Articles on this Page
- 02/16/17--16:08: _The Future Guardian...
- 02/17/17--15:37: _WEBINAR: Unlock Pub...
- 02/17/17--09:22: _Coming Soon: A Rich...
- 02/17/17--14:01: _Ten Years and Runni...
- 02/21/17--08:14: _Cybersecurity Frame...
- 02/22/17--06:00: _Android ransomware ...
- 02/22/17--18:44: _安卓勒索软件要求受害者讲出解锁代码
- 02/22/17--21:56: _Android を狙うランサムウェア、...
- 02/23/17--13:13: _Cybersecurity Frame...
- 02/27/17--06:11: _Shamoon: Multi-stag...
- 02/27/17--12:55: _Personalized spam c...
- 02/27/17--20:44: _Shamoon: 限定于指定目标的多阶...
- 02/28/17--11:19: _I Got Breached-Now ...
- 02/28/17--13:08: _An Expanding Defini...
- 02/28/17--18:22: _Shamoon: 特定の組織のみを狙う...
- 03/02/17--10:14: _Symantec delivers t...
- 03/02/17--17:16: _That’s a Wrap – Loo...
- 03/03/17--03:32: _The Power of Good
- 03/03/17--13:01: _Your Friday Inspira...
- 03/03/17--13:59: _New Exams Available...
- 02/16/17--16:08: The Future Guardians of the Web
- 02/17/17--15:37: WEBINAR: Unlock Public Cloud Benefits While Maintaining Security
- 02/17/17--09:22: Coming Soon: A Rich New Online Partner Web Experience
Easier to navigate, even on the go: a single, mobile-friendly web site with an intuitive interface that provides access to important information to drive your business
Streamlined processes so you get things done faster: Primary enhancements include improved account creation and login process, and simplified Opportunity registration.
A personalized experience: a dynamic dashboard providing you access to information and resources based on your program and tier including:
- Opportunity registration, software benefits orderings and other tools
- Price lists, certificates, program guides and more
- Your program benefits, status, and agreement
- Personal profile as well as company account information and administration
- We provide the broadest coverage of data loss channels: cloud and web apps, endpoints, data repositories, and network communications including encrypted SSL.
- We offer the most comprehensive, content-aware detection technologies - from data fingerprinting to image analysis – so you can identify content containing PII, customer records, health information, intellectual property, and more.
- We make it easy to manage and deploy DLP with a powerful management console and flexible deployment options ranging from on-premises and private clouds to hybrid and pubic clouds.
- 02/21/17--08:14: Cybersecurity Framework: Respond Function
- Response Planning: Response processes and procedures are executed and maintained, to ensure timely response to detected cybersecurity events.
- Communications: Response activities are coordinated with internal and external stakeholders, as appropriate, to include external support from law enforcement agencies.
- Analysis: Analysis is conducted to ensure adequate response and support recovery activities.
- Mitigation: Activities are performed to prevent expansion of an event, mitigate its effects, and eradicate the incident.
- Improvements: Organizational response activities are improved by incorporating lessons learned from current and previous detection/response activities.
- Response Planning: To comply with DPA, you need to report breaches. Is this part of your Response Plan? Are you using a Policy Manager to align with DPA Requirements?
- Analysis: A second set of eyes on your Response Plan could be an effective way to catch something you may have missed. Do you have access to an outside resource like Business Critical Services (BDS) or an Incident Response (IR) provider?
- Mitigation: One breach can quickly turn into multiple breaches if you don’t mitigate the underlying threat. Do you have a relationship with an Incident Response (IR) Vendor who can help you quickly mitigate an event? Setting up a Retainer ahead of time avoids the potential delay of acquiring IR service during an event.
- 02/22/17--06:00: Android ransomware requires victim to speak unlock code
- 02/22/17--18:44: 安卓勒索软件要求受害者讲出解锁代码
- 02/22/17--21:56: Android を狙うランサムウェア、ロック解除コードの読み上げを要求
- 02/23/17--13:13: Cybersecurity Framework: Recover Function
- Recovery Planning: Recovery processes and procedures are executed and maintained to ensure timely restoration of systems or assets affected by cybersecurity events.
- Improvements: Recovery planning and processes are improved by incorporating lessons learned into future activities.
- Communications: Restoration activities are coordinated with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors.
- Recovery Planning: A malicious file made it through your defenses and caused an incident. You removed the malicious file but do you have an IT Management Suite (ITMS) to patch the vulnerability used by the malicious file? If not, you could suffer another breach as other unpatched systems across your enterprise are contaminated.
- Improvements: Do you have the resources necessary to figure out what went wrong so you can fix them? Employing and Incident Response (IR) vendor can give you insights into what happened and how to adjust your recovery plan for the next event.
