Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


    0 0

    九十款受Ramnit病毒感染的应用程序从Google Play下架。

    続きを読む

    0 0

    Ramnit に感染したアプリが 90 以上も見つかり、Google Play から削除されました。

    続きを読む

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    A friend recently asked me which side I thought was winning the internet security arms race.

    Good question.

    Considering the size and the frequency in the number of data breaches, there’s reason to wonder whether the good guys indeed do have the upper hand.

    Cyber attackers used to be little more than annoyances. We could usually neutralize their mischief simply by installing anti-virus software. No longer. They have graduated into legitimate threats and now regularly wreak havoc on business organizations and governments.

    And it’s not as if the security industry is standing still. Defenses have grown more robust. We’ve moved from firewalls and AV to advanced endpoint protection, full proxies - even for encrypted traffic - data loss prevention, multi-factor authentication and ubiquitous encryption. I also can point to countless other advances, including areas ranging from artificial intelligence (AI) and machine learning (ML) to early stage post quantum crypto.

    Yet the attackers keep winning. Fortunately, though, not everywhere.

    How Technology Evens the Odds

    Before answering the question I posed at the outset, it’s important to first recognize who is losing.

    Start by looking in the mirror. If you are leaving vulnerabilities unpatched for months, you’re making it too easy for the bad guys to eat your lunch without your knowledge. That’s not all. Any enterprise guilty of rookie mistakes like that has likely already jeopardized customer information as well.

    By itself, of course, patching isn’t enough to seal up your security.  It’s not just that you need antivirus, data loss prevention, advanced endpoint protection advanced threat protection, crypto, multi-factor authentication, and more. Rather, you also have to integrate them. Then you need to make sense of what’s happening in your network. Those are all significant challenges.

    Most big companies often need to deploy dozens of security technologies, generating so much event log and alert information that it’s often difficult to see the forest as a whole with so many trees crowded together inches ahead, blocking vision.

    The good news is that artificial intelligence and machine learning can help defenders sift through trillions of events each month.  For the first time, security teams can deploy these technologies to make better sense of massive amounts of data, putting alerts, logs, and events into far greater context. The upshot: They can finally prioritize to focus on the more dangerous challenges to their organizations. In their seemingly endless struggle with well-resourced attackers, this holds enormous promise for businesses trying to protect their networks with limited resources.

    No Magic Bullets

    Further, AI and ML offers security practitioners new insights into what’s going on in their extended network. That includes intelligence about an organization’s on-premise and cloud deployments as well as mobile and IOT devices added on top of them.  

    The arrival of these time-saving technologies is propitious. The world has struggled for too long with a years-long shortage of skilled security people.  Without enough people to staff their extended front lines, is it any wonder that so many companies waste valuable time scrambling to chase after intruders and not enough time developing the big picture strategies needed to counter the bigger threats on the horizon?

    As mentioned earlier though, with or without AI for their security operations, anyone not getting the basics right with patching, products, and integration of all of the above, probably isn’t going to stay in the winner’s column very long.  

    Similarly, anyone failing to leverage automation, AI, and economies of scale to make sense of all that’s happening in those systems, probably isn’t going to stay in the winner’s column very long either. Especially now that potential attackers are starting to experiment with adversarial AI and adversarial ML for taking this move-counter-move game to the next level with “AI versus AI.”  

    Of course, in the research lab, we’re already preparing for that – something that I’ll have more to say about in a future column.

    United We Stand

    Many companies are doing all the right things and they have been able to stay out of the headlines.  Unfortunately, too many others cut corners on security, fail to invest strategically, or just don’t execute their plans effectively. So far, their luck has held. But no lucky streak lasts indefinitely.

    If I had to offer a status report about who’s really winning the cyber arms race, I’d say that it’s a mixed picture.  Even the defenders who have successfully repelled breach attempts to date don’t often feel like they are ahead, simply because security is never fully settled.  

    Attackers don’t stop coming and you can’t let down your guard.  And not all defenders are winning.  Some have lost this year - hard.  While armchair quarterbacks often criticize security spending, talent, or execution when such a company fumbles, most of the people working security for those companies were working long, difficult hours.  That, in part, is why keeping the strategic picture is crucial, to be sure such effort and commitment aren’t wasted fighting the wrong fires.

    That leads me to my bigger point.  We’re all in this together. When one company falls victim, the attackers invest their stolen profits to build even better weapons that they use against the rest of us.

    Sharing best practices is essential.  Collaboration is essential.  Economies of scale are essential.  As has been true throughout history, united we stand, divided we fall. If nothing else, do it out of a sense of enlightened self-interest. Attackers may not have hit you yet. But don’t think that they won’t. One day, they’ll come gunning for you, too. When they do, you’ll want them to not have the resources of the many victims who could’ve been saved by working together.

    (If you’re interested in joining this campaign, re-share or retweet this post. You can follow me @WittenBrian.) 


    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    In the cat-and-mouse game between online attackers and security professionals defending their companies' networks, the attackers have often not had to work very hard.

    The complexity of networks has meant that vulnerabilities and misconfigurations are often overlooked. While some companies have had to hire more security professionals, there are not enough to go around and most companies cannot afford the manpower to stave off attacks. Instead, defenders have turned to automation and — when has proved insufficient — machine learning and artificial intelligence.

    These technologies promise to improve the recognition of threats, better identify weaknesses, and speed the response to incidents.

    “Without enough talented and experienced people to go around, AI will augment what human experts can do, giving them — the equivalent of — bionics," said Brian Witten, senior director of Symantec Research Labs. "In that sense, AI can help each of them `up their game,’ shifting from just shoveling and sifting through data, to having systems that free up their brains to really play this crucial cat-and-mouse game at the strategic level."

    Automation, machine learning and research into artificial intelligence represents the efforts of the industry to combat the increased complexity of information technology, the sophistication of threats, and the automation used by attackers. Yet, for all the promise of the technology to improve professionals' ability to protect their networks, the move to more intelligent systems could also work in attackers' favor.

    While there have not been any publicly reported incident of attackers incorporating artificial intelligence into their strategy, automation is an old trick among the black hats of the Internet.

    For the past decade, for example, attackers have increasingly created malware variants using automated algorithms and systems. Keeping up with the rapidly expanding number of malware variants - which has soared from 275 million in 2014 to 357 million two years later - requires automation and machine learning.

    In addition, attackers routinely use automation as part of denial-of-service attacks and the creation of botnets. Indeed, Internet-of-things botnets — such as Mirai — automate their attacks by using brute-force password guessing to compromise vulnerable devices and then use the infected device as a platform to infect other devices.

    A more recent tactic is the automated scraping of software credentials and the authentication codes for Web services — known as application-programming interface, or API, keys — that have been accidentally published to online data stores on GitHub and Amazon Web Services. In one incident, technology-services company Accenture was found to have left private data and sensitive keys on an exposed storage image on Amazon's S3 service.

    Automated, Intelligent Defense

    But as the bad guys look to automate their reconnaissance, companies can automate their own processes, augmenting existing capabilities with machine-learning and AI systems to defend against increasingly sophisticated attackers.

    Many companies are already using automation to seek out vulnerabilities and misconfigurations in their networks. While rule-based systems have become popular, however, they can only find those issues for which they have been instructed to look, and corporate network perimeters have become more complex and porous over the years, according to AI expert Uday Veeramachaneni, the founder and CEO of PatternEx.

    “No matter how much of that you do, you will be vulnerable somewhere — that is where monitoring is supposed to help," he said. "AI can both make sure that your perimeter is airtight and, when an attacker gets in, make sure that you can detect their actions."

    Other companies have applied the AI field of natural-language processing to automate the gathering of intelligence on attacker activities. Automation can collect the data, while machine learning can be used to group pieces of information into similar categories.

