Age-old vulnerabilities, attack techniques consistently trip enterprises

TORONTO --- The vulnerabilities of the past are consistently haunting some enterprises, according to a pen tester who explained Tuesday that enterprise IT security teams often know about persistent weaknesses and system configuration issues but are doing little to correct them.

There's been a whole lot of gaps out there in how we defend systems and they've just remained in place.

Jamie Gamble, senior security consultant, Accuvant Labs

"There's been a whole lot of gaps out there in how we defend systems and they've just remained in place," said Jamie Gamble, a senior security consultant at Denver-based Accuvant Labs. "We are ignorant as an industry. We still have ignorance toward a lot of things in security."

In his presentation at the SecTor security conference, "The More Things Change: The Vulnerabilities that Time Forgot," Gamble summed up longstanding weaknesses in Windows and Unix systems that continue to go unaddressed at many firms.  Security researchers Dan Farmer and Wietse Venema authored a 1992 paper that challenged conventional thinking, prompting network analysis and some of the first penetration tests. The paper described attack techniques that are still relevant today, he said.

Network segmentation issues such as VLANs that are poorly configured are contributing to a continuous pattern of holes that can be targeted with attack tools and techniques that were built more than a decade ago, Gamble  said. Many are not configured to support proper role-based access control (RBAC).

"We've seen improvements in system architecture but VLANs are not being implemented from a security perspective, they're being implemented with a functional perspective," Gamble said. "Even though network segmentation works, it's still very difficult to put it in place."

System to system trust has also opened persistent weaknesses, Gamble said. It started with Rlogin, which allows the user of one system to log into another system without a password. An old technique that still used by pentesters is to target the Rlogin file, exploiting it to allow anyone to login without password.  SSH was added to improve security, but it has actually done very little to correct the trust weaknesses, he said. A lot of organizations fail to put passwords in the SSH keys. "It's encrypted but it doesn't matter," Gamble said.

Weak, poorly protected and mishandled passwords can also be a common way in, according to Gamble. Unix-based systems that use NIS for network authentication may have conditions set exposing a list of user directory passwords to an attacker. Using LDAP is not necessarily better. An attacker can attempt to root the box and if successful can pull out LDAP passwords from regions of memory, according to Gamble. Easy to do as long as you can compile on the system, he said.  Even if there is shell password files being used, a way to hide distributed passwords from users, they can be cracked easily, he said.

Man-in-the-middle (MiTM) attacks is also a common technique spotted by security researchers being used by cybercriminals. Tools have gotten better at automating the process, but the attack technique has been known and available before the modern Internet was invented, Gamble said. The attack is very successful today because people often accept connections that have bad certificates, Gamble said. There are many programs designed to create a MiTM condition, eliminate encryption and start stealing credentials.

"Most mitigations in place haven't worked at all," he said. "This stuff has been made so easy that anyone can do it."

Local Unix issues are also a major issue commonly remaining unaddressed by enterprises. "You can do great things with configuring Unix, but if you want to get practical about how it's being set up in big companies you've got big problems," Gamble said. Basic techniques designed in 1992 to target Unix configuration issues are still in use today. Insecure cron jobs or tasks, specifying privileges in the sudoers file could also lead to information exposure. Some firms configure read/write access on everything in the home directory. As a result, getting elevated privileges on a Unix box is pretty easy if the attacker has access to it, Gamble said.

Local Unix configuration issues are not being tested and detected. Some weaknesses such as ARP poisoning, a network attack, is expensive to fix. Organizations can begin by teaching Unix administrators proper security and proactive auditing to not only look for weaknesses, but address them.




Google Releases New Site Full of Resources for Entrepreneurs

Google released a new site recently aimed at helping entrepreneurs and small businesses. Google for Entrepreneurs is basically a site that brings together all of Google's programs and partnerships that could possibly benefit startups or entrepreneurs.

Under this umbrella are 50 different efforts in over 30 countries, including events in different cities around the world, local groups and programs, and online resources that can be used by small businesses anywhere. Some are products and services of Google itself and some are partnerships with other organizations and small businesses.

One of those partnerships is called Startup Weekend, a group that puts on events where participants spend all weekend working and building a startup and then launch a new company on Sunday night.

There's also Women Entrepreneurs on the Web, a group that teaches women how to build, market and network their businesses and ideas. Another program is Campus London, a facility that gives local young entrepreneurs access to workspace, special events, mentorship and partners.

And aside from the many partner organizations Google has included in the site, there are also the more widely known Google products like AdWords, Google Docs and Google+ for Business.