- 02/27/17--20:44: Shamoon: 限定于指定目标的多阶段毁灭性攻击
- 02/28/17--11:19: I Got Breached-Now What?
- 02/28/17--13:08: An Expanding Definition of Safety for Youth
- 02/28/17--18:22: Shamoon: 特定の組織のみを狙う複数ステージの破壊的攻撃
- Deep Intelligence
- CloudSOC Audit tracks intelligence on over 20,000 cloud applications based on 90+ different risk attributes, now including the CloudBleed vulnerability
- Broad Visibility
- CloudSOC gets more log data from more sources to provide broader visibility over Shadow IT. Audit compiles log data from Symantec ProxySG and Web Security Service cloud proxy as well as third-party gateways, firewalls and SIEM systems to discover the use of cloud applications within an organization. Unlike other CASB solutions, CloudSOC Audit can also collect log data from Symantec Endpoint enabling Shadow IT visibility over off-network use of cloud applications.
- Automated Control
- ProxySG automatically enforces policy controls over the use of cloud applications based on integrated intelligence from CloudSOC Audit delivered through an AppFeed subscription from the Symantec Global Intelligence Network. Policy controls in ProxySG include block, alert, and continue pages that can contain custom messages to educate the user. These custom notifications could be used to recommend alternative cloud applications, deliver security instructions such as a request to update account settings, or general security education for end users.
- 03/03/17--03:32: The Power of Good
- 03/03/17--13:01: Your Friday Inspiration - The Power of Good
- 03/03/17--13:59: New Exams Available: Symantec VIP and DLP 14.5
- Candidates are strongly encouraged to review the corresponding course materials prior to attempting the exam.
- Review the exam study guides, which contain the exam objectives, as well as the referenced product documentation, and sample exam questions. Both study guides are attached at the end of this post.
- 250-420: Administration of Symantec VIP (March 2017)
- 250-424: Administration of SymantecData Loss Prevention 14.5
- Number of Questions: 55-75
- Exam Duration: 90 minutes
- Passing score: 80%
AAUW Tech Trek attendee in Santa Barbara. Photo by Jay Farbman for AAUW.
The American Association of University Women (AAUW) runs hands-on science and math camps each summer called Tech Trek with the goal of encouraging, motivating, and inspiring girls in science, technology, engineering and math (STEM). Symantec has supported Tech Trek through a grant to develop cyber security curriculum as well as through employee volunteers who review applications and mentor Tech Trekkers. Since its inception in 1998, Tech Trek has been adopted as a national program and over 9,000 girls have attended one of the camps! Over the past few years we have featured the story of Gabrielle, a Tech Trekker who attended the Bowling Green summer camp and this year the story of Grace Beal, a Tech Trekker who attended at Stanford University.
Today we bring you an article that originally appeared in AAUW's Outlook Magazine highlighting Symantec CR's partnership with the organization.
There’s no denying that the Internet has fundamentally transformed the way we live our lives. We can buy products, pay bills, run businesses, chat with loved ones across the world, instantly share files, stream movies and music, and countless other things — all by touching a button on our computers or smartphones. Online tools have certainly made our lives simpler. But with that simplicity also comes great risk.
Our financial, health, and other personal information exists online in a way it never has before, creating opportunities for scammers, hackers, and identity thieves. In fact, identity theft is now the fastest-growing crime in America. Thieves can use your personal information to drain your bank account, run up credit card charges, open new utility accounts, or get medical treatment with your insurance. An identity thief can even file taxes in your name and receive your refund. Victims are often left suffering the consequences for years.
“In our latest Internet Security Threat Report, we’ve estimated that more than half a billion personal records were compromised last year,” says Patricia Nevers, associate program manager with Symantec Corporation’s corporate responsibility team. Symantec is a cyber security and technology company based in Mountain View, California. “More than 75 percent of all legitimate websites have unpatched vulnerabilities, which hackers are exploiting. And last year Symantec blocked 100 million fake technical support scams.”
The company is seeing more and more threats pop up each year, says Nevers. “With every new digital device and connected car, the risks are increasing,” she says.
Heavy Demand, Short Supply
Every few weeks, a new data breach makes headlines, whether it’s a celebrity’s phone contents, human resources records, or the e-mails of a movie studio. And some hacks are clearly a matter of homeland security. As a country, we face threats from global cyber criminals who are looking to damage U.S. infrastructure, disrupt or hijack our networks, steal trade secrets from our companies, and compromise our personal information. As a White House statement on its cyber security plan explains, “Criminals, terrorists, and countries that wish to do us harm have realized that attacking us online is often easier than physically attacking us in person. And with more and more sensitive data being stored online, the consequences of those cyber incidents are only growing more significant.:
Strengthening our cyber security is clearly paramount. Yet our ability to do so is hindered by a severe workforce shortage.