    What’s more, AI promises to bring together the context surrounding the threat data. By shadowing analysts who sift through the data, machines can learn what is important. At the same time, analyst teams processing these incidents have a great training data set to help classify things that the system may not have seen before.

    Security teams looking to augment their capabilities today have already adopted a variety of automated technologies, from vulnerability management to incident response. However, making sure that automation does not cause an error to propagate and disrupt operations requires more intelligence. In addition, most companies do not have the resources to create and maintain their own security operations center (SOC).

    So, for many companies, the first step is to evaluate systems that help the existing security group — whether that is a single part-time IT professional or a team of a dozen analysts — to more efficiently manage the security of their systems.

    “Most security operations centers use rule-based systems, but not every company can afford a full SOC, and even those that can, should look at — and likely need — smarter automation,” Symantec's Witten said.


    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    Against the backdrop of an active threat landscape and an escalating number of cybersecurity attacks, many companies face the harsh reality that there just isn’t enough skilled talent to go around to adequately safeguard their IT infrastructure.

    In its 2017 Internet Security Threat Report (ISTR) Symantec reported that 7.1 billion identities had been exposed through data breaches over the last eight years. And it’s not just big-name retailers and financial institutions that are in the cross-hairs; attackers are also increasingly launching attacks against small and mid-sized companies.

    The material cost is formidable with damages related to cybercrime globally expected to reach $6 trillion annually by 2021. Meanwhile, organizations are projected to spend $1 trillion on cybersecurity cumulatively from 2017 to 2021 to combat growing cyberthreats.

    But even as they plan to make deploy more security-related technology and services, they will also need to figure out ways to compensate for the shortage of trained cybersecurity personnel.

    “There’s a serious increase in cybersecurity as a priority because of the amount and severity of the breaches we are seeing,” said Jamie Barclay, senior manager, corporate responsibility at Symantec. “Companies are struggling with getting and deploying the right technology, but they are also grappling with where to find the right talent.”

    The numbers underscore the depth of the talent shortage. Demand for security experts growing three times faster than other IT jobs. At the same time, Cybersecurity Ventures estimates there were 1 million security-related job openings last year, while the Enterprise Strategy Group found 46% of organizations reporting the scramble to find people with sufficient cybersecurity skills as an ongoing challenge

    Alternative Measures

    But organizations can still compensate for the limited talent pool. There are a number of alternative options to bolster cybersecurity competencies, including outsourcing the function to managed services providers, retraining in-house IT professionals, and drawing candidates from non-traditional areas. In a survey conducted by CIO, CSO, and Computerworld last year, 56% of responding organizations said they were enlisting outside consultants to help with information security strategy, with 40% turning to managed security service providers (MSSPs) to offload security functions almost completely.

    Hiring external consultants or outsourcing some security functions is one way to get the job done, according to Richard Borden, vice president of IT for Blackhawk Community Credit Union, which is doing just that as part of a hybrid approach to security. BCCU uses outside partners to handle some IT security audit and remediation tasks, but is also re-skilling an internal staff member to help digest threat intelligence data, SIEM outputs, and third-party testing reports.

    “The challenge is to balance the outsourcing of projects versus security remediation across internal and external resources on a case-by-case basis, depending on what resource is best suited to handle the task or project,” he explained.

    However, it’s not always easy to retain workers to pick up security functions, according to Borden. He cautioned that not all skills can be taught equally well to all personalities and aptitudes.

    “Just because you're a technical IT professional such as a network administrator, systems analyst, or developer, that doesn't mean you're a security expert,” agreed Kevin Beaver, founder and principal information security consultant at Principle Logic LLC. “It can happen as you build on these skills on your way to mastering security, but it's going to take a few years.”

    To that point, Beaver says there are no certifications, degrees, webinars, or conferences that are going to transform traditional IT professionals into legitimate security experts overnight. 

    For companies willing and able to play the long game, one way to cultivate much-needed security talent is to draw from non-traditional pools—for example, the veteran community or local and two-year colleges that don’t necessarily have cybersecurity degree programs. Symantec’s Cyber Career Connection (C3), a collaboration with educational development non-profit partners such as NPower and Year Up, is focused on creating a pathway for individuals in those communities to prime the cybersecurity workforce pipeline.

    C3 offers training and mentoring designed to raise awareness of cybersecurity career opportunities while developing a curriculum highly focused on specialized cybersecurity principles, software, methods, and tools. At the same time, the C3 initiative seeks to create more diversity in the cybersecurity workforce; thus far, 63% of C3 participants have been people of color while 25% have been female.

    “We saw an opportunity to address the skills gap,” Barclay said. “We need to help organizations think differently about the types of people that can do these jobs. We are showing them they can spread a wider net and bring a more diverse population to the table.” 


    0 0
  • 11/01/17--07:49: Setting Our Bar High
  • CDP Results Highlight Symantec’s Commitment to Environmental Stewardship
    Publish to Facebook: 
    No

    From investors to government to Fortune 500 customers, if you are interested in assessing how effectively the world’s largest companies manage their impacts on the environment, you’ll likely turn to CDP (formerly the Carbon Disclosure Project). Established fifteen years ago, CDP is a non-governmental organization with the world’s largest global disclosure platform assessing environmental performance ranging from climate change to water to deforestation and supply chain impacts.

    data center

    Each year, CDP collects quantitative and qualitative feedback to increase corporate transparency, build trust and confidence among stakeholders, enable benchmarking and sharing of best practices, and showcase environmental leaders.  

    Since 2013, the number of companies reporting to CDP has increased 33%, with over 5,600 companies, 71 states and regions, and 533 cities responding to the surveys this year. Furthermore, according to CDP’s second annual ‘Tracking Corporate Action on Climate Change’ analysis[1]:

    • 89% of world’s biggest, most environmentally-impactful companies have carbon emissions targets, with a fifth planning low-carbon into their futures to 2030 and beyond.
    • 14% of the study’s 1,000+ sample are committed to, or have, targets aligned with climate science, a 5% annual increase. 300+ additional companies (30%) plan to set science-based targets within two years.
    • 98% of companies now have board, or senior management, level responsibility for climate change.
    • 90% have financial incentives in place to attain corporate climate targets.

    For over a decade[2], Symantec has reported to CDP every year as part of our long-standing commitment to transparency. As the preeminent global corporate GHG and climate change reporting program, CDP is a valued channel to communicate progress to stakeholder groups including investors, customers, NGOs and government, provides a rigorous and standardized framework for measuring and reporting our impacts, and enables us to benchmark progress against leading industry peers.

    {Interested in our full CDP responses? You can now access all three on our website here!}

    We are very pleased to have received an A- rating for our CDP Climate Change survey response again in 2017 and we continue to set our bar high when it comes to environmental stewardship:

    We are making good progress towards our ambitious 30% scope 1 and 2 GHG reduction goal. In FY17, we reduced scope 1 and scope 2 GHG emissions by 15 percent, far surpassing our three percent annual reduction target and bringing our reduction total to 19 percent (FY15 baseline).  

    Established in 2016, our 10-year, 30 percent GHG reduction goal is ambitious and rooted in science – aligned to the carbon reductions climate scientists have determined are needed to keep global temperature rise below two degrees Celsius.  This goal includes our offices, labs and data centers.

    Our progress to date puts us well on track to meet, or exceed, this goal and has been achieved primarily as a result of three initiatives:

    • Creating a more efficient global office footprint through space consolidation efforts
    • Thanks to the work of our Facilities and IT teams, implementing energy efficiency projects in carbon intensive locations such as Tucson, Arizona and Pune, India. These include a cooling efficiency program at our enterprise data center that is delivering an annual reduction of over 5,700 MT CO2e as well as other facility efficiency projects such as lighting upgrades. 
    • Implementing an internal cloud efficiency initiative that has reduced our data center footprint.
    graph showing GHG
    In FY17, Symantec reduced scope 1 and scope 2 GHG emissions by 15 percent, far surpassing our three percent annual reduction target and bringing our reduction total to 19 percent (FY15 baseline). 