Google has set up a Google+ page so that entrepreneurs can share updates and keep up with the tools and events from the page. The company also announced the first annual Google for Entrepreneurs Week, which will consist of business events in 28 cities throughout 13 countries.

The site is free to use, and so are many of the resources found there. But this move isn't without benefit for Google. Providing these resources to startups and entrepreneurs can help to ensure that those companies will continue to use Google's products and services as they grow.

It can also help Google keep watch over up and coming small businesses that could become one of Google's many acquisitions or partners in the future.




Women: An Interest, Important And Influencial Group

President Obama talks about women not being relegated to a political interest group.

The president said:

These issues are more than just a matter of policy. And when we talk about these issues that primarily impact women, we've got to realize that they are not just women's issues, they are family issues, they are economic issues, they are growth issues, they are issues about American competitiveness. They are issues that impact all of us.”

Special interest groups are organized for the sole purpose of exerting influence on the political and legal systems and  play a central role in deciding who gets what, when, where and how in legislative and budget processes. They can also play a significant role in deciding which values will be promoted and enforced by the government. Some good examples are The NRA, AMA, AARP, ABA, AFL-CIO, you get the idea.

Susan B Anthony is one of my favorite activists. She knew without getting the right to vote, women would never have a chance to advance, contribute and have a voice. Her efforts changed everything for women and women have steadily leveraged this.

business women rock

Women may not be showing up on the Hill to lobby as much, but they are showing up enforce in the work place, on major lists and leading the way in business, creating jobs, adding significantly to the economy and changing attitudes about work, equality, family and working together as a community.

Women are an interest, important and influencial group.  They are “making the shift” into their place, space, skin and destiny.

As 51% of the U.S. work force, women are growing into their shared stewardship and partnership with men, which can only benefit  their family,  our economy and our self-esteem.  In Maddy's Dychtwald and Christine Larson's  book “Influence” , she says:

“A nations competitiveness depends significantly on whether and how it educates and utilizes its female talent.”

The latest  American Express Open report provides some interesting insights into current women business enterprise, WBEs:

  • There are over 8.3 million women-owned businesses in the United States, a 54% increase in the past 15 years.
  • WBEs are generating $1,291,267,100,000 (nearly $1.3 trillion) in revenues and employing 7,697,000 people.
  • Between 1997 and 2012, when the number of businesses in the United States increased by 37%, the number of women-owned firms increased by 54%-a rate 1½ times the national average.

Founded in 1962, Catalyst, the leading nonprofit membership organization expanding opportunities for women and business  lists the current women CEO's of Fortune 1000 companies.

The Forbes Top 100 Most Powerful Women list for 2012 has several new faces, categories and demographics. This is the best snap shot of the impact of how women have and are emerging, blossoming and awakening.

Perhaps the greatest example of how women are emerging and stole the show were at the 2012 London summer Olympics with Missy, Gabby, Serena, Misty and Kerri and so many other women athletes who shined in soccer, water polo, basketball, swimming, track. The medal count was amazing and impressive.

There were more women than men competing in the 2012 summer Olympics. American women won 58 medals and  29 gold medals.  More than China, Russia and Great Britain's total medial count.

Women may not be a “political special interest group,” but we are special and making the shift into realizing and using our female talents with more confidence and  leadership in fulfilling our social and economic destiny.

It can only accelerate our country's recovery and make us all better, stronger and more successful.

Women Rock Photo via Shutterstock




App of the Week: Forgetting to E-mail People? Future Scheduler will Do it for You

We've all had that moment. That sinking feeling, deep in the pit of our stomach, when we suddenly realize we've completely forgotten something.

We can blame ourselves, but the truth is, we're all living extraordinarily busy lives these days. The days of carrying a beautiful leather-bound Franklin Planner around with us everywhere we go are over, as electronic calendars take over. We can set up notifications, but what if we're busy and forget to check our phone?

Future Scheduler has a solution for the busy small business professional. The $1.99 app, available in Apple's app store and Google Play, can send e-mails and text messages for you while you aren't even aware of it. Set up recurring appointments to have those e-mails go out each week or month. Or set your phone to make a call at a designated time.

Not sure how that would work. Imagine…you're sitting in a meeting or at your desk at work and your phone starts dialing. Suddenly you're on a phone call but what if you don't happen to be looking at your phone?

Reminder apps are not a new thing to the world of smartphones. Many of the things described above can be accomplished by simply setting up e-mails in Microsoft Outlook and delaying delivery to the designated time or inputting reminders into your phone. But Future Scheduler lets you do it all in one place.

