Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


older | 1 | .... | 220 | 221 | (Page 222) | 223 | 224 | .... | 254 | newer

    0 0

    Symantec and Brigham Young University Prepare IT Students for a Career in Cyber Security
    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    We currently face a significant global shortage of qualified cyber security candidates—an estimated 500,000 to 1 million jobs remain unfilled in the U.S. alone[1] and this is expected to grow to a staggering 1.5 million by 2020[2]. According to a study by Intel Security and the Center for Strategic and International Studies (CSIS), 82% of organizations across eight countries[3] report a shortage of cyber security skills and 25% reported that a lack of cyber security expertise has led to them being a victim of data theft.

    Addressing the global workforce gap in the cyber security is a key focus of Symantec’s corporate responsibility strategy. From our signature CR program the Symantec Cyber Career Connection (SC3) to targeted partnerships with nonprofits and academia across the world, we engage, excite and increase opportunities for those just starting their education to professionals launching their careers.

    For example, we are proud to announce a new collaboration with long-standing partner Brigham Young University’s Information Technology program and their Cybersecurity Research Lab. The goal of this project is to educate and mentor Information Technology university students interested in cyber security as they prepare to enter the workforce. We aim to broaden their understanding and exposure to companies like Symantec that secure networks and infrastructure on a day-to-day basis.  Activities will include:

    BYU.jpeg

    • A day of interactive meetings with students and faculty at BYU to discuss student cyber security research projects.  Students will present to Symantec employees who provide constructive feedback, thoughts and suggestions on how to improve the projects.  Additionally, working closely as advisors, Symantec experts will identify key areas of industry research, tools and technology to enhance completion of these projects.
    • Participation in BYU’s career week and STEM career fair to actively recruit and educate students interested in cyber security.  Symantec representatives will also take time to review student resumes and discuss certifications / course work that can enrich the students’ university experience and outcomes.

    We see this as an exciting addition to our ongoing partnership with BYU to attract and retain top university talent. The caliber of students at BYU is evident in their strong performance at numerous “cyber defense” competitions including the annual National Collegiate Cyber Defense Competition, as well as the strong cyber security presence on campus such as their Girl’s Cybersecurity Camp held each summer for young women in grades 8-12. The camp includes four days of hands-on cyber security workshops, classes, and experiences covering topics such as career options, privacy, viruses and online safety.

    It is not often you have the chance to shape the future of an individual, let alone the future of your industry. Protecting information is the purpose of our business, but we also believe it is a central element of corporate responsibility for every company in the digital age. Our success protecting the world online depends greatly on the engagement and skills of the future and we look forward to executing and expanding this impactful partnership with BYU.

    Ralph Blood is Symantec's Sr. Director, Technical Services & Support

     

    [2] Executive Director, David Shearer, of (ISC)² which has been tracking the workforce shortage for more than a decade.

    [3] A survey of open source data, expert interviews and survey of 775 public/private sector IT decision makers across Australia, Germany, France, Israel, Japan, Mexico, the UK and the US.


    0 0

    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    It’s that time of year again – the annual HIMSS conference is upon us.  From Feb. 19-23, Symantec will join more than 45,000 health IT professionals, clinicians, executives, and vendors in Orlando to discuss the key issues facing health IT this year.

    With a number of recent high-profile breaches, the growing sophistication of hackers, and the proliferation of medical devices connecting to healthcare networks, cybersecurity is certainly top of mind.  At Symantec, we recognize that healthcare organizations are facing very complex challenges, and we value the time we have at HIMSS to come together as an industry to discuss these issues and exchange ideas on how to address them. We encourage HIMSS attendees to visit our booth (#1733) to check out our presentation (given every 30 minutes) on how to build an integrated cybersecurity defense platform.

    We’re also proud to have two of our experts speaking at the HIMSS Cybersecurity Command Center, which will feature interactive demos and presentations throughout the event from the industry’s leaders in cybersecurity:

    • Axel Wirth, our healthcare solutions architect, will cover holistic cybersecurity in healthcare, drawing on his more than 25 years of experience to share how to “secure the unsecurable” in an industry facing many funding, staffing, and support challenges (Feb. 21, 2:30-3:30 p.m., Booth 376-18)
    • Deena Thomchick, Symantec’s senior director of cloud security, will speak on cloud generation security, addressing how organizations can safeguard sensitive patient data as they take advantage of cloud computing’s many benefits (Feb. 20, 3:45-4:15 p.m., Booth 376-18)

    We’ll also feature two daily theater presentations at our booth:

    • Ken Durbin, strategist, will bring his unique perspective on balancing compliance with cybersecurity solution implementation as he covers how to build a comprehensive security program based on the NIST Cybersecurity Framework (Daily, Feb. 20-22, 12:30 p.m., Booth 1733)
    • Finally, I’ll share my two-cents on operationalizing cybersecurity in healthcare – covering our latest research from the 2017 HIMSS Analytics IT Security & Risk Management Study.  Stay tuned for our next blog post to get a look at some of the key findings (Daily, Feb. 20-22, 11 a.m., Booth 1733)

    Attendees can also visit our booth to check out a live view of our Global Threat Intelligence Network – a fascinating map pinpointing near real-time threats affecting the healthcare industry worldwide. 