    Earlier this year, we signed on to the Science Based Target Initiative (SBTI), a collaboration between CDP, World Resources Institute (WRI) and the World Wildlife Fund for Nature (WWF) that advocates for the broad uptake of science-based target setting.

    We recognize the urgency with which we all must collectively act to mitigate climate change and we believe that participation in SBTI will help us feel confident that we are playing our part in contributing to this urgent action. Our participation requires that we expand our GHG focus to measure our extended footprint (or scope 3 emissions) and if these are over 40% of our total GHG emissions to set a scope 3 target.  We have therefore embarked on a project to more fully and accurately evaluate our scope 3 emissions[3].

    We continue to promote a low carbon future by reducing resource use across our operations, engaging employees and taking part in industry initiatives to transition to a clean energy future.

    Our strong CDP scores are the result of collaborative efforts between multiple functions including corporate responsibility, facilities, IT, procurement, supply chain as well as the individual actions of employees.  

    For example, our employee global Green Teams support and challenge our environmental efforts, assist us in reaching key goals, educate and influence employees to reduce their impact on the environment at work and home, and provide opportunities for employees to join activities supporting environmental conservation. As we expand our focus on scope 3 emissions, we expect to uncover new opportunities to engage employees in reducing our emissions, for example, through segregating waste, car sharing or optimizing remote collaboration tools.  

    Additionally, from the Business for Innovative Climate and Energy Policy (BICEP) Climate Declaration to CERES Connect the Drops campaign to BSR Future of Internet Power initiative, and more, we partner with leading corporate and nonprofit advocates to realize a better future for the planet.

    Each year brings new transitions, new opportunities, new challenges in managing our environmental impacts.

    We will continue to report to CDP and use this leading framework to inform our strategy as we pursue our goals to build a more sustainable business, play a key role in creating a low carbon future and incorporate environmental stewardship into our operations, products and supply chain.

    [2] Symantec has reported to CDP every year since 2007.

    [3] Symantec Scope 3 emissions include downstream sources (emissions arising in the supply chain of the goods and services we purchase) as well as upstream sources (energy used by our customers to download and run our software products and to operate our hardware products).  Additionally, Scope 3 includes emissions associated with product end of life disposal, operational waste we generate at our sites, and employee commuting and business travel.  

    その他の投稿者: 

    0 0

    Confidential Data at Risk as Organizations Increase Use of Cloud Applications
    Publish to Facebook: 
    No

    Organizations continued to rapidly embrace the cloud in the first half of 2017. Symantec researchers found that data exposure and loss continues to dominate the risk landscape. And organizations continue to increase the number of cloud applications they use – both sanctioned and unsanctioned cloud apps often referred to as Shadow IT.  

    Data is at risk

    In the first half of 2017, enterprises “broadly shared” 20% of all files in cloud file sharing apps and 29% of emails in cloud email apps. To be classified as “broadly shared”, a file must be shared with the entire organization, an external third party, or publicly with anyone who has a link to the file. Any file or email broadly shared is at risk of exposure, so it is especially important to control documents  that contain confidential data such as Personally Identifiable Information (PII), Protected Healthcare Information (PHI), and Payment Card Information (PCI).

    CASB users expose less in file sharing

    In the past, it was typical to discover that 10% or more of broadly shared files in file sharing apps contained sensitive data.  Today, security conscious organizations using CloudSOC are doing better with only 2% of their broadly shared files in file sharing apps containing confidential and regulated data. However, PHI data leads the pack within these broadly shared files as the confidential data type most at risk representing a whopping 79% of broadly shared content in file sharing apps.


    Percentage of files in cloud file sharing that are at risk of exposure.

    Email still an issue

    We are still not out of the woods because while it looks like a lower percentage of files in cloud file sharing apps contain compliance data than before, Email continues to be an area of concern with 9% of broadly shared emails containing confidential content. PII is the dominant type 


    Percentage of content at risk in email that contains compliance related data.

    Compliance related data at risk

    With organizations standardizing on cloud file sharing platforms, it should be expected that some compliance related data will be stored in the cloud. If we look at all files in file sharing apps that contain regulated content we found that a surprisingly high percentage of these files are broadly shared. Research found that 65% of all files containing PHI data, 26% of all files containing PII data, and 17% of all files containing PCI in file sharing apps are broadly shared. 


    Percentage of files containing compliance related data that are broadly shared in cloud file sharing apps.

    Watch out for data exfiltration

    Cloud apps are a popular target for bad actors and our research tracks a number of high risk actions in the cloud. Data loss dominates cloud threat findings with 71% of high risk behavior indicating attempts to exfiltrate data. 


    High risk user behavior identified that indicates a threat to a cloud account.

    More cloud app Shadow IT

    Organizations are using many more cloud apps than what is typically assumed by IT professionals with the average number of different cloud apps in use at an enterprise increasing to 1,232. This is a 33% increase over the second half of 2016.

    Recommendation to reduce cloud risks

    You should adopt a fully featured cloud access security broker (CASB), such as Symantec CloudSOC, that ALSO integrates with the rest of your enterprise security to share intelligence and leverage extended control points. This is a CASB 2.0 approach to cloud security where your CASB is not a separate island of security in the cloud, it is a solution that natively integrates with your existing security solutions.

    Symantec CloudSOC CASB provides: 

    • Auditing of shadow IT that integrates with Symantec ProxySG and Web Security Service secure web gateways for automated control over the use of cloud apps
    • Real-time detection of intrusions and threats that integrates with Symantec VIP for intelligent user authentication and Symantec advanced malware protection
    • Protection against data loss and compliance violations that integrates with Symantec DLP and Information Centric Encryption for consistent information protection policy control everywhere (on-premises and in the cloud)
    • Investigation of historical account activity for post-incident analysis that integrates with popular SIEMs and Symantec’s Managed Security Service.

    About the Symantec CloudSOC Shadow Data Report

    The Symantec CloudSOC Shadow Data Report covers key trends and challenges organizations face when trying to ensure their sensitive data in cloud apps and services remains secure and compliant. Covering the first half of 2017, this report is based on the analysis of over 22K cloud apps and services, 465M documents and 2.3B emails—nearly double the data from the last report. All data is anonymized and aggregated to protect Symantec CloudSOC customer confidentiality. 

    Get the full 1H 2017 Shadow Data Report here.

    Click to Tweet: 
    Symantec publishes Shadow Data Report on latest security risk trends in cloud apps for 1H 2017 #CASB

    0 0

    New study finds nonprofit board service advances workplace diversity, creates better leaders, and strengthens communities
    Publish to Facebook: 
    No

    This fall, Symantec participated in a study run by Alice Korngold, President and C.E.O. of Korngold Consulting, on the importance and effect of corporate support of employee nonprofit board service in the United States. We joined companies including Dow Chemical, American Express, and Hewlett Packard, and surveyed our U.S. employee volunteers about their experiences with nonprofit board service, both those who have served on boards, and those who have not. Of the nearly 1,000 people who participated in the study across the six companies, forty-one percent were Symantec employees, showing an incredible response rate from our people.

    What we learned:

    The study found that Board service is an effective pathway for companies to grow shareholder value in three ways:

    First,nonprofit board serviceadvances workplace diversity and inclusion. According to the study, business people who serve on boards gain appreciation and understanding of people from backgrounds that are different from their own. Given the data showing that diversity and inclusion increase profitability, nonprofit board service increases company value in this way. Additionally, companies have a significant reservoir of people from diverse backgrounds who would like to serve on boards, thus providing another opportunity for leadership development.