“It’s estimated that there are 1 million open cyber security jobs in the U.S. alone,” explains Jaime Barclay, manager of Symantec’s corporate responsibility department and comanager of its workforce development program. “There are just not enough qualified people to fill these roles. Companies are taking a long time to fill openings; meanwhile vulnerabilities continue to grow. With the threats mounting, it is critical that we fill these jobs quickly.” Symantec even has a goal to engage 1 million students in science, technology, engineering, and math (STEM) by 2020.
Solution? Add Women
It’s no secret that computing fields continue to be male dominated: AAUW’s research report Solving the Equation: The Variables for Women’s Success in Engineering and Computing revealed that women make up just 26 percent of the computing workforce and that there is little racial diversity in the field. But the gender gap is particularly acute in cyber security: Last year, a survey conducted by ISC², the largest organization that certifies cyber professionals, revealed that women account for just one out of every 10 cyber security professionals. That is down from 11 percent two years ago.
Yet a variety of ideas is exactly what the field needs. “Hackers come in all genders and ethnicities,” explains Barclay. “They come at companies in many different ways and are relentless in their pursuits. To stop these threats, it is going to take a lot of different approaches. Having a diversity of mindsets in your workforce is invaluable.”
To help draw more women to the field, Symantec gave AAUW a $100,000 grant to develop a cyber security class for middle school girls who are interested in STEM. The course expands the curriculum for the national AAUW Tech Trek program, a highly successful, weeklong STEM summer camp that was started by AAUW of California in 1998 and adopted as a national program in 2013.
More than 1,470 girls attended AAUW Tech Trek at 21 sites around the nation in 2016. The cyber security course was piloted at camps at Bowling Green State University in Ohio, Stanford University in California, and the University of California, Irvine, in 2015 and took place at 13 AAUW Tech Trek camps in 2016.
Thirteen-year-old Grace Beal from Northern California took the cyber security course at the Stanford camp. She had been interested in cyber security but didn’t know where to start to learn more. “I knew what is shown in the movies, but I wanted to know what was really going on today,” Beal says. “But it all just seemed daunting to me.”
At AAUW Tech Trek, Beal found that starting point. There she learned about the “dark web”— hard-to-access sites that can be used for illegal activity—and how the Internet is a lot more than just Google. She learned how to tell if something is a scam. She learned basic binary coding. She even helped take a computer apart.
“It really was a once-in-a-lifetime experience,” Beal says. “I met a lot of great people and was able to have really deep conversations about science and math, which is one of my favorite things to do.” And although it’s too early to tell whether she will pursue a career in cyber security, Beal says she now has a clearer understanding of the field and knows better what she likes and doesn’t like, and she is excited for what the future holds.
That is one of the goals of the Symantec-AAUW collaboration — to excite girls about cyber security. “Bringing middle school girls to a college campus, teaching them about cyber security and other STEM fields, and providing a support network for them — it’s a win, win, win,” says Nevers.
AAUW Solves for XX
Research has shown that reaching girls in middle school is crucial to closing the gender gap in STEM, because the coursework girls pursue in high school and college sets the stage for them to enter STEM careers later. The cyber security courses at AAUW Tech Trek camps are introducing girls to career options they probably didn’t know existed; girls are also getting hands-on training to fill well-paying roles in a field where women are underrepresented and workers are desperately needed.
“AAUW is working hard to increase the number of women in technology, and we’re so glad to have organizations like Symantec supporting our efforts to encourage girls to consider the full range of STEM studies and career options,” says Ana Kay Yaghoubian, the STEM programs senior manager for AAUW.
As our economy and society evolve along with science and technology, the marriage of supply and demand that AAUW Tech Trek and collaborators like Symantec are facilitating is more relevant than ever. Tech Trek campers are certainly the innovators of tomorrow, and they could end up being the future guardians of our increasingly online lives.
WEBINAR: Unlock Public Cloud Benefits While Maintaining Security
TIME: 10:00 am (PST) / 1:00 pm (EST)
SPEAKERS: Sudha lyer, Principal Product Marketing, Symantec and Dan Frey, Senior Manager Product Marketing, Symantec
The public cloud offers agility and cost savings for organizations seeking that competitive edge, but will your critical workloads and applications remain secure? The ""shared resonsibility"" model of security means that businesses are still on the hook for securing everything running on the IaaS providers infrastructure.
Learn how the new Symantec Cloud Workload Protection automates security for your AWS and Azure deployments, how to defend your workloads against exploits and advanced threats so you can enjoy public cloud benefits without worrrying about security.
