private-conversations/ https://ctovision.com/2015/06/google-like-samsung-eavesdropping-private-conversations/#comments Wed, 24 Jun 2015 19:04:26 +0000 https://ctovision.com/?p=89645 If you use Google Chrome, you could be subject to eavesdropping by Google.  Similar to what Samsung's TVs are doing, the Chromium browser listens to conversations in the vicinity of your laptop, PC, or tablet, and transmits it back to Google.  Ostensibly, this is part of the "Google Now" voice activation feature of Chrome.  Privacy […]

The post Google, like Samsung, is eavesdropping on your private conversations appeared first on CTOvision.com.

]]>
ChromeHalIf you use Google Chrome, you could be subject to eavesdropping by Google.  Similar to what Samsung's TVs are doing, the Chromium browser listens to conversations in the vicinity of your laptop, PC, or tablet, and transmits it back to Google.  Ostensibly, this is part of the "Google Now" voice activation feature of Chrome.  Privacy campaigners and some developers think it's more nefarious.  Blogger Ofer Zelig has this to say:

A few days ago, while I was working on my PC at home, I noticed something strange. My PC has a web camera (combined with a microphone) that sits on top of my monitor, and the camera has a small blue LED that lights when the camera and/or microphone are operating.

While I was working I thought I’m noticing that an LED goes on and off, on the corner of my eyesight. And after a few times when it just seemed weird, I sat to watch for it and saw it happening. Every few seconds or so. I opened Task Manager (I’m working on Windows. Apologies.) and looked for a process to blame on that dodgy activity. Who is listening to me? I didn’t find anything. I know my PC pretty well and I didn’t have any crappy malware accidentally installed. There were a few suspicious processes that I shut down but it didn’t make any difference, and I left it like that.

And then I’ve come across this bug report – it’s Google! And according to them it’s not a bug! They silently put this new module in Chrome (or Chromium to be precise, doesn’t matter much from an end-user perspective). It’s a prepackaged binary and Google’s response response to the “issue” was pretty odd.

Apparently the issue is that someone added the non-open source component for Google Now to the open source code for Chromium.  Google is asking that the component be removed, but for now, the default install still contains the code, and could transmit conversations or other sound back to Google.

As privacy concerns related to spying using your PC's camera or microphone mount, many security experts recommend covering your camera's lens and disabling your microphone when not in use.  Even the NSA recommends these steps.  There are products built to cover your camera lens; a bit of masking or electrical tape will work just as well.  You can disable any built-in microphones via software, but some experts note that a hacker could re-enable it without your knowledge, and recommend using a "dummy plug" - basically, a microphone plug with no mic attached - instead.  You can buy a cheap microphone or headphone adapter and plug that into the microphone port, or you can cut the cord off a cheap pair of earbuds and use that; just make sure the wires don't touch so it doesn't short out your mic port.

The post Google, like Samsung, is eavesdropping on your private conversations appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/google-like-samsung-eavesdropping-private-conversations/feed/ 2
The Future of Nanobots In Medicine: Including internal drug delivery https://ctovision.com/2015/06/future-nanobots-medicine-including-internal-drug-delivery/ https://ctovision.com/2015/06/future-nanobots-medicine-including-internal-drug-delivery/#respond Wed, 24 Jun 2015 11:13:09 +0000 https://ctovision.com/?p=89633 Nanobots have shown great potential in the field of medicine. Now, it is not far from using nanobots to cure diseases such as cancer. Researchers of Israel Institute of Technology (Technion) have found a way to give nanobots “propellers”. They created a "nanoswimmer" the width of a silk fiber, made of several links of polymer […]

The post The Future of Nanobots In Medicine: Including internal drug delivery appeared first on CTOvision.com.

]]>
Nanobots have shown great potential in the field of medicine. Now, it is not far from using nanobots to cure diseases such as cancer. Researchers of Israel Institute of Technology (Technion) have found a way to give nanobots “propellers”.
They created a "nanoswimmer" the width of a silk fiber, made of several links of polymer and magnetic nanowires. After introducing it into a blood-like fluid, they applied an external oscillating magnetic field, propelling the nanobot the length of its body in a second.
Those who control the nanobots can even indicate exactly where the nanobots will end up, by modulating the field. Nanobots are intended to reduce the need for invasive surgery, speed recovery and lower the risk of complications. The nanobot is easily configured to be used for a variety reasons. There is still a lot of work, but nanobots may be the key to fighting viruses and diseases.

 

Read more on engadget.

Watch Nanobots here.

The post The Future of Nanobots In Medicine: Including internal drug delivery appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/future-nanobots-medicine-including-internal-drug-delivery/feed/ 0
Oracle’s Big Data Integration Now Certified on Hortonworks HDP 2.2 https://ctovision.com/2015/06/oracles-big-data-integration-now-certified-hortonworks-hdp-2-2/ https://ctovision.com/2015/06/oracles-big-data-integration-now-certified-hortonworks-hdp-2-2/#respond Wed, 24 Jun 2015 11:11:55 +0000 https://ctovision.com/?p=89630 In late 2014, Hortonworks and Oracle teamed up to provide comprehensive data integration capabilities and technologies. Together, they deliver on the promise of big data for customers of all sizes and scale. Oracle and Hortonworks are continuing to work together to bring the latest ETL and real-time transactional data streaming capabilities to the Hortonworks Data […]

The post Oracle’s Big Data Integration Now Certified on Hortonworks HDP 2.2 appeared first on CTOvision.com.

]]>
In late 2014, Hortonworks and Oracle teamed up to provide comprehensive data integration capabilities and technologies. Together, they deliver on the promise of big data for customers of all sizes and scale. Oracle and Hortonworks are continuing to work together to bring the latest ETL and real-time transactional data streaming capabilities to the Hortonworks Data Platform (HDP).

Recently, Oracle has completed their certification testing for HDP 2.2 for both Oracle Data Integrator (ODI), Oracle GoldenGate for Big Data and Oracle Big Data Connectors. This will help Oracle take their Hadoop projects to the next level of enterprise integration. The ODI for Big Data helps transform and enrich data that is within the big data reservoir (or data lake), without users having to learn languages necessary to manipulate them. What this means is that the ODI users can build business and data mappings without having to learn HiveQL, Pig Latin and Map Reduce.

Oracle’s Big Data Integration Offering Certified on Hortonworks HDP 2

Oracle GoldenGate is a leader in real-time transactional data replication. With certification on Hortonworks HDP, Oracle GoldenGate for Big Data has extended beyond relational databases and into the Hadoop ecosystem. GoldenGate provides real-time transaction streaming to Apache Flume, Apache HDFS, Apache Hive and Apache Hbase. This solution enables IT organizations to quickly integrate into big data systems without extensive training and management resources, and facilitates better insights and timely action.

Find out more information on Oracle and Hortonwork’s Integration here.

Find out more information about their partnership here.

The post Oracle’s Big Data Integration Now Certified on Hortonworks HDP 2.2 appeared first on CTOvision.com.

]]>
https://ctovision.com/2015/06/oracles-big-data-integration-now-certified-hortonworks-hdp-2-2/feed/ 0