    At Symantec, we are dedicated to creating an equitable and diverse workplace, and to building a culture that enables employees to apply their time and talents to the issues they care most deeply about. As part of our Corporate Responsibility (CR) program we encourage our employees to join nonprofit boards through our Nonprofit Board Service program, and couple their volunteer service with a cash grant to the nonprofit of $1,000 per year.

    Diversity is also a central tenant of our CR program. We’ve seen that teams with a diversity of perspectives ensures we make better business decisions and the products and services we offer meet the needs of the broad spectrum of people we serve worldwide. As a result, we've made investing in diversity a priority; it's not just the right thing to do, it also translates to a higher performing industry, company, and bottom line.

    Korngold’s study also found that people interested in boards come from more diverse backgrounds than the group already serving on boards. There are more millennials (47% compared to 23% who serve); more women (56% compared to 44% who serve); and more people who identify as Asian, Latino or Hispanic, Black or African-American, Native Hawaiian or Pacific Islander, American Indian or Alaska Native, Middle Eastern or North African (37% compared to 22% who serve). These results demonstrate the opportunity for companies like Symantec to advance and develop employees from more diverse backgrounds, by encouraging them to join nonprofit boards.

    Second, nonprofit board service develops human capital for innovation. Korngold’s study found that business people who serve on boards confront challenges that stimulate their leadership, creativity, and innovation. Additionally, they improve skills that enhance their performance at work, including strategic planning, decision-making, listening, collaborating, and partnerships. This experience and expertise will help their companies grow value.

    Amy Cappellanti-Wolf, Symantec’s Chief Human Resource Officer, sits on the board of the Silicon Valley Children’s Fund (SVCF), which is committed to improving educational and life outcomes for foster youth. According to SVCF, less than fifty percent of foster youth graduate from high school and nearly forty percent of transitioning foster youth will be homeless within 18 months of discharge.[1]

    Amy Cappellanti-Wolf builds a bicycle for a foster youth in Mountain View, CA.
    Above: Amy Cappellanti-Wolf builds a bicycle for a foster youth in Mountain View, CA.

    Symantec has a long history of supporting foster youth. Symantec is an industry leader in identity theft protection, which disproportionately affects foster children because of the large number of people who have access to their personal information. According the American Bar Association, it is estimated that as many as fifty percent of foster youth are affected by identity theft.[2] As part of our commitment to fighting identify theft and protecting foster youth’s identities, we train law enforcement and victim advocates and work with a variety of non-profit organizations to increase education about identity theft.

    We also provided $225,000 in early funding over three years to TeenForce’s Foster Youth STEM and Work Readiness Training Program, which included education, training, and paid internships to help foster youth pursue STEM careers. During our second annual Global Service Week, employees in Boxborough, Mountain View, and San Francisco partnered with Together We Rise and built bicycles for young foster children to experience the simple joys of childhood, and for foster teens to help get them to jobs and classes. Our Washington, D.C. office also worked with Together We Rise, providing new duffel bags filled with essentials like a teddy bear, blanket, hygiene kit and more.

    In addition to supporting an organization she cares about, and one that that aligns with Symantec’s corporate responsibility program, Amy’s SVCF board leadership has positively affected her work at Symantec. “At Symantec, I lead our global people practices including workplace and workforce strategy, and planning, real estate and facilities functions. Through my experience on the SVCF Board I’ve been very fortunate to work with board members who share a similar passion in helping our foster youth grow and flourish. I am continually inspired by the stories of perseverance and determination that I hear from SVCF clients.”

    Serving on the SVCF Board has helped me better connect the important things we do at Symantec to the needs of our foster youth. With thousands of jobs available in cyber security, I see STEM training for foster youth as both an opportunity for companies to close the technology skills gap and a critical way to provide equal opportunities for those in the foster care system. Serving on the SVCF Board has also furthered my commitment to cyber security, as I see first hand how foster youth can be exploited through data theft. The idea that our youth could be thrown into massive debt when people open credit cards in their names and steal their identities is simply not acceptable. As much as I hope to provide value to the SVCF community, I also am grateful for what this experience has given me.”

    And lastly, nonprofit board service fosters economic development and will help us achieve the UN Sustainable Development Goals. Korngold’s study found that business people who serve on boards strengthen communities where their company’s employees and customers live and work. Board engagement also helps to advance the UN SDGs, including quality education, reduced inequalities, and sustainable cities and communities.

    Leading companies recognize that they will mitigate risks, reduce costs, and grow shareholder value by helping to find innovative solutions to global problems—social, economic, and environmental.[3] As a result, the majority of the world’s largest corporations have joined the United Nations effort to achieve the SDGs.[4] The SDGs, formally adopted by the UN General

    Assembly in 2015, provide a framework for the private sector, governments, civil society, and individuals to end poverty, protect the planet, and ensure prosperity for all by 2030.

    Survey responses to the study reveal that business people who serve on nonprofit boards have a clearer understanding of the impact of challenges facing their communities—particularly good health and well-being (SDG3), quality education (SDG4), decent work and economic growth (SDG8), reduced inequalities (SDG10), sustainable cities and communities (SDG11), and peace, justice, and strong institutions (SDG16).

    Cecily discusses gender responsive workplace practices.
    Above: Cecily discusses gender responsive workplace practices.

    From my own experience serving on the board of both Net Impact and Leadership California, I can see how board service promotes healthy communities and a healthy and prosperous planet. Leadership California moves women from success to significance, motivating and inspiring accomplished women to reach higher aspirations and to have the knowledge, confidence, and connections to improve California’s future. This experience has helped push me to be an ongoing champion for diversity and inclusion and gender equity, and I was able to work with Symantec’s Leadership to create a goal to increase the percentage of women globally by fifteen percent by 2020.

    Net Impact tackles social challenges, protects the environments and orients businesses and products towards the greater good. I currently serve as the Secretary of the Board of Net Impact, and this organization has opened my eyes to new ideas, new leaders, and a new generation of workers using their skills to drive transformational social and environmental change. In my role at Symantec, I drive the implementation of our community investment efforts and through this board experience I’ve become even more aware of the organizations and people doing the most good in our community—and those that will effectively utilize Symantec’s help.

    At Symantec, Korngold’s study results ring true. Many [s2] Symantec employees serve on nonprofit boards, strengthening the communities where our employees and customers live and work. We’ve also aligned our corporate responsibility activities with the following UN Sustainable Development Goals (SDGs): quality education (SDG4), gender equality (SDG5), decent work and economic growth (SDG8), reduced inequalities (SDG10), and climate action (SDG13), to do our part to ensure a sustainable, thriving future.

    Nonprofit board service also makes employees happy.

    Nearly every respondent that participated in Korngold’s study reports that the work of the nonprofit is meaningful to them (ninety-seven percent) they are able to add value (ninety-five percent), and they would recommend board service to their friends and colleagues (ninety-nine and a half percent). Also striking is that ninety-six percent of people who are not on boards show interest.

    Employees who are introduced to a board by their employer are also more likely to stay at the company. Companies can help ensure that their employees have productive and rewarding board experiences—that also reflect well on the company—by assisting employees in finding the right nonprofit match.

    Once employees are on a nonprofit board, they continue to need company support. Korngold’s study found that board experiences are more productive and rewarding for employees, their companies, and the nonprofit where they serve if companies assist their employees’ efforts. Symantec’s supports my board service financially and provides me with the time I need to be a productive member of the board.

    I hope the results of this study inspire you to consider nonprofit board service as an effective pathway to maximizing business opportunities and company value. For more information, and to review the full results of Korngold’s study, Better World Leadership, please click here.

    [3] See Korngold, Alice (2014), A Better World, Inc.: How Companies Profit by Solving Global Problems…Where Governments Cannot, (New York: Palgrave Macmillan).