Join our webcast to learn how easy it can be to:
* Automatically discover, view, and control all of your for public cloud IaaS instances
* Intregrate security directly into your DevOps continuous delivery workflows
* Deploy security that scales seamlessly with your dynamic public cloud workloads
* Mitigate risk associated with public cloud adoption
Register Today (click here)
Last week we shared what’s coming in Secure One, our newly-integrated partner program. This week, we want to share important changes coming to our partner portal, PartnerNet.
Increasing productivity while improving your experience
You might remember back in October, we started an initiative to revamp PartnerNet, improving the partner experience and ultimately making it easier for you to engage with Symantec online. Phase one of that initiative was rolled out last October, and now we’re excited to share that we’ll be rolling out phase two of that initiative at the end of February.
Here is a sneak peek:
As of February 27 we are introducing a newly improved account creation and login process, a simplified opportunity registration and software benefits ordering interface, and a dynamic dashboard—consisting of resources and benefits based on program and tier.
What’s in it for you, our partner?
All Partners will benefit from the easy to use login, self-registration, enrollment, opportunity registration experience and the new dashboard. Initially, some experiences may change in non-English sites but over time we’ll have a consistent global experience, even after login.
We will continue to update this blog with any changes we are rolling out. We are committed to making it easier to do business with Symantec and openly communicating with you, our partner community, on what those changes are and how it impacts you. As we continue to improve our partner portal experience and we implement changes to Secure One and other partner programs, we’ll post information right here, so keep checking back with us. We also want feedback, so please comment on this blog if there is something we can do to improve even more.
And most important, thank you for your partnership. With a $30 billion market opportunity in cyber security, 2017 holds potential for massive growth in our partnership and our combined business, and we look forward to defining the future of cyber security, together.
DLP Moves Toward the Mainstream
The data loss prevention (DLP) market is poised for continued growth in 2017, due to businesses’ requirements to ensure regulatory compliance, protect intellectual property, and gain visibility into emerging data loss channels such as cloud apps, according to a new report from Gartner.
The DLP business is estimated to grow 9.8% year-over-year, from $894 million in 2016 to $1.3 billion in 2020, according to Gartner.
Symantec is Named a Leader in DLP
Evaluating 12 vendors across competitive buying criteria, Gartner named Symantec as a Leader in the Magic Quadrant for Data Loss Prevention.
Here are a few reasons why the world’s largest brands choose Symantec to protect their information:
Next for Symantec: Cloud and Information-Centric Security
Over the past year, we’ve built out our cloud security platform with new services like the DLP Cloud Service for Email, DLP Cloud Service for CASB, and DLP Cloud Service for Cloud Proxy– all of which give you added visibility into sensitive data moving in and out of cloud apps.
Our engineers are hard at work building the next generation of DLP. We believe the future of data security lies in bringing multiple disciplines together: data loss prevention, cloud security, identity management and encryption. By integrating these disjointed security technologies, we can deliver simplified cloud and information-centric security to our customers.
Thank You to Our Customers and Partners!
We’re honored to be recognized by Gartner for our continued leadership in DLP. It is a testament to our commitment to security innovation and to the loyalty of our customers and partners. Here’s to ten more years of continued success!
To read the entire Gartner Magic Quadrant report, click HERE.
Co-authored by Ken Durbin, CISSP and Kevin McPeak, CISSP, ITILv3
(Continued from part six in our series on Canada's Digital Privacy Act, where we were discussing how NIST CSF can be tailored to assess against a specific requirement like the DPA.)
Now it’s time for the Respond Function of the CSF. As with the other Functions, Respond is divided into Categories, Subcategories, and Informative References.
Respond consists of 5 Categories and 15 Subcategories, allowing an organization to get as detailed as they need to in their assessment against Respond. As with the other Functions, we will not be able to cover the Subcategories in this series but a detailed listing of all Functions, Categories and Subcategories can be found in Appendix A of the NIST CSF Document (https://www.nist.gov/document-3766).
What is the purpose of the Respond Function? According to NIST, Respond “supports the ability to contain the impact of a potential cybersecurity event.” This is why in my previous post I said a strong Detect implementation makes the Respond Function more effective. Why? You can only Respond to what you Detect. Following are the 5 Categories of Respond and their purpose:
Respond and the Digital Privacy Act:
The Digital Privacy Act (DPA) is designed to properly safeguard private data in Canada. Canadian organizations will be required to report data breaches, notify all affected individuals in a timely manner, and maintain relevant records of the breach.
The Respond Function has several potential ways it can help assess against the DPA. (Note: I use “potential” because it is up to each organization to determine which Categories and Subcategories are important to their business needs). It’s important to remember that one cyber event can lead to multiple breaches (and trigger DPA multiple times.) A quick response is essential to reduce exposure. Following are some examples:
Putting it to use:
Taking the time to review each Respond subcategory to determine if it will help you comply with DPA will create a “DPA Current Profile.” A Risk Assessment against those subcategories will create a “DPA Target Profile” which can be used to guide your efforts to comply with the Respond components of DPA.