    With so much in the works, it’s bound to be another great year at HIMSS.  We’re looking forward to seeing new and old faces, sharing our insight and experiences from the past year, and learning from you as well.  Make sure to come visit us in our booth (#1733).  We look forward to seeing you there.  Safe travels, everyone.


    0 0

    The email malware rate drops due to Necurs botnet inactivity and the Angler exploit kit makes a surprise comeback.

    続きを読む

    0 0

    Strengths include cloud-first strategy, “extensive features” and enterprise integration
    Twitter カードのスタイル: 
    summary

    We take a lot of pride in our products, and are always excited to get positive feedback from customers, partners and analysts. That’s why we’re thrilled to share that Symantec was named a leader by both IDC and the Radicati Group in their latest reports on email security.

    First up is IDC MarketScape: Worldwide Email Security 2016 Vendor Assessment. IDC calls out Symantec for “its strong company history and multitude of new features for its email security solution.” Symantec is cited as the overall revenue leader in messaging security, and in both the software-as-a-service and software on-premise categories. IDC notes that Symantec has a “renewed focus on the data loss prevention product as well as its advanced threat protection (ATP) products for endpoint and network security that both integrate with the company’s email solution.” IDC concludes that Symantec “is a good fit for larger companies and enterprises” that want a “broad portfolio for security and cost benefits”. 

    IDC_MarketScape_0.png

    A second report, IDC MarketScape: Worldwide Software-as-a-Service Email Security 2016 Vendor Assessment, drills down into SaaS email security products: “Symantec is positioned in the Leaders category in this IDC MarketScape because of its cloud-first strategy and its extensive features currently available and on the company's road map.”  IDC notes that Symantec has valuable add-ons for advanced threat protection, advanced encryption and advanced data loss prevention – and that “Symantec provides integration with SIEMs and has plans to further that integration on its road map.”

    The Radicati report – Radicati Group Secure Email Gateway – Market Quadrant 2016– calls out Symantec for delivering a “wide range of security solutions” available on-premise and via the cloud, powered by “one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats.” They conclude that Symantec email security “offers effective, accurate threat protection with low false positives” and that Symantec’s advanced threat protection “provides deep insight into targeted and advanced threats.”

    Why Do You Need Special Protection for Email?

    Both IDC and Radicati highlighted the importance of email security, as email continues to be the #1 threat vector for companies. These threats are becoming increasingly advanced, as attackers move from “one size fits all” attacks to more targeted attacks that leverage social engineering, which include spear phishing, business email compromise and ransomware. As an example, our latest Internet Security Threat Report identified a 55% increase in spear phishing and a 13X increase in business email compromise, resulting in billions of dollars in losses to organizations. Email has also become the most prevalent channel for ransomware to infiltrate companies.

    When you evaluate those needs against the capabilities of Symantec’s Email Security solution, you can see why we’re in the leaders’ quadrants:

    • First, we’re amarket leader in email security, protecting more than 163 million email users at 65,000+ organizations worldwide. That means we’re scanning more than 2 billion emails every day.
    • Second, we provide the strongest protection against spear phishing with the most comprehensive link following technology. We inspect suspicious links once before an email is delivered, relentlessly following every redirect until the final website – unlike most vendors who follow just one or two hops. We inspect these suspicious URLs again when a user clicks on a link, protecting them from latently planted malware.
    • Third, we use advanced machine learning to weed out malware and classify spear phishing attacks– all to protect users from advanced threats and targeted attacks.
    • Finally, we deliver tight integration with advanced encryption, data loss prevention,and advanced threat protection – to stop potentially devastating disruptions to your business.

    Bottom line: We appreciate the trust our customers place in us, and look forward to your feedback so we can keep getting better.

    Follow Symantec Email Security on Twitter.

    # # #


    0 0

    Watering hole attacks attempt to infect more than 100 organizations in 31 different countries.