    [4] For more see: United Nations (2017), Sustainable development knowledge platform. https://sustainabledevelopment.un.org/sdgs

    その他の投稿者: 

    0 0

    Publish to Facebook: 
    No

    Posted by Eva Velasquez, CEO, Identity Theft Resource Center

    With the month of October coming to a close, it’s a good time to look back at all that this year’s NCSAM activities have taught us. National Cybersecurity Awareness Month comes around every fall, but every year it brings with it new information, new warnings to be heeded, and new threats to avoid when it comes to protecting our information.

    NCSAM has always broken down our safety into four categories based on how the threat can manifest—home, work, school, and community—and this year is no different. On the home front, resources took on topics like cyberbullying of both adults and kids, how to stay safe while online gaming, how to raise kids who are already digital citizens, and more. Workplace topics focused on developing actionable tech behaviors and making sure employees were fully trained on those steps, among other things. Schools were encouraged to adopt C-SAVE initiatives and bring in volunteers to speak with students and faculty alike about internet and data safety, while StaySafeOnline posted a wealth of NCSAM resources that can be printed, displayed, or otherwise shared with members of your community.

    One of the most interesting additions to this year’s observance was the focus on getting more people involved in information security. NCSAM devoted one week to encouraging people, especially those who are preparing for college, to look into cybersecurity careers to meet the desperation-level need for more IT professionals in business and government. NPower, Inc.’s VP of Strategic Partnerships spoke at a webinar hosted by Symantec in order to discuss this important career field and the need for more qualified professionals.

    Symantec also offered a host of other resources for NCSAM, including a weekly webcast and blog series that aligned to the themes such as “Today’s Predictions for Tomorrow’s Connected World” and “Protecting Critical Infrastructure from Cyber Threat.” Other resources posted this month included a simple online safety webinar—an ideal way to spend a little bit of time with your loved ones the next time you get together for a family event—and a workplace safety guide.  Symantec also hosted its first annual Higher Ed Cyber Security Challenge, where  higher ed institution cyber/IT staff/faculty not only participated in the real-life scenario’s to think like an adversary but also  earned continuing education credits.

    Cybercriminals are not only continuing to wage war on information and data security, they’re finding new ways to do it every day. By arming members of the public with accurate information and actionable steps, though, we can work to reduce the damaging effects of this kind of crime. LifeLock, a Symantec company, proudly provides financial support to the Identity Theft Resource Center.


    0 0

    Group uses custom Felismus malware and has a particular interest in South American foreign policy.

    続きを読む

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    In the last decade, the cloud has transformed business and made it routine for company employees to access data and applications remotely. People now work from anywhere, not just from their corporate headquarters. They telecommute regularly from hotels, airports or coffee shops - anyplace where they can get a connection (whether secured or not.)

    At the same time, the proliferation of BYOD has added - literally - billions of devices into the enterprise ecosystem. But as organizations add these unmanaged devices to their networks, IT must address new security considerations, including plans for endpoint security.

    Unfortunately, there is a tendency among many security managers to treat breaches on a one-off basis. Their default approach is to apply one point product after another to combat the latest emergency. That may work for putting out brushfires. But when they are suddenly faced with large-scale security incidents, like the WannaCry ransomware outbreak earlier this year, the organization will be totally unprepared to deal with the enormous scope of the attack.

    Frankly, enterprises now square off against a cohort of hackers who are more sophisticated and better equipped than ever before to penetrate defenses and inflict losses. If businesses fail to integrate endpoint security as a strategic component of their network architecture, it will only make it that much easier for bad guys to have their way.

    SEP 14 to SEP 14.1

    In the past, defenders were forced to cobble together separate point products made by different vendors, but these solutions weren’t engineered to work together. With so many endpoints to protect, the challenge could easily prove overwhelming.

    We took on that challenge with the introduction of Symantec Endpoint Protection 14 (SEP) one year ago. For the first time, customers could combat cyber threats with an integrated defense platform that would fully orchestrate prevention, detection and response across endpoints, gateways, messaging and the cloud.

    How did we fare? The reviews speak for themselves.

    Last year, the Economist Group suffered 350 security events, 55 percent of which were malware. But after implementing SEP 14, the company achieved what Vicki Gavin, the company’s head of business continuity, cyber security and data privacy, described as “stunning results.”

    After rolling out SEP 14 in the United States and Asia, the company registered a 60% drop in malware events and now expects a further reduction once the rollout in Europe is complete.

    More recently, Symantec won a gold award from Gartner for endpoint protection, beating out the likes of McAfee, Trend Micro, Cylance and others.  

    We did what we said we were going to do and now we are taking the next step, elevating endpoint security to another level to meet the myriad demands of cloud generation endpoint security with the introduction of SEP 14.1.

    SEP 14.1 continues in the tradition of its predecessor to redefine endpoint security with lower complexity, bringing together a complete stack for endpoint security.

    Not only do our detection and response features help expose, contain and resolve breaches resulting from advanced attacks, but customers don’t need to add separate modules to deploy these sophisticated features.

    Deviously Effective Deception

    And something entirely unique in the industry: SEP 14.1 adds deception technologies that defenders can use to turn the tables on attackers.

    We did this to answer an urgent customer need.

    Security teams often lack visibility into attackers’ intent and tactics. By the time companies finally detect an intruder, the damage is often done. (A recent Ponemon Institute report found that the average attacker spends as much as 191 days on a network before being detected.) But with SEP 14.1, organizations are now able to deceive attackers into giving up their locations by leaving fake assets to target. Not only will customers be able to deploy these deceptors at scale but they'll be able to customize them to their particular environments.

    The more believable the fake asset, the better chance it has to lure an attacker into interacting with it instead of accessing real resources. The upshot: You'll be better equipped to deceive attackers and trick them into revealing their intent while you improve your overall security posture.  

    Symantec R&D Spells the Difference

    All of these enhancements pay off in the coin of

    improved protection - something that promises to be a boon to  security operations center (SOC) analysts, whose success or failure often depends on reaction times. None of this is trivial.  No other endpoint protection vendor offers deception technology. It took an enormous amount of engineering R&D along with years of experience knowing what works and what doesn't when it comes to protecting customers. In fact, Symantec’s R&D depth and 15-plus years of experience in building endpoint security shows in our ability to rapidly innovate and bring solutions like deception to market.

    But that’s a reflection of Symantec’s particular strengths. When it comes to endpoint security, none of our competitors match up. They’re able to provide, at most, 2 to 3 areas of capability. When it comes to offering a full stack, none are in the same conversation.

    Meanwhile, many of the traditional endpoint protection platform vendors have ignored mobile security and modern devices (both iOS and Android). But if customers are going to embrace the cloud, rest assured that mobile security will be a key element. Jim Routh, CSO at Aetna, one of our SEP Mobile customers, noted that "the mobile phone is the best surveillance device in history."

    Reducing Cost, Reducing Complexity

    We’re reducing complexity/OpEx for our customers with quick time to value. A great example is endpoint detection and response (EDR). Customers can leverage SEP (single agent) for deploying endpoint protection plus EDR as well as later on extending that for hardening and deception capabilities.

    All this reduces costs and allows the resulting savings to flow directly to the bottom line as customers gain from improved overall total-cost-of-ownership. Instead of needing to invest in various security controls that don’t necessarily improve overall endpoint security, customers benefit from a complete endpoint protection with a single security stack.  

    Security is obviously a moving target but I think we’ve hit the bullseye with SEP, a product family that offers the most complete endpoint security in the industry. I’d love to hear your feedback. Give the product a look and let me know what you think.

    ****

    Learn more about SEP14.1, integrated EDR, and SEP Mobile in our upcoming Webinar.


    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    It’s a bad day when you’ve got a severe security incident to respond to. But the difference between a bad day and a disastrous one can be the quality of the response plan you’ve built. You did build a plan, didn’t you?  Here are some key points you may have overlooked.