Symantec has solutions that align with both the CSF and DPA. We would be happy to discuss how we would be able to help you reach your Respond Target Profile.
Up next…the Recover Core Function of the CSF.
For more information on how to prepare for DPA, please visit: go.symantec.com/ca/dpa
Latest Android.Lockdroid.E variant uses speech recognition instead of typing for unlock code input.
Co-authored by Ken Durbin, CISSP and Kevin McPeak, CISSP, ITILv3
(Continued from part seven in our series on Canada's Digital Privacy Act, where we were discussing how NIST CSF can be tailored to assess against a specific requirement like the DPA.)
Last, but certainly not least, we come to the Recover Function of the CSF. As with the other Functions, Recover is divided into Categories, Subcategories, and Informative References.
Recover consists of 3 Categories and 6 Subcategories. The Recover Function has the least amount of Subcategories but that certainly doesn’t mean it’s less important than the other functions. In fact, it could be argued that Recover is the most important Function. What good are the other Functions if you can’t return to business after a cyber event? The other Functions are absolutely critical, but you have to be able to recover from the cyber events that make it through. We won’t be covering the Subcategories in this blog but a detailed listing of all Functions, Categories and Subcategories can be found in Appendix A of the NIST CSF Document (https://www.nist.gov/document-3766).
What is the purpose of the Recover Function? According to NIST, Recover “supports timely recovery to normal operations to reduce the impact from a cybersecurity event.” In other words, what people, processes, and technology are in place to allow me to get my business back up and running as soon as possible? This goes well beyond DPA. You can suffer a breach, comply with DPA, but still have to close shop because of poor Recovery planning. Following are the 3 Categories of Recover and their purpose:
Recovery and the Digital Privacy Act:
The Digital Privacy Act (DPA) is designed to properly safeguard private data in Canada. Canadian organizations will be required to report data breaches, notify all affected individuals in a timely manner and maintain relevant records of the breach.
The Recovery Function has several potential ways it can help assess against the DPA. As with the other CSF Functions each organization has to decide which Categories and Subcategories are important to their business needs. Following are some examples:
Putting it to use:
Taking the time to review each Recover subcategory to determine if it will help you comply with DPA will create a “DPA Current Profile.” A Risk Assessment against those subcategories will create a “DPA Target Profile,” which can be used to guide your efforts to comply with the Recover components of DPA.
Symantec has solutions that align with both the CSF and DPA. We would be happy to discuss how we would be able to help you reach your Recover Target Profile.
In the last six parts of this blog series, we provided a basic overview of the NIST Cybersecurity Framework (CSF), a deeper dive into the five Core Functions, and how each could be used to prepare for the Canadian Digital Privacy Act (DPA). We recently hosted a webcast on this topic: Using the NIST CSF to prepare for Canada Digital Privacy Act. Although we limited the discussion to the DPA, the CSF is designed to help any size organization assess their overarching cyber readiness and make improvements. We encourage you to take a deeper look at the CSF to see how it might help your cybersecurity efforts. Symantec has a deep understanding of the CSF and have mapped our solutions to the Functions, Categories and Subcategories and are ready to assist with your CSF efforts.
Up next in this series..."I got breached, now what?"
For more information on how to prepare for DPA, please visit: go.symantec.com/ca/dpa
Recent attacks involving the destructive malware Shamoon appear to be part of a much wider campaign in the Middle East and beyond.
The highly-specific spammers using breached personal information are at it again
Co-authored by Ken Durbin, CISSP and Kevin McPeak, CISSP, ITILv3
(Continued from part eight in our series on Canada's Digital Privacy Act, where we were discussing how NIST CSF can be tailored to assess against a specific requirement like the DPA.)
Let us assume that you’ve diligently followed the five Core Functions of the NIST Cybersecurity Framework (CSF) in order to best prepare yourself for the Canadian Digital Privacy Act (DPA). Likewise, let us also assume that you’ve briefed your Board of Directors, you have rigorously assessed your overarching cyber readiness and that based on the CSF, you have made significant improvements to your cyber defensive posture. Nonetheless, you get that 3:00AM call that your enterprise infrastructure has been breached and a significant exfiltration of customer, client, or patient PII has occurred. Although you won’t be happy to receive this call, the degree of stress you will encounter will be directly related to how well you’ve war-gamed out this event in advance. In other words, don’t wait until you’ve been breached to think about the next step – ASSUME you will be breached, because sooner or later, even with the best effort to prevent, you still might experience such an event. To develop your preparedness, here are three simple steps to take to prepare you for that dreaded day.
