Do You Want CybSec With Your Cookies?
Mar08

Do You Want CybSec With Your Cookies?

This week’s cybersecurity threat report from SonicWall doesn’t hold any real surprises from every other cybsec alert that frequents my inbox — i.e. the Cisco 2018 Annual Cybersecurity Report — but it does reinforce the key themes: cybsec threats are bad, and growing worse (it was called the ‘greatest concern’ at last month’s Senate threats hearing). “We tend to view the world as a cybersecurity arms race… the good guys make advances and the bad guys make advances,” John Gordineer, Director of Product Marketing, SonicWall, tells IT Trends & Analysis. The cybsec vendor said cyber attacks are becoming the number one risk to business, brands, operations and financials, and it identifies almost 500 new previously unknown malicious files each day, which makes this one of the hottest IT — and business — markets. MarketsandMarkets states the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, while the total cybsec market will grow almost as quickly, from last year’s $137.85 billion to $231.94 billion by 2022, at a CAGR of 11%. While the SonicWall survey found that the number of attacks was down, the variety of attacks is increasing, which he attributed to several factors, especially in ransomware attacks, he said. First, companies that paid their ransoms did not get their data back; more effective protection is being deployed; and data backup and recovery solutions make companies less likely to become a victim or need to pay ransoms. As a result, the bad actors are scrambling to retool their ransomware to be more profitable, since they are catching fewer victims, said Gordineer. “We’re curious to see where that goes in 2018. One of the things we’re seeing is ransomware as a service.” Key findings of the SonicWall survey included: -9.32 billion total malware attacks in 2017, an 18.4% year-over-year increase; -ransomware attacks dropped from 638 million to 184 million between 2016 and 2017; -ransomware variants increased 101.2%; -the company collected 56 million unique malware samples in 2017, a 6.7% decrease from 2016, but the total volume of unique malware samples in 2017 was 51.4% higher than 2014; and -the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption. Cisco’s results offered similar dire news: -32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016; -more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs; -complexity is growing: in 2017, 25% of security professionals said they used products from...

Read More
Dell Security Aims To Be One Step Ahead
Dec08

Dell Security Aims To Be One Step Ahead

It’s still too early to talk about Dell EMC’s security plans, said Brett Hansen, VP, Endpoint Data Security and Management, Dell, but he tells IT Trends & Analysis there is a lot of work going on behind the scenes on the future of the company’s post-merger enterprise security strategy. “I’m like a kid in the candy store with this acquisition.” What’s not to be excited about? Cybersecurity is getting a lot more attention — and customer budgets — and the acqusition brings together two sets of technology assets, skills and customer bases. While overall IT spending may be inching upward, security is expected to grow at a compound annual growth rate of 8.3% through 2020, from $73.6 billion in 2016 to more than $100 billion. Other estimates put this year’s cybersecurity spend at $122.45 billion, and a 10.6% CAGR to $202.36 billion by 2021. EMC’s former security division, RSA (with more than 30,000 customers), will retain its autonomy, but will benefit from being part of the world’s largest privately controlled technology company, said president Amit Yoran in a September conference call. “RSA is now part of the broader Dell Technologies – a much broader platform that allows us to make decisions along private company timelines and horizons for a more strategic perspective, and less maniacally focused on the 90-day public company window,” he stated. “There is a natural upside [for enterprises] of having the broader ecosystem of Dell Technologies from a leveraging relationships standpoint.” He said authentication and identity, advanced security operations and analytics, and the business context and business drivers around those will continue to be the three key areas that RSA is focusing on. As for the unit’s R&D focus, he said in a world where there is no longer any perimeter, being able to identify who is where on what and provide them the appropriate access with strong multi-factor authentication and an elegant user experience “is a key area where RSA has great capability and we will continue to invest aggressively in R&D in that area”. In addition, it is investing heavily in advanced security operations, which includes RSA’s endpoint threat detection and response product Ecat, the NetWitness suite, and all the analytics around those. “Ultimately, context matters most to the organisation. What is mission-critical, what is business-critical, what is required from a compliance and regulatory perspective, and ensuring that the limited security resources are being spent on the most impactful and critical things for the enterprise,” said Yoran. In June, prior to the acquisition’s close, EMC announced the findings from its global enterprise backup survey, ‘Are You Protected?’, which included: -incidents of traditional data loss...

Read More
Dell Refreshes Mobile Security Lineup
Apr22

Dell Refreshes Mobile Security Lineup

The RSA Conference 2015 wraps up on Friday, but before all those security gurus, vendors, analysts, cybercriminals and cybercops escape, Dell has announced the latest additions to its Secure Mobile Access lineup, formerly known as SonicWALL SMA. The SMA OS 11.2, which adds secure access to more resources using a standard HTML 5 browser, enabling ‘intuitive access’ for most smartphones, tablets and laptop users and reduces reliance on Java and ActiveX components, is now generally available, and the SMA 6200 (supporting up to 2,000 concurrent users) and 7200 (up to 10,000 concurrent users) appliances will be available next month. Dell says ‘security is a non-negotiable’, but according to RSA (EMC’s security arm) president Amit Yoran, we’re still in the “Dark Ages of Information Security.” Last year was yet another reminder that “we are losing”, he said in this week’s keynote. “The adversaries are out-maneuvering the industry, out-gunning the industry, and winning by every measure.” Jumping the gun on RSA and the plethora of ‘doom-and-gloom’ cybersecurity reports, surveys and whitepapers that preceded and accompanied it, Dell released its own annual threats report to shed light on emerging security risks. Among the highlights: -a rise in point-of-sale (POS) malware variants and attacks against payment card infrastructures targeting retail organizations; -more companies were exposed to attackers hiding in plain sight as a result of SSL/TLS encrypted traffic; and, -a 100% increase in attacks against industrial control (SCADA) systems. Dell’s numbers are just the tip of the cybercrime iceberg: -security compromises increased 64% in 2014; -54% of breaches remain undiscovered for months; -60% of data is stolen in hours; and, -100% of companies connect to domains that host malicious files or services. Dell isn’t saying it’s fixed cybersecurity, but it is doing what it can to make security easier, more affordable and more scalable, said Matt Dieckman, Product Line Manager, Secure Remote Access Solutions, Dell. He told IT Trends & Analysis that they’ve been seeing the number of devices increase, so the new appliances offer increased capacity, with 6200 jumping from support for 250 users to 2,000 users, and the 7200 has doubled, from 5,000 to now supporting 10,000 concurrent users. Dieckman said customers don’t want to rely on Java and ActiveX legacy technologies. The new OS, SMA 11.2, adds secure access to more resources using a standard HTML 5 browser, including access to Citrix Xendesktop and Xenapps ICA support. At RSA Dell also showcased what it called the industry’s first demonstration of a highly-resilient, scalable, “Open Firewall Sandwich” layer 3 architecture (in collaboration with Array Networks and Spirent Communication), a solution which overcomes the challenges posed by the dramatic increase in secure web-based...

Read More