“Our goals are simple,” Appsicum, the designer of Future Scheduler, says. “We would like to simplify life. Never forget to update a meeting. Never get a ‘how could you forget my birthday,' never miss out on a business opportunity, and never forget to update Status on Social Networking sites.”

This could be a valuable tool for small businesses interested in upping their social media presence, as social media updates can be completely automated. Update your business's social media sites while you're enjoying a movie, hanging out with your kids, or attending to other business. Of course, this capability isn't unique to Future Scheduler, either. Sites like HootSuite have been offering scheduled social media posts for a while now.

One of the best features of Future Scheduler is that it syncs with all of your calendars. No more double entering or being stuck somewhere without access to your calendar. Your appointments are always with you, accessible from your smartphone, PC, or tablet.

If you're concerned about the strange phone calls that will launch without your permission, Future Scheduler has a solution for that, as well. When you set up a future phone call or text, you have the option to have your device warn you first. If you choose the warning, you'll receive a notification that it's time to make contact. You'll have to confirm it before the phone call or text message will be launched.

Future Scheduler's capabilities are already covered in several different areas, but the app takes things one step further by automating everything…and storing it in one place. The app prefers you think of it as your personal assistant. At a price of $1.99, that kind of service is a pretty good deal.



Expert urges security pros to speak out, educate upper management

LOUISVILLE, Ky. --- Far too many IT security pros are failing to capture the attention of upper management and empower employees to foster a security-minded culture, according to a noted security expert Jayson E. Street.

You've got to have a conversation. You can't just lose hope with them.

Jayson E. Street, security researcher

Street, a security researcher and CIO of Strategem 1 Solutions told attendees at the DerbyCon security conference that they need to change their perception of upper management. Every year security pros ask for more money for their program, but it's very unlikely that they are clearly demonstrating the outcome of previous investments, Street said.

"Saying they just don't get it is a crutch we use," Street said. "I don't care how awesome you are at breaking something or figuring out how something is broken; if you can't communicate effectively to upper management, it doesn't matter."

Getting in the mindset that metrics are a powerful tool to demonstrate the effectiveness of ongoing security initiatives is a good way to begin to improve communication and boost the security program, Street said. Start tracking blocked spam and filtered virus attachments, firewall blocks and data from other security devices.

"You should love and embrace metrics because that helps your network get better," Street said. "You'll start understanding what is going on in your network and find out how well your network is running."

The success of enterprise risk management programs hinge on buy-in from upper management, say security experts. A study earlier this year conducted by Carnegie Mellon University showed that high profile data breaches has done little to get senior-level executives to understand the security and privacy risks within the enterprise. The study found that 70% of executives and their corporate board of directors rarely or never review security policies. It noted gaps in the way corporate CEOs and other senior executives take responsibility for the organization's security and privacy practices.

Street, who said he also works at a major U.S. bank, makes it a priority to provide two security related stories for senior executives to read every two weeks when upper management meets. The stories help start a conversation and can help management better understand the threat landscape and how much risk is acceptable.   

"We can't lose hope, be disgruntled and say no one is listening to us," Street said. "You've got to have a conversation. You can't just lose hope with them."

Street said his job is not to enact change, but rather to observe and report. Security pros must be effective at explaining were the risks are and the company is going to offset some risk with security technology and policies and also accept some risk, he said.

"If the CEO is running toward the edge of a cliff, I'm not going to stop him," Street said. "I'm going to tell him here's a parachute for $500 and here's an umbrella for $5. You've got to give them choices."   

Street also urged attendees to learn to have a positive attitude and become approachable by end users. "The first step is to learn how to communicate effectively among ourselves," Street said. Join local security groups, speak at conferences and learn to interact with colleagues on research projects and ongoing security issues. The more speaking engagements and opportunities a person has, the better they get at engaging people, he said.

Effective security awareness training
Security awareness training can be effective, Street said, if it is approached correctly. A more effective security program will educate employees about how to be better computer users at home, not necessarily at the office. A program that teaches employees how to protect their personal data and their children from predators could foster a security mindset at the office.

"Users are getting compromised at home. Their children are talking to people online who they really don't know," Street said. "They can't protect their own stuff how the heck do you expect them to protect your data?"




Microsoft Office Announces Affordable Cloud-Based Solutions

When computers first entered the office environment, there was one way to get Office products. The office spent hundreds of dollars per license for each user and someone installed it individually on each PC. But in recent years, the office environment has changed, with many workers needing to access files on tablet PCs and smartphones.