Protect your data
In 2015, the median number of days that attackers were present on a victim’s network before being discovered was 146 days, (source: Symantec 2016 Internet Security Threat Report found at: https://www.symantec.com/security-center/threat-report) which is a lot of time to steal whatever data they are looking for. However, even if you experience a data breach, if they can’t steal your data or compromise its integrity, there will be less damage to your organization, no matter how long it took for you to discover the breach. So, we recommend that you classify your data to determine what data is important and sensitive, and take measures to protect it in the event of a data breach, such as using data loss prevention (DLP) with SSL decryption capabilities for data in motion. DLP with SSL decryption will detect and prevent attempts to access and/or exfiltrate data without authorization and, based on your policy, block it or encrypt it so that even if it is stolen, it cannot be read.
Have Your Incident Response Team Ready to Act
You can’t deal with a breach on your own, unless it’s what you do for a living. So, we suggest that you have a retainer with a professional, well established Incident Response organization that has the resources and experience to act immediately to mitigate the impact of your breach. They can do this using remote and/or on-site investigative support. Incident Response organizations that have access to not only tools but also to massive global intelligence networks are best – because they can more quickly and accurately determine the source and nature of your breach, and perform forensics to help you minimize the chances of another breach. Since they do this for a living and you don’t, this is the best way to be ready to respond to a breach and restore “business as usual” as quickly as possible.
Quickly Determine Exactly What Happened and How
Your Incident Response Team will work to determine where the cyber attackers embedded “command and control” nodes across your network, what they have accessed and how to isolate and remove their presence, and block their attempts to further steal or compromise your data. To facilitate a resilient cyber defense in depth, we recommend that you deploy technologies that give you deep visibility into your network (including encrypted traffic). Like a security camera for the network, you should be able to record such network activity, so that you and your Incident Response Team can replay and analyze what happened, where, when, and how. This detailed, historical, time stamped data will dramatically improve the efficiency of your incident resolution and forensics activities and help deliver a faster, more precise, and more complete remediation. Ultimately this will resolve the issues faster and deeper, thus helping you to thwart subsequent breach attempts.
Historically, many organizations fail to reveal the full scope and breadth of their data breaches. In fact, they often fail to grasp the full extent of compromise and the magnitude of the damage done by breaches. To not only avoid breaches, but to avoid the systemic collapse of your cyber posture if a limited breach occurs, it is best to maintain a specialized team on an Incident Response Retainer basis so that whenever breaches occur, they will be at the ready to effectively assist you in recovery. To avoid breaches in the first place, maintain a rigorous defense-in-depth cybersecurity program that not only hardens devices, but that also deploys data loss prevention with SSL decryption capabilities to detect and prevent nefarious attempts to access or exfiltrate your data. By having such technologies that can provide you with deep visibility into your network, and with an Incident Response Retainer in place, your organization will be much better prepared to thwart breach attempts and to respond to them if they nonetheless occur. We’re ready to help. If you would like to begin working with our team, click here and we’ll have one of our specialists reach out to you.
Up next is our final blog in the series..."Building Out an End-to-End DPA Strategy"
For more information on how to prepare for DPA, please visit: go.symantec.com/ca/dpa
From virtual and augmented reality to personalized learning to tablets and laptops in classrooms, digital learning is revolutionizing today’s classrooms. Constant innovation in the edtech space is resulting in new products and solutions that enable teachers to enhance and diversify the learning experience, and provide enriching learning experiences for students.
As technology expands opportunities in the classroom, it also brings with it additional risks. More and more data and personal information is being stored online and the classroom is becoming a new target for cyber threats. For example, in a survey by Symantec partner Common Sense Media, of more than 1,000 educational technology products, they found that only 52 percent of the productsrequire encryption of login and personal information, one of the most basic ways a website can protect user data.
Promoting safety both inside and outside schools has always been a priority of educators; however, the definition of safety is expanding. While the increased use of technology by children at home is undisputed, it can often be overlooked in the classroom. It also takes time, resources and budget for schools to effectively protect against cyber threats and therefore education has traditionally weaker defense systems in place than other industries.
What can schools and educators do? Do what they do best, educate.
As the global leader in cyber security, we believe it is our corporate responsibility to educate our customers and communities about cyber risks. In FY16, Symantec awarded 26 grants totaling $2,585,900 to fight cybercrime and support online safety. Many of these include efforts to offer cyber safety educational tools to address new and emerging risks to children's online safety.
For example, since 2010, Symantec has partnered with Common Sense Media, a leading online safety non-profit, to empower our employees, educators and parents to become ambassadors for online safety using Common Sense Media’s K–12 Digital Citizenship Curriculum, which teaches students how to make safe, smart, and ethical decisions in the digital world. The core digital citizenship curriculum includes over 65 lesson plans tailored to each grade level and is based on the research of Dr. Howard Gardner and the GoodPlay Project at the Harvard Graduate School of Education.