    続きを読む

    0 0

    网络攻击者采用水坑式攻击,企图对31个国家的百余家机构进行感染。

    続きを読む

    0 0
  • 02/12/17--22:07: 2017年1月最新情报
  • 电邮恶意软件比例因Necurs僵尸网络停止活动而大幅下降。Angler漏洞利用工具包出其不意地死灰复燃。

    続きを読む

    0 0

    Symantec Employees Educate Students and Professionals to Build a Safer World Online
    Blog Feature Image: 

    Symantec strives to have a positive impact in the communities where we operate. Together with the Symantec Foundation, we support nonprofits around the world through cash, in-kind donations, and employee volunteerism. In order to effectively pursue our philanthropic strategy, we identify organizations and philanthropic focus areas aligned with our key business priorities and objectives, which include online safety.  

    For example, in FY16, Symantec awarded 26 grants totaling $2,585,900 to fight cybercrime and support online safety.

    However, our impact must go beyond monetary donations. In 2015 alone, we saw a record setting total of nine megabreaches of personal data, and the reported number of exposed identities jumped to 429 million[1]. Cybercrime does not discriminate.  Whether young, old, tech savvy or not, strengthening individual online safety awareness ensures we can all benefit from technology in a safe and sustainable way.  

    The activism, advocacy, and passion of employees on the ground is what enables us to transform our philanthropic strategy into tangible, real-world results. For example, through Symantec nonprofit partners and their own ambitions, our employees are constantly donating their time and expertise to serve as ambassadors of online safety, educating people of all ages, of all backgrounds how to spot and avoid everyday risks online.

    For example, do you know why to treat your password like a toothbrush? Read our wrap-up of online safety activities to find out…

    Pune and Common Sense Media Offer Online Safety Trainings  

    Symantec nonprofit partner, Common Sense Media, recently presented a WebEx training on online safety for Pune and Chennai employees. Following the training, employees hosted a lively and engaging cyber security workshop for children ages 5-14 where they reviewed similar online safety modules, focusing on information relevant to the children. The children were enthusiastic, but also surprisingly aware and interested in cyber security.

    Japan Celebrates Hour of Code

    In partnership with Code for Everyone, Symantec Japan took part in the Hour of Code Japan 2016 Tokyo Expo as part of Computer Science Education Week presenting an Internet security class to parents, kids and educators.

    Approximately 100 parents and children, and 120 educators visited the event, learning about computer programming and online safety. Symantec Japan presented more than 20 Internet security sessions to parents and educators. Additionally, the Norton team demonstrated the role of Norton products including parental control features and the Public Sales team held sessions for educators on key child online safety threats and solutions.

    Saudi Arabia Delivers Online Safety Program to Families and Employees of Saudi Electricity Company

    Saudi Arabia employees continued their partnership with Saudi Electricity Company, offering online safety education to employees and families of the country’s primary electric utility company. To date, more than 100 children ages 6-18 years, along with 52 Saudi Electricity Company employees have received the online safety presentation. Symantec plans to expand this program to schools in the region in 2017.

    OS1.png

    Symantec continues its partnership with Saudi Electricity Company providing online safety education to employees and their families.

    Techbridge and Symantec Herndon Engage Young Females in STEM

    Symantec’s Herndon, Virginia office supported the company’s partnership with TechBridge, which focuses on STEM education for girls in the 4th – 12th grades. Techbridge engages girls in STEM by encouraging them to discover a passion for technology, science and engineering through hands-on learning.

    Throughout the visit, students took part in Symantec hands-on learning. They met with technical mentors, spoke with employees about a career in technology and cyber security, toured the Security Operations Center, and participated in an activity where they took apart (and in some cases, put back together) servers from a Symantec data center.

    Cape Town Combines Soccer and Online Safety for Learning + Fun with Local Students

    As part of Global Service Week employees from Symantec’s Cape Town office hosted approximately 40 high school kids from underserved areas as part of a joint activity incorporating soccer and discussing key online safety lessons.

    OS2.png

    OS3.png

    Symantec Cape Town visits local high school students for a fun and engaging day of soccer and online safety education.

    EMEA Offices Cut Back on Cyberbullying and Offer Impactful Online Safety Classes

    Across EMEA, employees donated their time to educate customers and community members in online safety.

    In the UK, employees worked with kids between the ages of 12-17 on a workshop demonstrating the possibilities presented by a career in IT. The workshop “You Don’t Have to be a Programmer to Work in IT” broke down common misconceptions about technology careers and opened the students’ eyes to the wide variety of skills and positions needed in IT.

    Additionally, as employees continually report back, the team was amazed at the level of IT and cyber security knowledge the students showed. However, a simple online safety lesson proved to be a favorite. “Treat your passwords the way you treat a toothbrush – You DON’T share it, and should CHANGE it regularly”.