    1. Have a Workable Plan

    Surely, most large organizations have a well-thought out incident response plan in place, right?  You’d think so, but the Ponemon Institute surveyed 623 companies in 2015, two-thirds of which had headcounts of more than 1,000 people. Of those organizations, 60% say they either have no incident response plan or an “ad hoc” plan; only 17 percent said they had a well-laid-out plan across their entire enterprise. That’s a heck of a thing, and downright scary when you think about it.

    “Sort of having an idea” of how your organization will respond to a serious incident is simply not enough.  If your organization doesn’t currently have a solid, formalized plan for how to respond to critical incidents, the first step is to put a good one together.

    2. Define an “Incident”

    As strange as it may sound, the first step in building an effective incident response plan is recognizing what actually constitutes an “incident”, then categorizing incidents by type and severity. For instance, you might have random scanning against your firewalls for open ports.  Or you might have someone actively attempting to get into your network. Or maybe they've managed to get access to a system, and now they're attempting to access a repository of PII. Or perhaps you wake up to find ransomware has taken key data hostage.  Just as each situation here is different, each requires a different level of response.

    As part of your response plan, you need to define and categorize incident types. These definitions directly affect what your planned response will be.  What is the severity and type of incident you are looking at? Once you’ve put some definition around what it is you’re dealing with, you can then determine the appropriate level of response.  That's stuff that should be inside an incident response plan so that whenever people are using the plan, your organization has guidance as to how to appropriately escalate incidents, and at what point you need to activate the incident response team.

    3.Keep the Plan (and Supporting Documentation) Up to Date

    Whenever an organization hasn't really run through their plan in a while, they'll often find basic items like the phone lists are out of date, as people have left, or moved, or been promoted. Without regular updates, you may think you've got all that information at your fingertips, but when it comes time to activate your plan, you may find an absolutely outdated mess.

    And it’s not true about just people. Some organizations are a disaster at asset management, documenting their networks, and standardizing policy among different units. That's especially common with M&A activity. Whenever you see new units come in through mergers and acquisitions, usually it takes a good long while (sometimes years!) for the network and the network security policies of the parent organization to get aligned with those of the company they’ve bought.  Regular updates to your network documentation and incident response plan can go a long way to minimizing confusion when it’s time to use it.

    4.Don’t Just Have a Plan. Test it

    Of the organizations that did have an incident response plan, over a third don't actually do anything with the plan after they have it; it's basically done as a “check-the-box” exercise to meet a requirement, then sits and gathers dust. As a result, you end up with a plan that really hasn't been tested, and that’s never adapted to operational realities and organizational changes.

    In some ways, that’s more dangerous than having no plan at all. If you have no plan at all, at least you know you have no plan. But if you have a plan that hasn't been tested, and isn't reiterated and refined, you may have a false sense of security thinking you’ve got a good working plan, when the truth is you probably don't.

    One way to know if your plan is any good is to actually experience a breach, which is a fantastic way to learn, but a really costly, painful way to do so. A much less painful way to do it is to do tabletop exercises. What's great about tabletop exercises is they let you test how your organization responds to a major incident, and how well the various components in the organization are working together, all without the costs and associated panic of an actual breach.

    5.Have the Right People Testing the Plan.

    When you’re doing your drills, you want your core information security team members as part of it, of course, but it needs to be much larger than that. There is a role for senior leadership, and public relations or corporate communications play a massive role. Legal should be also represented. Additionally, the information technology folks (distinct from the information security types) definitely have a role in those tabletop exercises.

    So, do any third parties or any partners that are going to be important to an actual incident or an actual breach scenario. Sometimes, some folks will work in law enforcement contacts. If these are people you're going to engage if you have an actual significant event, then it's probably good to have them as part of the tabletop exercise in order to test those lines of communication.

    There's also value in just getting to know some of the people that you would be dealing with in a crisis that you may not deal with on a daily basis. For instance, information security generally doesn’t have daily touchpoints with legal or corporate communications. When something does hit and you're dealing with relative strangers, it’s harder to work together quickly. It's one thing if I have to go find a point of contact with Legal in an emergency, as opposed to picking up the phone and calling the exact person I worked with on a drill six months ago. I know who that person is, and she knows me. It makes for swifter communications and a better working relationship.


    0 0

    网络间谍团伙使用定制的Felismus恶意软件,对南美外交政策特别感兴趣。

    続きを読む

    0 0

    Sowbug は、カスタムの Felismus マルウェアを使っており、南米の外交政策に強い関心を示しています。

    続きを読む

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    No
    Twitter カードのスタイル: 
    summary

    The education sector is learning the lessons of weak data security the hard way: Cyber thieves have attacked more than three dozen school districts this year, exploiting poorly-defended systems to steal valuable information or take over their networks and hold them for ransom.

    It’s a familiar problem. The education field is seeing above average phishing attacks, malicious malware and SPAM than other sectors in the economy, according to Symantec’s 2017 Internet Security Threat Report - Government. No surprise, then, to learn that information security led the EDUCAUSE 2018 Top 10 IT Issues list for the third year in a row.

    But as malicious hackers continue to target school districts, the US Department of Education is now warning of an even more insidious form of cyber-extortion.

    New Challenge Looms

    Schools have previously been targeted by ransomware attacks, where malicious hackers encrypt an organization’s data and hold it hostage until they get paid. In this latest scheme, attackers flat out steal data and then try to sell it back to their victims. Unless the ransom gets paid, the attackers threaten to sell the purloined names, addresses, phone numbers and other student data.  

    As a way of applying added pressure on the schools, attackers also send email or text messages to parents and students raising the prospect of violence at their school. In one case, over 20 parents received these kinds of threatening messages. 

    One district was forced to shut down 30 schools for three days as a preventive measure. So far, law enforcement has not deemed any of these threats of violence to be credible. But the psychological damage is real with falling attendance at the targeted schools. Meanwhile, news of these incidents has resulted in copycat incidents leading to bogus threats to disrupt other schools. 

    The criminal gang behind these attacks calls itself the Dark Overlord. They have been described as foreign, but at least one member of the group has an excellent command of English. Most likely, the group is comprised of multiple members; at least one hails from an English-speaking country. These attackers have previously targeted healthcare organizations, movie studios and manufacturers. 

    Fighting the Dark Overlord

    What can you do to blunt the threat posed by the Dark Overlord?  First, don’t pay the ransom. There is absolutely no guarantee that the fraudsters will release data you pay to set free. You can’t trust criminals.

    Secondly, keep these attackers out of your school from the start. And that means stepping up the work of securing your network and the data that resides on it. The Department of Education just issued some pretty good advice.  They suggest:

    • Conducting security audits to identify weaknesses and update/patch vulnerable systems;

    • Ensuring proper audit logs are created and reviewed routinely for suspicious activity;

    • Training staff and students on data security best practices and phishing/social engineering awareness; and

    • Reviewing all sensitive data to verify that outside access is appropriately limited.

    Also, the FBI has spotlighted the practice where some attackers use anonymous FTP servers - most likely set up earlier and then forgotten by IT organizations - to gain access to an organization’s network. Unless there is a legitimate need to keep those servers in your organization, disable them now.

    You don’t need to be afraid of cyber attackers. They may be evil, but they are not evil genius. They simply take advantage of mistakes we make. But we can fix the errors. It just takes diligence to follow best practices, put good security practices and products in place, and to be prepared.  


    0 0

    Symantec supports veterans with resource group and fulfilling new careers in cyber security
    Publish to Facebook: 
    No

    By: Symantec CR and the Symantec Veteran Employee Resource Group (ERG)- VETS

    “Veterans Day is important to pay tribute to those that have served. I also personally feel that it is vital, as a veteran, to recognize and be grateful for the support that this country and our communities provide.“ — Stewart Summers, Marine Corps veteran and graduate of Symantec’s Cyber Career Connection program.