Since the launch of Common Sense Media's Digital Literacy and Citizenship Program eight years ago, the accessibility to technology and therefore its everyday use has changed significantly. For example, with the adoption of Facebook, Instagram, and Snapchat, among many others, social media use has exploded and the use of technology by teachers and students both inside and outside the classroom has grown significantly.
To reflect these changes, in the coming year, Symantec will support the refresh and redesign of Common Sense Media’s K-12 Digital Literacy and Citizenship Curriculum offerings to meet the growing 21st century needs of schools, educators, and students. The curriculum will address increasingly important issues such as cyber security, data privacy including geolocation, computer science and coding. This will include approximately 20 new student videos, which will result in the update of at least 30 percent of Common Sense Media’s K-12 curriculum lessons.
Additionally, the partnership will help Common Sense Media continue to reach new educators and schools, and nurture their existing user base of educators and schools through marketing and outreach efforts, professional development and certiﬁcation programs.
Teaching girls around the globe to Surf Smart
Additionally, in 2012 WAGGGS collaborated with Symantec to create Surf Smart, a non-formal education curriculum for the Girl Guides and Girl Scouts designed to inform young people about how to connect positively online, protect themselves from online threats and respect their rights and reputation on the Internet. Surf Smart breaks down lessons by age and includes three sections – connecting positively online, protecting yourself from online threats and respecting your rights and reputation online - to encourage users to learn about and take action to protect themselves online.
To date, 281,000 Girl Guides and Girl Scouts in over 44 countries have completed Surf Smart. The program has been delivered to girls, boys and young adults in three European countries, 12 countries in Africa, and 16 countries in Latin America and the Caribbean, and India. Moving forward Symantec will support the expansion of Surf Smart to the Philippines, Australia and Singapore based on the needs of these regions, and promote the program online to all WAGGS members in the Asia Pacific region, reaching three million Girl Guides and Girl Scouts and 26 member organizations.
In a survey of 200 leaders and participants in 2015-16, 96.8 per cent said they would be more able to identify online dangers as a result of completing Surf Smart, 91 per cent said that the program was either 'a lot of fun' or 'fun' and 94.7 per cent reported that the program helped with addressing online safety issues.
In the same way that we educate our children about other risks, it is imperative that we educate them about avoiding online dangers. The increasingly connected classroom is therefore becoming a central and critical place to educate both the teacher and student about the growing importance of digital literacy and citizenship.
破壊力の強いマルウェア Shamoon を使った最近の攻撃は、中東を含む広域で続いている広い攻撃活動の一部である可能性が濃厚になってきました。
Symantec Customers Can Quickly and Easily Respond to CloudBleed Vulnerability
Within days of receiving news of the CloudBleed vulnerability that potentially compromised millions of user accounts in cloud applications, Symantec has released an automated solution to identify and resolve potential exposures to current Symantec ProxySG customers. Symantec is uniquely positioned to deliver this comprehensive and automated solution to customers by leveraging integrations between its CloudSOC™ Cloud Access Security Broker (CASB) and the broader Symantec security portfolio.
Automatically Identify At-Risk Accounts
Following the incident, Symantec analysts mapped the vulnerable CloudBleed web URLs to specific cloud applications and CloudSOC Audit identified more than 2,000 applications that were potentially affected by CloudBleed. As a result, CloudSOC Audit, the CASB component for discovering Shadow IT, now tracks the CloudBleed vulnerability as an at risk attribute for cloud applications. Symantec customers using CloudSOC Audit can now automatically identify users of cloud applications both on-network and off-network who could be at risk of compromise due to CloudBleed.
Automatically identify cloud applications that were at risk due to CloudBleed vulnerabilities
Automatically Notify at Risk Users to Remediate Exposure
By leveraging the CloudSOC Audit AppFeed (provided via the Symantec Global Intelligence Network), Symantec ProxySG customers will be able to set a policy to automatically send alerts to users of at risk cloud applications. This notification, triggered by the use of a vulnerable application, can instruct users to update their password and inform them that their cloud account has potentially been exposed.
Solving Shadow IT with a CASB that Integrates Across a Broad Portfolio
Symantec CloudSOC provides organizations with a unique level of visibility and automated control over their use of cloud applications and services through the integration of ProxySG, Web Security Services, Endpoint Protection, DLP and the Symantec Global Intelligence Network. Through this integration, customers benefit from the following capabilities:
Another HIMSS has come and gone, and we want to take a moment to thank everyone who met with us and stopped by our booth during the show. It was a busy week, but we left Orlando feeling energized and optimistic to hear from our customers on the focus and importance being placed around cybersecurity within their organizations.