    OS4.png

    Symantec UK joins local students to offer a workshop on a “Career in IT”.

    In Dublin, Symantec employees joined and presented at the annual Anti-bullying Fortnight for a primary school based in the North County educating 150 students on how to identify and stop cyber bullying.

    OS5.png

    In Dublin, students are eager to share their insights and questions as part of Symantec’s workshop on cyberbullying.

    Additionally, in Paris 12 employees embarked on their first-ever volunteering initiative, presenting two online safety to over 90 pupils at Les Entretiens De L’excellence creation school.

    OS6.png

    Symantec Paris holds an online safety session for over 90 pupils at Les Entretiens De L’excellence creation school.

    This is just the tip of the iceberg. Throughout the year, our employees across the world continue to educate our customers, communities, educators and youth on cyber readiness and online safety. In many cases, they have taken an individual effort and expanded it to a regionally recognized program.

    At Symantec, we believe that together, we have the power to change the world and make it a better, safer place. However, we cannot achieve this alone; it takes a village. We look forward to bringing you more stories on our CR blog of how we continue to maximize impact through strategic partnerships with leading non-profits, monetary and product donations, and mobilizing employees’ time and talents.

     

    [1] Symantec ISTR Report, Volume 21, 2016


    0 0

    Google Play上的三种应用程序利用延迟进攻、自命名诈骗,以及命令和控制服务器指定的攻击列表,在用户不知情的情况下在后台点击广告。

    続きを読む

    0 0

    時間差攻撃、自己命名機能、コマンド &コントロールサーバーによって指定される攻撃リストという 3 種類の手口を利用して、ユーザーに気付かれないままバックグラウンドでアプリをクリックするアプリが 3 つ、Google Play で公開されていました。

    続きを読む

    0 0

    Android ransomware is now using dropper techniques to drop malware on rooted devices as well as an inefficient 2D barcode ransom demand.

    続きを読む

    0 0

    安卓勒索软件利用病毒释放器技术在获取root权限的设备上释放恶意软件,并使用一种无效的二维码勒索方式进行勒索。

    続きを読む

    0 0

    ルート権限が取得されている Android デバイスを対象に、ドロッパーの手口を使ってマルウェアを投下し、2D バーコードでランサムウェアを要求するランサムウェアが登場しました。実際には、効率の悪さが露見しています。

    続きを読む

    0 0

    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    SecureOne-Hero-960px web_0.jpg

    As part of our company integration, we are bringing two separate partner programs into one rock-solid program designed to give partners more opportunity for growth and profitability.  

    This spring, Symantec Secure One, will be even easier to navigate based on two competencies – Core Security and Enterprise Security – for our combined enterprise portfolio. Partners will have a huge opportunity to cross-sell and up-sell, providing our mutual customers with leading solutions to solve the world’s biggest cyber security problems. 

    Other key initiatives include transitioning Opportunity Registration to a front-end discount only, which ensures that the financials of doing business with Symantec will be more predictable moving forward. We’re also creating new opportunities to earn with a Platinum Performance Rebate, Renewal Incumbency, and by enabling partners to submit an unlimited number of activity proposals for Symantec Partner Development Funds.

    We’ll have more details to share in the upcoming months. In the meantime, I encourage you to visit go.symantec.com/secureone where we’ll continue to share updates as we gear up to launch our partner portal.

    With a $30 billion dollar opportunity in cyber security, we will see massive growth potential in our industry this year. We’re excited about this new era for our company, our partnership and our program, and we look forward to defining the future of cyber security, together.

     


    0 0

    Symantec Celebrates Safer Internet Day by Uniting for a Better Internet
    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    Sad. Freak. Crybaby. Loser.

    These words all sound pretty harsh, right? They do not feel very good to read here, but imagine them directed at you personally. In the world of child and teen online activity, these types of words can become all too familiar to the millions of children cyberbullied each year around the world.   

    In the UK, fifty per cent of adolescents have been bullied, with six out of 10 of these victims of cyberbullying[1]. More than 1 in 5 (22%) of 8-17 year olds report that someone has posted an image or video to bully them[2]. Over a third of cyberbullying victims in the UK (37%) have never told their parents/guardians that they have been cyberbullied[3]. According to the Cyberbullying Research Center, in the United States the percentages of individuals who have experienced cyberbullying at some point in their lifetimes has nearly doubled (19% to 34%) from 2007-2016.