    4 men wearing LifeLock for Good tshirts, holding flags
    Above: Tempe volunteers Jeffrey Vernon, John Tharp, Benji Vesterby, and Tom Castellano volunteer for Flag Detail at the U.S. Departments of Veterans Affairs – National Memorial Cemetery of Arizona to honor those who served.

    This Saturday, Symantec joins people around the world in honoring, thanking, and paying our respects to the military veterans that have provided selfless service to their countries. On November 11, “Veterans Day” is celebrated in the United States, while Canada and Australia observe "Remembrance Day,” France commemorates the day the Armistice after World War I was signed (Fête de la Victoire), and Great Britain observes "Remembrance Day" on the Sunday nearest to November 11. As we unite and pay special tribute to all military veterans, and their families, across the globe we take time to reflect on the freedoms we enjoy within our workplace and at home.

    Symantec Cyber Career Connection helps vets transition to jobs in cyber security

    Noelle Summers grew up in a church right next to a Marine Corps base in Kaneohe, Hawaii and admired the courage and service of the Marines she met. She knew she wanted to travel, gain new experiences, and challenge herself. Stewart Summers was also looking for a challenge, and wanted to develop other talents and life skills before pursuing college. They both chose the Marine Corps and signed on to be cryptologic linguists, one of the most difficult military occupations with regard to education.

    In addition to mastering a new language in less than two years (her Pashtu, him Arabic), they were also trained to be fluent in Signals Intelligence, helping the Corps decode messages. After five years of service, deployments to Afghanistan in support of Operation Enduring Freedom, and numerous accolades for each of them, they returned to the U.S. and needed to decide what was next.

    Noelle Summers, middle left, a Marine Corps veteran and Symantec C3 graduate on deployment.
    photo credit: Noelle Summers, middle left, a Marine Corps veteran and Symantec C3 graduate on deployment.

    Stewart completed his bachelor’s degree in Management and Information Systems (MIS), knowing technology was the right next step for him. “Understanding that I needed a new skill set to be successful in the civilian job market, technology seemed like the perfect fit. I had already been building computers for quite some time before I joined the Marine Corps, but I also understood that building computers and programming or exploiting vulnerabilities on systems were two completely different things,” Stewart said. Noelle began studying accounting and thought she’d go into Business Administration, but after seeing what Stewart was learning, she switched her bachelor’s from Accounting to MIS and never looked back.

    They both grew passionate about cyber security. For Noelle, the agile and expansive nature of cyber security was the first thing that caught her attention, and she liked the various job paths the field could offer. She also saw cyberspace and the global impacts of security incidents as the next war front, and saw an opportunity to continue to serve her country in a new way. For Stewart, the appeal was how integrated technology and security were into our lives. “Security is everywhere. Cyber security really is what allows us to continue our way of life. Every aspect of our lives revolves around technology and sensitive information. Learning to protect this is a crucial skill.” Even with impressive military service, bachelor’s degrees, and a strong desire to work in the field, they couldn’t find a way to break into cyber security.

    Stewart learned about the Symantec Cyber Career Connection (Symantec C3) program hosted by educational nonprofit NPower from a friend. The 26-week program, designed to train young adults and military veterans in computer sciences and cyber security fields, was appealing. For Stewart, “The transition from Signals Intelligence to a cyber security related job was tough. Even for a veteran working as a contractor for a prominent government agency. I had already finished my degree and started to complete a few certifications, but the barrier into the security field was still unforgiving. I decided to take a leap and participate in the Symantec C3 program. Not only was there the opportunity to learn more and gain certifications needed to get a foot in the door of cyber security, but the chance to gain exposure with industry leaders felt like it would pay off in and of itself.” Noelle also decided to complete the Symantec C3 program at NPower because she didn’t have the basic network and information security skills required for cyber security job positions. She had tried to learn these skills on her free time while working full-time, but that didn’t work very well. She was excited that the Symantec C3 program covered all the basic skills she needed to break into the cyber security industry.

    Stewart Summers, left, with fellow Marine Corps veterans
    photo credit: Stewart Summers, left, with fellow Marine Corps veterans

    Both Stewart and Noelle found the Symantec C3 program hosted by NPower to be a positive experience. Their class in Dallas, Texas was comprised completely of veterans who were excited to learn and supportive of each other. For Stewart, advancing his knowledge in Linux was the crucial step to a better understanding of most of the security related tools that are used in the field. He also appreciated that the program felt authentic in its support of veterans. “The program created by Symantec and hosted by NPower really felt as if it was there to truly support the veteran. It was extremely important for me to find a program that didn’t use veterans to advance an agenda used for publicity purposes. I was not let down in this regard.”

    For Noelle, Symantec C3 is directly related to her success today. “I have never been a computer nerd and barely knew my way around an operating system before I joined the program. I knew I desperately needed this basic computer network knowledge and looked forward to each day we were learning about this section. I was interviewed and hired directly by a large consumer brands company after meeting a recruiter at an NPower cyber security luncheon. The program allowed me to forget all other distractions, to focus on building my skill-set, and to break into the cyber security industry,” she said. Noelle now works as a Network Defense Cyber Security Engineer and this fall started her Master’s in Information Sciences and Technology at Pennsylvania State University.

    Stewart was fortunate enough to gain employment at a major defense contractor outside of the program, however, feels the program’s resume enhancement and general interviewing practice contributed to his success. He was recently promoted to work on his company’s Vulnerability Assessment team and is working on his Master’s Degree in Penn State’s Information Assurance and Cyber Security program.

    Both Noelle and Stewart would recommend the Symantec C3 program at NPower to other veterans. “Without a doubt, I would recommend the program to any other veteran that knows they want to enter the field,” and goes on to offer advice to fellow veterans. “Whether you were in the military for two years or twenty, be a humble learner. Expect to have a book open in the morning when class starts, during your lunch break, on the dinner table, and on the nightstand. In the end, success is completely dependent on how you approach the mission.” Noelle adds, “I would recommend the Symantec C3 program to any of my fellow veterans. I would encourage them to wring every piece of value they can from the program, study hard, ask questions, get involved, and rub elbows with as many cyber security professionals as they can. Treat the program like boot camp: eat, sleep, and breathe information security and you will learn the basic skills you need to break into the cyber security industry.”

    Symantec’s commitment to helping transitioning service members find careers they love

    Both Stewart and Noelle feel that one of the biggest barriers for veterans entering private sector careers is the lack of directly translatable skills. “I believe that many veterans fail to realize that they will most likely have to learn an entirely new skill set before entering the work force. Whether it be technical school, an undergraduate degree, or relevant certifications, veterans must be willing to accept that they need to undertake continuing education, and that their civilian peers are now their competition,” said Stewart. Noelle added, “Finding a way to market your military skills to fulfill the requirements of most cyber security job positions is very difficult.”

    To make this easier for veterans like Noelle and Stewart, Symantec partners with Hire Purpose, a job board designed specifically to support transitioning service members, veterans and military spouses. Symantec values the skills and experience of military veterans, and uses this dedicated platform to post job openings that target veterans, offering links between the skills we need and those we know many veterans possess.

    As the leader in cyber security, we hire veterans to leverage their skills and experiences gained through military service. Our team provides security expertise to make the world a safer place by helping people, businesses, and governments protect and manage their information. Being the global leader in cyber security means we are uniquely positioned to protect against cybercrime, and our veteran employees are uniquely positioned to help us combat these threats.

    For Memorial Day Observance, John Tharp is on Flag Detail at the U.S. Department of Veterans Affairs National Memorial Cemetery of Arizona
    For Memorial Day Observance, John Tharp is on Flag Detail at the U.S. Department of Veterans Affairs National Memorial Cemetery of Arizona

    Fostering a network of support

    We encourage veterans at Symantec to join our Veteran Employees and Troop Support (VETS) Employee Resource Group (ERG). Like all of our ERGs, these groups play an important role in delivering on our diversity and inclusion strategies, while building cultural awareness and a sense of belonging for our employees. VETS works to support the efforts of our employees who have served our country and to make sure we value their unique experience. The group also strives to assist veterans and military spouses in their transition to the corporate environment.

