Gregarius » éléments par Ronen Yehoshua

Canaux

108375 éléments (108375 non lus) dans 10 canaux

Actualités (48730 non lus)

• 01net. Actualités (48730 non lus)

Hoax (65 non lus)

• Top dix quotidien Sophos des canulars (65 non lus)

Logiciels (39066 non lus)

• BetaNews.Com (34382 non lus)
• Presence PC - Actualité Logiciels, jeux vidéos (3551 non lus)
• LeMondeInformatique.fr : Actualités Applications (1133 non lus)

Sécurité (1668 non lus)

• Actualités Sécurité Informatique (406 non lus)
• Les Nouvelles.net : sécurité informatique. (1262 non lus)

Referencement (18846 non lus)

• Secrets2moteurs (11746 non lus)
• Referencement Google WebRankInfo (2255 non lus)
• Abondance (4845 non lus)

éléments par Ronen Yehoshua

BetaNews.Com

• 

  Cybersecurity: It's about time

  Publié: juillet 11, 2018, 12:13pm CEST par Ronen Yehoshua

  The sprawling and complex set of subjects we call cyber security can all be tied to one fundamental concept -- time. The time it takes a cyberattack to penetrate, the time from initial compromise to lateral movement across the network, the time it takes for an attack to be detected, to be analyzed, to be responded to and remediated. Time is one of seven base quantities in the International System of Units upon which all other measures are constructed. No surprise then that it’s the single most important factor in cybersecurity program success. Industry research indicates that within just two… [Continue Reading]
• 

  It's a team effort: The new cybersecurity stack

  Publié: août 30, 2016, 6:50pm CEST par Ronen Yehoshua

  Last week marked the end of the 2016 Summer Olympics and this year we witnessed several impressive moments. The image of Usain Bolt, giant smile and legs a-blur, is hard to forget. But equally memorable are the times that team efforts outshone those of any individual. This concept of building a cohesive, top-performing team that is more than the sum of its parts is echoed in an emerging security trend: the new cybersecurity stack. Like the Olympics, the security industry is a highly-visible playing field, with all the fanfare and expectations and often failed dreams. Security hopes are pinned on… [Continue Reading]
• 

  The pain of patching -- how to achieve a strategic balance between security, compliance and business goals

  Publié: novembre 19, 2015, 8:39pm CET par Ronen Yehoshua

  

  Modern cyber attacks are targeted, stealthy and evasive. Cybercriminals commonly attempt to penetrate enterprise networks by exploiting vulnerabilities in applications, web browsers and operating systems. The best defense available to enterprises is to rapidly patch these vulnerabilities -- or is it?

  Patching is costly and risky, and it can disrupt ongoing business activities. Clearly, this conundrum creates tension between IT teams, security departments and management. Can enterprises achieve a healthy balance without compromising their cyber security?

  Software Vulnerabilities are here to Stay

  As software becomes more advanced and complex, it is impossible for programmers to eliminate all potential weaknesses in their code. These flaws become a playground for hackers to exploit. In spite of programmers’ efforts and the use of vulnerability scanning tools, myriads of new vulnerabilities exist each year. Even worse, Zero Day attacks that utilize new, unknown vulnerabilities are constantly unveiled.

  To exploit a vulnerability and have a greater chance of "success", cybercriminals need intimate familiarity with the application they want to exploit. These attackers will typically seek applications widely used by employees in the targeted organization. This explains why most advanced attacks utilize common applications such as Adobe Acrobat, Adobe Flash, Microsoft Office and various web browsers. Hackers find it easy to get their hands on these applications and chances are high the users they wish to target are using one or more of them.

  The Pain of Patching

  Traditional security tools, technologies and processes cannot prevent malware and Advanced Persistent Threats from exploiting unpatched security vulnerabilities. Software vendors, as they become aware of new vulnerabilities, work rapidly to remediate them. This results in a continuous stream of security patches sent to their customers.

  Patching software in an organization is a complex task. It requires careful planning, execution and validation. In some cases, it involves halting and rebooting a machine, thus interfering with employees’ work or business processes that run on a server. Sometimes the patch itself causes a conflict with other applications running on the machine. For all of these reasons, patching requires a lot of attention and careful coordination between IT and security personnel.

  In short, software vendors are constantly creating an immense number of new patches to cover their vulnerabilities. Furthermore, security and IT teams face an endless (and ever-increasing) burden of executing those patches. The result is patching happens intermittently -- if at all -- because IT and business operations cannot tolerate the potential operational impact security patching represents.

  As one Chief Information Security Officer of a large financial institution summarized:

  All companies have a massive debt snowball that continues to grow in terms of unpatched security vulnerabilities on IT assets. The result is IT and Business Operations continue to be negatively impacted by exploits of unpatched vulnerabilities that increasingly extend beyond operational uptime, performance and availability. It eventually results in brand damage, regulatory fines, penalties and legal actions that hurt the company on a larger and long-term scale. This erodes market and consumer confidence in the brand, its products and services. This also impacts revenue retention, revenue acquisition and general growth and stability of the company. Added to all this is the potential theft and loss of intellectual property and competitive advantage in the marketplace.

  In Search of Security-Business Balance

  A true security-business balance can only be reached with a solution that mitigates the risk of unpatched security vulnerabilities. With this type of solution deployed, companies will not have to rush into rapid deployment of patches and can plan cost-effective patch roll-outs with minimum business disruption.

  Imagine a solution that prevents the damage of attacks, reduces the pressure for urgent patching, helps avoid the risk of the patching process causing unplanned IT or operational impacts, and mitigates the risks the unpatched vulnerabilities represent.

  For such a solution to be effective it would need to have the following attributes:

  1. Prevent the attack in its very first steps of the penetration attempt before it exploits the vulnerability. This is not easy and has been an elusive goal.
  2. Be agnostic to the application vulnerability that is attempted to be exploited. This requirement is the most demanding if the system is to be effective against the multiple variations of known and unknown attacks.
  3. Avoid flooding the organization’s SIEM with false alarms. Eliminating or significantly reducing false positives dramatically increases the effectiveness of a security system and the layers around it.
  4. Provide security personnel with detailed, real-time information about the attack attempt and actionable recommendations to help mitigate the spread of the attack throughout the organization. This also helps the company prioritize the patch of the targeted vulnerability.
  5. Be simple to install and manage. There is often friction between security and IT teams. The request for a new security tool, especially endpoint software, usually places a heavy burden on IT managers and desktop engineers. Security tools are notorious for their operational cost and disruption to business continuity. The challenge is to provide a powerful prevention system that is also simple to deploy and manage.
  6. Enable an excellent user experience. At the end of the day people need to work and not be "locked down" when they need to have outside connectivity or interact with external parties (suppliers, customers, etc.). An ideal solution should be totally transparent to the user.

  Achieving all of these attributes in one product is challenging, yet a new breed of security solutions take a fresh and different approach. CISOs and IT managers should carefully select such tools to effectively and efficiently protect enterprise assets while maintaining and patching systems in a strategic and unobtrusive way.

  Image Credit: alexskopje / Shutterstock

  Ronen Yehoshua is the CEO of Morphisec, a company born in the depth of the Israeli cyber security labs with the goal of, for once, changing the Cyber Security balance in favor of the good guys, the defenders.