    Furthermore, the Norton Cyber Security Insights Report[4], a survey of nearly 21,000 consumers globally, shows that nearly half (48 percent) of parents believe their children are more likely to be bullied online than at school in the playground. While the majority of parents implement proactive measures to keep their children safe online, such as limiting access to certain websites and apps (43 percent) or allowing Internet access only under parental supervision (40 percent), more than 1 in 10 (11 percent) do nothing

    This year, to honor Safer Internet Day, Norton wants to help parents stop cyberbullying in its tracks through a campaign encouraging individuals and communities to #RaiseOurVoices against cyberbullying. In Norton’s free e-book “Cyberbullying – A Conversation Guide for Parents and Kids”, the company provides parents and kids guidance on how to identify the signs of cyberbullying, empower themselves to start a conversation with their children and establish “netiquette” when the time is right.

    According to the guide, some notable signs of cyberbullying amongst children include:

    • Appearing nervous when receiving a text/online message or email or begin avoiding their devices or using them excessively
    • Making excuses to avoid going to school, acting up at school or their grades begin to decline
    • Becoming defensive or secretive about online activity or deleting social media accounts
    • Withdrawing from friends and family
    • Physical symptoms such as trouble sleeping, stomach aches, headaches, and weight loss or gain
    • Appearing particularly angry, frustrated or sad, especially after going online/checking devices

    Voice_CS.png

    So how can parents keep their children safe online to avoid and discourage engagement in cyberbullying?

    1. Set your family netiquette: Establish a set of guidelines for how your children use technology, also known as online etiquette. These guidelines may include how much time they spend online, the websites that are safe to use or what language is appropriate when chatting.
    2. Establish clear boundaries and open communication: Create a set of House Rules for children’s online communication, downloading, websites they visit, and cyber harassment. A decrease in negative online experiences is closely linked to households where there is an open dialogue with children about online safety.
    3. Educate: Teach young children to use strong and unique passwords across all their accounts and never to share passwords, even with their friends. Direct them to fun and engaging educational materials such as this online safety quiz from the UK Safer Internet Center.  
    4. Highlight the risks: Discuss the risks of posting and sharing private information, videos, and photographs, especially on social media websites. Everything posted online is a digital footprint for children and can be challenging to completely erase. Parents should help children avoid posting content that will compromise their security or which they may regret when they are older.
    5. Walk the talk: Children are likely to imitate their parents’ behaviour, so parents are encouraged to lead by example and show their children how to safely surf online.
    6. Encourage kids to think before they click: Whether they are browsing online videos, receiving an unknown link in an email or encountering banners/pop-ups while surfing the web, remind your children not to click on links that may take them to dangerous or inappropriate sites. Clicking unknown links is a common way devices are infected with malware and can reveal private and valuable information to criminals.
    7. Protect: Use a robust and trusted security software solution, such as Norton Security, for all household devices - from tablets to smartphones, laptops and desktops.
    8. Communicate: Most importantly, encourage and maintain an open and ongoing dialogue with your children on Internet use and experiences.

    “Parents play a critical role in educating their children on the boundaries for acceptable and safe internet behaviours. An open dialogue about online experiences is the first step in protecting children online. The internet is a valuable resource for children’s development, and our children today don’t know a world without it. Preventing children from going online is not necessarily the answer, we encourage parents to establish house rules on internet usage based on their age and talk to their children about their online experiences.” - Nick Shaw, Vice President, Consumer Business Unit, Symantec.

    Cyberbullying can be a challenging topic to talk about, but it doesn’t have to be. If we all – parents, children, friends, families, professionals – continue to #RaiseOurVoices we can work towards a common goal of protecting our children and stopping cyberbullying in its tracks.

    SFI.png

    In addition to Norton’s e-book guide on cyberbullying, the company created magnets for students to take home and help establish family guidelines to protect themselves online.

     

    [1] The Annual Bullying Survey, 2016., pages 11 and 30, www.ditchthelabel.org/research-papers/the-annual-bullying-survey-2016/

    [2] UK Safer Internet Center - Safer Internet Day 2017 showcases the power of image in today’s digital youth culture

    [4] The Norton Cyber Security Insights Report is an online survey of 20,907 device users ages 18+ across 21 markets, commissioned by Norton by Symantec and produced by independent research firm Edelman Intelligence. The margin of error for the total global sample is +/-0.68%.


    0 0

    Symantec recently released a newer version of Symantec™ Advanced Threat Protection (ATP). Meantime, free Symantec ATP app is now available for Splunk users
    Blog Feature Image: 

    Integration with Splunk

    Symantec Advanced Threat Protection (ATP) customers who are using Splunk as their SIEM tool can now take advantage of the free Symantec ATP app on the Splunk’s app store. They can export threat events across their ATP sensors to Splunk®. A default security dashboard is made available for ATP Splunk users to get a glance of all threat events. Meanwhile, customers can also create and customize a security dashboard in Splunk easily by leveraging the rich threat data from Symantec ATP. They can drill down to see any file hash that is related to a specific incident and do ad hoc queries via Splunk.