Acknowledging this, Microsoft has come up with a new way to deliver its product that is not only more affordable for small business users, but cuts out the need to install it, as well. Customers need only sign up for the Microsoft Office 365 subscription service to have access to Outlook, Word, Excel, PowerPoint, and OneNote, as well as additional Cloud-based options.

Due to the monthly cost, this solution is ideal for small businesses and home users, who would traditionally have forked over nearly $350 per user. If that license is upgraded every four years, that customer will have paid $600, according to the pricing listed on Microsoft's website. The small business will have the option of paying $12.50 per month or $149.99 each year for one license.

Where the savings comes in is in the ability to use Office on multiple devices. By adding on access to SkyDrive, a user can view, update, and save documents from anywhere. Additionally, the Office 365 user also gets Access and Publisher, two items that aren't available in the standard version of Office.

That doesn't include the installation of Office, which can be time-consuming and require a certain amount of technical expertise. If a small business is paying a technician to keep Office up-to-date on all devices, having Office 365 can provide a substantial savings over a four-year period. Because Office 365 is Cloud-based, it will always have the current Microsoft Updates, keeping your devices safe from malware.

“For most people, subscribing will be the best choice - especially for families, consumers with multiple devices and small businesses,” Tara Gregory of Waggener Edstrom Worldwide writes. “Subscriptions to Office 365 include all the Office applications, additional services product upgrades as soon as they're available, and access to Office on up to five PCs or Macs, as well as streamed access to full-featured Office applications on any PC.”

Gregory goes on to explain that the Home Premium edition of Office 365 brings with it even more cost savings, with $8.33 a month getting a user access on up to five PCs or Macs in a household, 20 GB of SkyDrive space, and 60 minutes of Skype world calls per month. Users can get a thirty-day free trial of Office Home edition for free to give it a try.

If I'm understanding this correctly, this means when a new version of Office debuts, users will automatically have access to that version, as well, whereas previously users would have to pay hundreds of dollars or be forced to stick with the old version. Granted, Microsoft can always upgrade the monthly price, as well, but for small business owners and home users, always having the latest version of Office for a small monthly fee is a pretty good bargain.

Each business owner should check out the offerings of Office Home and Office Small Business to see what savings they'll have by switching to this version. But as small business owners increasingly choose tablet PCs over desktop PCs and laptops, Office's Cloud offerings may better serve their needs of having access without having to install software.



Savvy Rest Reaches New Audiences at Scale Using Content Discovery (Case Study)

As a small business, creating content and finding an audience for that content can be a challenge. As an organic mattress company with a niche audience, Savvy Rest wanted to use its blog to increase the exposure of its brand and increase traffic to its website. Prior to working with Outbrain, the leading content discovery and content recommendation platform, Savvy Rest used social media channels to distribute its content, which centered on sleep and lifestyle topics. However, it found that the size of its actual and potential social network was limited given the type of content it produced.

Savvy Rest implemented Outbrain's Amplify Self-Serve platform to better distribute content at scale. Outbrain recommends interesting internal and third-party content to audiences on article and video pages. Content publishers can work with Outbrain to recommend links to additional internal content at the end of articles in order to keep traffic recirculating within their network. They can also work with Outbrain to have their content recommended as links on third-party sites on a Pay-Per-Click (PPC) basis.

Savvy Rest leveraged Outbrain's services to accomplish both of these goals.

By having links to their content recommended on publisher sites like CNN, MSNBC and Slate.com, among many others, Savvy Rest was able to reach new and larger audiences. By furthering the reach of its content, the company was able to drive traffic back to its site and generate more consumer and prospect engagement.

“Outbrain has driven significantly more traffic to our website than our social media channels,” said John McMullen, Founder of Savvy Rest.

As a result of working with Outbrain, Savvy Rest:

? Generated a larger volume of blog traffic than it did sharing content on social media
? Increased unique visitors and total visits
? More effectively targeted potential audiences and decreased bounce rates by engaging audiences that were already in the process of consuming content.

In addition to amplifying content, Outbrain is able to help content publishers generate PPC revenue by recommending third-party content alongside internal content on each article page. Content publishers with a large volume of traffic can recommend links at the bottom of their content that drive traffic to third-party sites like Savvy Rest's blog. These recommendations generate revenue but also, more importantly, provide an enhanced experience for users who wish to consume additional content off-site.