    “I began my career as a carrier-based Naval Aviator in the Air Reconnaissance community and am proud to serve as the Executive Sponsor for VETS today. Symantec provides veterans with an opportunity for a fulfilling and dynamic career in cyber security, and one that makes a difference. VETS provides a space for veterans across the globe to come together, support each other, and continue to make our world a safer place. I am proud to be a veteran, proud to work at Symantec, and would like to express my gratitude to all the veterans, and their families, who have sacrificed to serve their countries.”

    – Scott Behm, Vice President, Consumer Business Information Security and VETS ERG Executive Sponsor

    Supporting veterans outside of Symantec’s walls

    Man working to repair a houseWe pride ourselves on living our corporate responsibility values both as a company and when working with our broader community and world. This November we became a Bronze Sponsor of the Vets in Tech (VIT) Gala. VIT supports current and returning veterans with re-integration services and provides educational, employment, and entrepreneurial opportunities for veterans.

    We also have provided charitable support to Team Rubicon, a nonprofit that utilizes the skills and experiences of military veterans with first responders to rapidly deploy emergency response teams devastated by natural disasters. Through monetary contributions and volunteer hours, Symantec’s support furthers Team Rubicon’s mission to provide military veterans with opportunities to help restore communities hit hard by hurricanes, earthquakes, and fires. Symantec volunteer Tom Castellano, shown in the photo on the left, deploys with Team Rubicon to Beaumont Texas for Hurricane Harvey disaster recovery operations.

    This December, Symantec will host two free webinars for military victim advocates, as military families are frequent targets of identity theft. According to a report by the Federal Trade Commission, military families report identity theft at twice the rate of civilians. Working with the Department of Defense (DOD) and National Organization for Victim Assistance (NOVA), Symantec’s LifeLock team will offer educational trainings on identifying common types of identity theft, strategies for enhancing digital safety, and resources and tips for military victim advocates.

    Thank you to our Military Heroes

    Veterans deserve a day where the nation celebrates our service and what it has provided for our country.”— Noelle Summers, Marine Corps veteran and graduate of Symantec’s Cyber Career Connection program.

    We appreciate and recognize all military veterans and their families across our company and thank them for their selfless service.

    We’d like to thank Molly Handy and Tom Castellano for providing much of the content for this article. For veterans interested in cyber security, learn more about the Symantec Cyber Career Connection and feel free to connect with Stewart Summers on LinkedIn.


    0 0
  • 11/09/17--15:22: .Men in Black (and Gray)
  • Shady TLD Research, pt. 22
    Publish to Facebook: 
    No

    [This is #22 in our on-going series on Shady TLDs. Links to the previous posts are found at the bottom of the page.]

    With the close of Q3, it's time to update our Top Ten list of the shadiest Top Level Domains (TLDs), as well as profile another of the shady ones.

    First, the Top Ten list for Q3 of 2017:

    Rank TLD Percentage of Shady Domains (All Time) *
    1 .country 99.95%
    2 .stream 99.74%
    3 .download 99.58%
    4 .gdn 99.50%
    5 .racing 99.27%
    6 .xin 99.25%
    7 .bid 98.97%
    8 .reise 98.97%
    9 .win 98.75%
    10 .kim 98.74%

    * As of the end of September, 2017. Shady Percentage is a simple calculation: the ratio of "domains and subdomains ending in this TLD which are rated in our database with a 'shady' category, divided by the total number of database entries ending in this TLD". Shady categories include Suspicious, Spam, Scam, Phishing, Botnet, Malware, and Potentially Unwanted Software (PUS). Categories such as Porn, Piracy, and Placeholders (for example) are not counted as "shady" for this research; if they were, the percentages would be higher.

    While eight of the Top Ten were on the membership list last quarter, and one (.win) has been profiled before, the .reise member is new, and therefore somewhat interesting. It's a German word, meaning "travel, trip, journey", and I wouldn't read too much into its presence in this quarter's Top Ten list. It hasn't been around long, and its percentage is based on just a few hundred ratings (barely over the minimum needed to make the list), rather than on thousands or tens of thousands (or even hundreds of thousands), like the other Top Ten members.

    Caveats

    As always, we caution against reading too much into the relative positions of TLDs on this list. Rankings are very fluid from quarter to quarter. Also, we are not advocating setting up policy to block all domains on all of these TLDs. Any such recommendation would come only after more research into a TLD. In particular, .xin is rather popular in China, as is .kim in South Korea, and it would not be wise to automatically block such domains if you do any business there. Also, several TLDs have percentages based on lower numbers of domains than some of the other TLDs in the list. (As with .reise above.) In general, it's better to leave shady domain blocking up to the professionals...

    .Men in Black (and Gray)...

    One of last quarter's Top Ten that has dropped a bit (it's actually down to #33 in this quarter's rankings) is .men, the subject of this "deep dive".

    Looking at the top 100 hosts (by number of requests in our traffic), we see the following breakdown of a recent week of world-wide traffic:

    Category Count / Percentage
    Malware 7
    Phishing 5
    Suspicious 63
    P.U.S. 1
    Spam 1
    Scam 2
    Porn 3
    Adult 3
    Piracy Concern 14
    Health 1

    In other words, going by our official list of "shady" categories, 79% of the hosts were in the Red Zone, and another 20 were in the Yellow Zone (not directly related to a security concern, but still somewhat shady). Keep in mind that both Porn and Piracy are common lures used by malicious actors.

    That left only one site -- about Men's Health -- rated with a normal/clean category.

    How Dangerous?

    In checking some of our database notes for the sites with the worst ratings, it's a mixed bag:

    • A site serving a cryptocurrency "miner" script. (More in the Potentially Unwanted Software realm than true Malware.)
    • Several sites initially flagged as Suspicious, with notes about using shady redirects; these were later upgraded to Malware when they were seen triggering IDS alerts for malicious traffic.
    • Several reported as Phishing, although given the frequent use of the word "winner" in some form in the domain name, and coupled with the fact that plain old spam is often labelled "phishing" by well-meaning but casual observers, I'm not sure that a category of Phishing is justified. But they're clearly shady.
    • A bunch of others in the "shady redirect" group, that follow some particular domain naming patterns that make them easy to group. (Normally "shady redirect" sites are involved with either shady advertising or spam...)
    • There were several of the sites included above in the Suspicious category that also had a category of WebAds/Analytics, indicating their likely usage. (These followed a different naming scheme that the more-numerous network in the previous item.)

    Overall, most of these .men were not in black, but more dark- to light-gray. But still well worth blocking. We didn't see many .men in "white" in our traffic survey.

    --C.L.

    @bc_malware_guy

    P.S. For easy reference, here are the links to the earlier posts in our "Shady TLD" series:

    .country

    .kim

    .science

    .gq

    .work

    .ninja

    .xyz

    .date

    .faith

    .zip

    .racing

    .cricket

    .win

    .space

    .accountant (and .realtor)

    .top

    .stream

    .christmas

    .gdn

    .mom

    .pro


    0 0

    Symantec research shows users to be twice as likely to encounter threats through email as any other infection vector, and the spam rate declines slightly for the second month in a row.

    続きを読む

    0 0
  • 11/13/17--00:33: 2017年10月最新情报
  • 赛门铁克的研究表明,用户遭受电邮威胁的比例是其他感染媒介的两倍,垃圾邮件比例连续两个月小幅下降。

    続きを読む

    0 0

    シマンテックの調査により、ユーザーがメール経由で脅威に遭遇する確率は他の完成経路の 2 倍に達することが明らかになりました。一方、スパムの比率は 2 カ月連続で微減しています。

    続きを読む