    If customers have multiple Symantec ATP modules, they may also filter ATP events via Splunk console by different search fields, such as endpoint, network, email, or roaming events. In addition, the Symantec ATP App leverages Splunk Adaptive Response framework in Enterprise Security app to allow incident responders to respond to threats by remediating and isolating compromised endpoints directly from the Splunk management console. This integration provides visibility into multiple control points and automates IR response tasks.

    The app is available for download on https://splunkbase.splunk.com/app/3453/

    Splunk 2_2_0.png

     

    Key feature enhancement in the latest release

    • Enhanced Rules for Incident Creation- Customers can now easily identify incidents based on: 1) Detections of malicious file that has not been remediated at the endpoint 2) Sandbox detections of any malicious file 3) Communication with known malicious or Command and Control sites

    • Improved performance for ATP: Email- See email details and correlations immediately. Incidents and events will be created without any delays.

    • Improved Detection of Suspicious Files- Symantec continuously fine tune our machine learning algorithm to  improve identification of suspicious files

    • Ability to submit and detect malware in RTF files via Cynic sandbox- Customers can now submit RTF files for sandboxing as they are a common document file type

    For more information, visit: http://atp.symantec.com

    Resource:

    Download ATP Datasheet: Splunk & ServiceNow Integration

    Download ATP: Platform Datasheet

    Symantec Advanced Threat Protection 2.3 Release Note


    0 0

    Part six in our series on Canada's Digital Privacy Act
    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    Co-authored by Ken Durbin, CISSP and Kevin McPeak, CISSP, ITILv3

    (Continued from part five in our series on Canada's Digital Privacy Act, where we were discussing how NIST CSF can be tailored to assess against a specific requirement like the DPA.)

    Up next is the Detect Function of the CSF. As with the other Functions, Detect is also divided into Categories, Subcategories, and Informative References.

    Detect consists of 3 Categories and 18 Subcategories, allowing an organization to get very granular in their assessment against the Detect Function. This series doesn’t cover the Subcategories in detail, however a full listing of all Functions, Categories, and Subcategories can be found in Appendix A of the NIST CSF Document (https://www.nist.gov/document-3766).

    What is the purpose of the Detect Function? According to NIST, Detect “enables timely discovery of cybersecurity events.” In other words, what got through the Protection Mechanisms you implemented in the Protect Function? The word “timely” is key. To reduce the severity of a cyber event you need know as rapidly as possible that something got through your defenses. Not to get ahead of myself, but a strong Detect implementation makes the Respond Function (see next blog) much more effective.

    Following are the 3 Categories that make up Detect:

    • Anomalies and Events: Anomalous activity is detected in a timely manner and the potential impact of events is understood.
    • Security and Continuous Monitoring: The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures.
    • Detection Processes: Detection processes and procedures are maintained and tested to ensure timely and adequate awareness of anomalous events.

    Detect and the Digital Privacy Act:

    The Digital Privacy Act (DPA) is designed to properly safeguard private data in Canada. Canadian organizations will be required to report data breaches, notify all affected individuals in a timely manner, and maintain relevant records of the breach.

    The Detect Function has the potential to play a critical role in preparing for DPA compliance. Remember, I use “potential” because it’s up to each organization to determine which Categories and Subcategories are important to align with their unique business needs. Keep in mind, at the heart of DPA is an organization’s ability to detect a breach and notify the Government and affected individuals as soon as possible.

    • Anomalies and Events: Are you prepared to collect and analyze data from multiple control points to detect a security event? Are you utilizing a platform that allows correlation between the Endpoint, Network, and Gateway?
    • Security and Continuous Monitoring: Do you have the ability to monitor key assets 24/7/365? Have you considered a Managed Security Service (MSS) to supplement your capabilities?
    • Detection Processes: To stay on the right side of DPA, you have to know about a breach as soon as possible (and before you learn about it on the news!) and follow the proper disclosure requirements. Are you utilizing Data Loss Prevention (DLP) to detect inappropriate access to your data (and prevent exfiltration) wherever it resides?

    Putting it to use:

    Taking the time to review each Detect subcategory to determine if it will help you comply with DPA will create a “DPA Current Profile.” A Risk Assessment against those subcategories will create a “DPA Target Profile,” which can be used to guide your efforts to comply with the Detect components of DPA.