It’s a new world, and traditional security approaches won’t protect you in the Cloud Generation. Healthcare workers have become more mobile, creating new identities and personas in the cloud that can be linked to literally dozens of different mobile and IoT devices – especially as more and more medical devices and wearables connect to the network. Sensitive data – from electronic protected health information to patients’ financial records – lives everywhere.
At Symantec, we work with our healthcare customers to develop an integrated cyber defense platform, where all technologies, services, and intelligence they depend on work together to protect their users, information, messaging infrastructure, and the Web.
This kind of holistic defense strategy is critical in light of our new research study, released at HIMSS17, which examines where healthcare organizations stand with their investments and efforts to strengthen their security postures. While cybersecurity budgets and staffing commitments are slowly growing, many healthcare organizations are lagging, with 65% of respondents still spending less than 6% of their IT budgets on security, and a significant number still in the very early stages of addressing security for both medical and mobile devices.
It is time to pick up the pace. Cybersecurity is much more than an IT problem; it can have real implications for patient care, a reality that our industry cannot afford to overlook. As my colleague Bob Chaput, chief executive officer of Clearwater Compliance, noted in our eBook, “If organizations continue to ignore the strategic importance of information risk management, we are going to continue to see an upsurge in breaches, an increase in failed audits, and additional successful cyberattacks.”
Of course, there are actionable steps healthcare organizations can take to drastically improve their cybersecurity postures and protect their information. Join Bob and me next week for a webinar discussion, where we’ll cover our research findings and provide an overview of critical steps to achieving a comprehensive cybersecurity strategy. Register today to join us on March 14 at 10 a.m. PT/1 p.m. ET. We look forward to speaking with you then, and thanks again for making HIMSS17 such an engaging event.
For those of you who know me personally, it comes as no surprise that giving back to the community is something I am truly passionate about. Working at Symantec gives me the opportunity to change the world by giving back and working alongside my colleagues to help non-profits and local organisations.
This year Global Service Week was introduced, during which 6200 volunteer hours were logged and $195k was donated in a single day by Symantec employees — this was double matched by Symantec resulting in nearly half a million dollars to the not for profit community in a single day.
I am extremely proud of the EMEA leadership team who volunteered at Elevate Me, an initiative that offers mentoring programmes for 16 to 24 year-olds to support their efforts in education and employment. Mock interviews and speed networking activities were held to help the participants increase their confidence and improve their communication skills. The team were impressed with how engaged the young people were and feedback showed that 100% felt more prepared for their next interview and 78% said the speed networking was very useful.
Over the last year, volunteering hours have also assisted Camara. This amazing charity refurbishes hardware destined for landfill, loads it with educational resources and provides it to communities in developing countries, giving disadvantaged children the opportunity to learn modern day skills.
With support also going to Teen Tech, Saudi Electricity, the Irish Girl Guides, and more. Participation in the Safer Internet Day revealed that 1 in 6 of our latest generation have shared a photo online in the past hour. More revealing is their attitude to privacy and security. Almost a quarter (23%) said they don’t know how to control who can see what they post on social media, and only 51% of 8 to 17 year olds said they always think about what personal information they could be sharing before they post online. It’s essential we continue on our mission to keep the world’s information safe and reflect our fundamental commitment to make the world a better place.
Power of Good: Send me your ideas or drop a comment on what CSR projects you’re involved in.
At Symantec, we believe that together, we have the power to change the world and make it a better, safer place. Employees are central to this and their activism, advocacy, and passion on the ground is what transforms our corporate responsibility strategy into tangible, real-world results.
Today, we feature an article written by our own Kevin Isaac, Senior Vice President, Head of Sales, EMEA, Enterprise Security providing a personal account of his passion for giving back and why “It’s essential we continue on our mission to keep the world’s information safe and reflect our fundamental commitment to make the world a better place.”
Read the “The Power of Good” here and be prepared to be inspired!
About SCS Exams
The Symantec Certified Specialist (SCS) credentials are industry-recognized exams and are available to customers, partners, and employees. The SCS technical certification targets people who have hands-on experience with the product. They might be called technical sales engineers, partner integrators, product engineers, administrators, architects, designers, technical support engineers, or consultants, for example.
Although each technology varies in complexity and depth, SCS exams measure technical knowledge and skills needed to efficiently deploy, configure, utilize, troubleshoot, and optimize Symantec solutions. SCS exams are based on a combination of training material, commonly referenced product documentation, and real-world scenarios. Learn more by visiting http://go.symantec.com/certification.
How do you access this exam?
This exam is delivered only through Pearson VUE test centers. To register for the exam, log in to CertTracker or create a new account. Please see our step-by-step registration instructions for more information.
For more information about the Symantec Certification Program, contact Global_Exams@Symantec.com.
Thank you for your support of the Symantec Certification Program!