    Symantec has solutions that align with both the CSF and DPA. We would be happy to discuss how we would be able to help you reach your Detect Target Profile.

    Up next…the Respond Core Function of the CSF. 

    For more information on how to prepare for DPA, please visit: go.symantec.com/ca/dpa 


    0 0

    Symantec and Brigham Young University Prepare IT Students for a Career in Cyber Security
    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    We currently face a significant global shortage of qualified cyber security candidates—an estimated 500,000 to 1 million jobs remain unfilled in the U.S. alone[1] and this is expected to grow to a staggering 1.5 million by 2020[2]. According to a study by Intel Security and the Center for Strategic and International Studies (CSIS), 82% of organizations across eight countries[3] report a shortage of cyber security skills and 25% reported that a lack of cyber security expertise has led to them being a victim of data theft.

    Addressing the global workforce gap in the cyber security is a key focus of Symantec’s corporate responsibility strategy. From our signature CR program the Symantec Cyber Career Connection (SC3) to targeted partnerships with nonprofits and academia across the world, we engage, excite and increase opportunities for those just starting their education to professionals launching their careers.

    For example, we are proud to announce a new collaboration with long-standing partner Brigham Young University’s Information Technology program and their Cybersecurity Research Lab. The goal of this project is to educate and mentor Information Technology university students interested in cyber security as they prepare to enter the workforce. We aim to broaden their understanding and exposure to companies like Symantec that secure networks and infrastructure on a day-to-day basis.  Activities will include:

    BYU.jpeg

    • A day of interactive meetings with students and faculty at BYU to discuss student cyber security research projects.  Students will present to Symantec employees who provide constructive feedback, thoughts and suggestions on how to improve the projects.  Additionally, working closely as advisors, Symantec experts will identify key areas of industry research, tools and technology to enhance completion of these projects.
    • Participation in BYU’s career week and STEM career fair to actively recruit and educate students interested in cyber security.  Symantec representatives will also take time to review student resumes and discuss certifications / course work that can enrich the students’ university experience and outcomes.

    We see this as an exciting addition to our ongoing partnership with BYU to attract and retain top university talent. The caliber of students at BYU is evident in their strong performance at numerous “cyber defense” competitions including the annual National Collegiate Cyber Defense Competition, as well as the strong cyber security presence on campus such as their Girl’s Cybersecurity Camp held each summer for young women in grades 8-12. The camp includes four days of hands-on cyber security workshops, classes, and experiences covering topics such as career options, privacy, viruses and online safety.

    It is not often you have the chance to shape the future of an individual, let alone the future of your industry. Protecting information is the purpose of our business, but we also believe it is a central element of corporate responsibility for every company in the digital age. Our success protecting the world online depends greatly on the engagement and skills of the future and we look forward to executing and expanding this impactful partnership with BYU.

    Ralph Blood is Symantec's Sr. Director, Technical Services & Support

     

    [2] Executive Director, David Shearer, of (ISC)² which has been tracking the workforce shortage for more than a decade.

    [3] A survey of open source data, expert interviews and survey of 775 public/private sector IT decision makers across Australia, Germany, France, Israel, Japan, Mexico, the UK and the US.


    0 0

    Blog Feature Image: 
    Twitter カードのスタイル: 
    summary

    It’s that time of year again – the annual HIMSS conference is upon us.  From Feb. 19-23, Symantec will join more than 45,000 health IT professionals, clinicians, executives, and vendors in Orlando to discuss the key issues facing health IT this year.

    With a number of recent high-profile breaches, the growing sophistication of hackers, and the proliferation of medical devices connecting to healthcare networks, cybersecurity is certainly top of mind.  At Symantec, we recognize that healthcare organizations are facing very complex challenges, and we value the time we have at HIMSS to come together as an industry to discuss these issues and exchange ideas on how to address them. We encourage HIMSS attendees to visit our booth (#1733) to check out our presentation (given every 30 minutes) on how to build an integrated cybersecurity defense platform.

    We’re also proud to have two of our experts speaking at the HIMSS Cybersecurity Command Center, which will feature interactive demos and presentations throughout the event from the industry’s leaders in cybersecurity:

    • Axel Wirth, our healthcare solutions architect, will cover holistic cybersecurity in healthcare, drawing on his more than 25 years of experience to share how to “secure the unsecurable” in an industry facing many funding, staffing, and support challenges (Feb. 21, 2:30-3:30 p.m., Booth 376-18)
    • Deena Thomchick, Symantec’s senior director of cloud security, will speak on cloud generation security, addressing how organizations can safeguard sensitive patient data as they take advantage of cloud computing’s many benefits (Feb. 20, 3:45-4:15 p.m., Booth 376-18)

    We’ll also feature two daily theater presentations at our booth:

    • Ken Durbin, strategist, will bring his unique perspective on balancing compliance with cybersecurity solution implementation as he covers how to build a comprehensive security program based on the NIST Cybersecurity Framework (Daily, Feb. 20-22, 12:30 p.m., Booth 1733)
    • Finally, I’ll share my two-cents on operationalizing cybersecurity in healthcare – covering our latest research from the 2017 HIMSS Analytics IT Security & Risk Management Study.  Stay tuned for our next blog post to get a look at some of the key findings (Daily, Feb. 20-22, 11 a.m., Booth 1733)

    Attendees can also visit our booth to check out a live view of our Global Threat Intelligence Network – a fascinating map pinpointing near real-time threats affecting the healthcare industry worldwide. 

    With so much in the works, it’s bound to be another great year at HIMSS.  We’re looking forward to seeing new and old faces, sharing our insight and experiences from the past year, and learning from you as well.  Make sure to come visit us in our booth (#1733).  We look forward to seeing you there.  Safe travels, everyone.


    0 0

    Strengths include cloud-first strategy, “extensive features” and enterprise integration
    Twitter カードのスタイル: 
    summary

    We take a lot of pride in our products, and are always excited to get positive feedback from customers, partners and analysts. That’s why we’re thrilled to share that Symantec was named a leader by both IDC and the Radicati Group in their latest reports on email security.

    First up is IDC MarketScape: Worldwide Email Security 2016 Vendor Assessment. IDC calls out Symantec for “its strong company history and multitude of new features for its email security solution.” Symantec is cited as the overall revenue leader in messaging security, and in both the software-as-a-service and software on-premise categories. IDC notes that Symantec has a “renewed focus on the data loss prevention product as well as its advanced threat protection (ATP) products for endpoint and network security that both integrate with the company’s email solution.” IDC concludes that Symantec “is a good fit for larger companies and enterprises” that want a “broad portfolio for security and cost benefits”. 

    IDC_MarketScape_0.png

    A second report, IDC MarketScape: Worldwide Software-as-a-Service Email Security 2016 Vendor Assessment, drills down into SaaS email security products: “Symantec is positioned in the Leaders category in this IDC MarketScape because of its cloud-first strategy and its extensive features currently available and on the company's road map.”  IDC notes that Symantec has valuable add-ons for advanced threat protection, advanced encryption and advanced data loss prevention – and that “Symantec provides integration with SIEMs and has plans to further that integration on its road map.”

    The Radicati report – Radicati Group Secure Email Gateway – Market Quadrant 2016– calls out Symantec for delivering a “wide range of security solutions” available on-premise and via the cloud, powered by “one of the world’s largest civilian cyber intelligence networks, allowing it to see and protect against the most advanced threats.” They conclude that Symantec email security “offers effective, accurate threat protection with low false positives” and that Symantec’s advanced threat protection “provides deep insight into targeted and advanced threats.”

    Why Do You Need Special Protection for Email?

    Both IDC and Radicati highlighted the importance of email security, as email continues to be the #1 threat vector for companies. These threats are becoming increasingly advanced, as attackers move from “one size fits all” attacks to more targeted attacks that leverage social engineering, which include spear phishing, business email compromise and ransomware. As an example, our latest Internet Security Threat Report identified a 55% increase in spear phishing and a 13X increase in business email compromise, resulting in billions of dollars in losses to organizations. Email has also become the most prevalent channel for ransomware to infiltrate companies.

    When you evaluate those needs against the capabilities of Symantec’s Email Security solution, you can see why we’re in the leaders’ quadrants:

    • First, we’re amarket leader in email security, protecting more than 163 million email users at 65,000+ organizations worldwide. That means we’re scanning more than 2 billion emails every day.
    • Second, we provide the strongest protection against spear phishing with the most comprehensive link following technology. We inspect suspicious links once before an email is delivered, relentlessly following every redirect until the final website – unlike most vendors who follow just one or two hops. We inspect these suspicious URLs again when a user clicks on a link, protecting them from latently planted malware.
    • Third, we use advanced machine learning to weed out malware and classify spear phishing attacks– all to protect users from advanced threats and targeted attacks.
    • Finally, we deliver tight integration with advanced encryption, data loss prevention,and advanced threat protection – to stop potentially devastating disruptions to your business.

    Bottom line: We appreciate the trust our customers place in us, and look forward to your feedback so we can keep getting better.

    Follow Symantec Email Security on Twitter.

    # # #


older | 1 | .... | 220 | 221 | (Page 222) | 223 | 224 | .... | 254 | newer