Try it for yourself! for as little as $10 a day with a flexible cost-per-click (CPC) that you decide. Unlike other CPC platforms, the more traffic you get, the more you will be recommended across our network leading to lower CPCs over time. Once you sign up, email us at selfserve@outbrain.com to claim a $50 credit!



How To Become An Expert Online

Let's face it â€" this is what we're all striving for, right? We want to be acknowledged as an expert in our field. We want customers to recognize our expertise so they'll trust us with their dollars. We want bloggers and reporters to see us as an expert so they'll use as a source and send traffic our way. And, of course, we want Google to think we're an expert so it'll deliver new eyes and more conversions. We're all fighting the expert game. But how do we really become one?

I'm often asked how small business owners should go about building their expertise online. Below is an expanded version of the answer I often give.

1. Be different

The first step of being known as an expert is being known at all. And to do that, you need to stand out. Identify what is different or a little bit kooky about your business, and then bleed it from everything pore available. Now, before you go crazy, simply being weird isn't enough. You have to be weird in a way that serves your audience. What is weird about you that helps them achieve their goals? How does your uniqueness make you better suited to serve their needs? That's your point of difference.

If you don't know what your POD is, ask your audience. Why do they do business with you? What keeps them coming back? You may be surprised at what they tell you.

2. Tell stories

Consistently tell stories about your brand and your industry. This is how people will connect with you and how you'll become memorable. Share yourself, get personal, and tie it back to your customers' goals.

From a brand perspective â€" create content that shows your POD in action. Tell stories that demonstrate how you do business, post photos of your consumers interacting with your products. Make sure these items are easy to find and to share. Craft stories about your industry by creating characters out of the biggest players, highlighting issues, and setting your brand up as the solution. If you're not looking at how to incorporate storytelling into your marketing, you're making it harder for people to remember your name and what you're about.

3. Build relationships

Become an expert networker.  If you know someone who should know someone else, connect them. If there's a blogger whose radar you want to get on, connect with them.  Comment on their blog and offer a helpful tip, help them solve a problem they're dealing with, connect them to a person in your network you think they should know. Little by little these “acts of goodwill” will help you to create powerful relationships that you'll be able to leverage in the future.  Be nice and helpful to everyone you meet. Partly because there will comes a time when your generosity will pay off and, also, because it's just a good way to be.

4. Talk about your industry, not yourself

Write more about your industry and the world around you than you do about your own products or services. If someone is interested in learning about your product offerings, they can find that information on their own. Instead, pique their interest by talking smartly about the things they're concerned about. If you sell green-related technology, focus on the issues your audience is passionate about and share your stance. Set yourself up as a thought leader and become part of the conversations that are happening around. The more you're seen talking about the key issues related to your industry, the more you'll be perceived as an expert by those around you.

5. Be seen

Once you identify what it is you want to be known for, be seen talking about it. Don't be a wallflower. Guest blog on other sites, participate in online conversations, attend conferences, and get your voice and your opinion out wherever you can. You'd be surprise how much of “becoming an expert” is really about “being seen talking about stuff”. It's somewhat sad to point out but the more you're seen, the more apt people will be to put you on the pedestal.

6. Show results

Of course, you'll have to be able to do more than just talk. You'll also need to prove your salt by showing your results. Post case studies showing how you helped Client X increase their revenue by 200 percent in the year they worked with you. Post client testimonials that explain how your product made their life easier. Document your success and share it in the form of helpful tips and tactics that others can learn from. Collect information and share it with your entire industry so everyone can benefit from it.

7. Keep learning

Once you achieve a certain level of success it becomes pretty easy to keep talking about what you've done instead of doing new stuff. The trouble with that is eventually you'll run out of things to talk about or the topics you want to talk (ie the same old things) about won't be as valuable anymore. In your efforts to be seen as expert, don't forget to keep learning what you're trying to become an expert in. That's how you'll expand upon your thought leadership, it's how you'll keep getting invited back to the table, and it's how you'll, ultimately, be able to better serve your customers. You can be seen as an expert all you want â€" if you can't back it up, eventually you'll customers will realize and leave you.

8. Be humble

Resist the urge to drink your own Kool-aid by focusing on giving back to others. Instead of patting yourself on the back, lift others up instead. Not only will it make you a more attractive person to be around, you'll also be building valuable connections that you'll be able to use in the future. Because no one becomes an expert on their own. They do it with the help of everyone around them.

Above are tips I would give to anyone trying to increase their expertise online. What'd I miss?

Businessman Photo via Shutterstock




Bit9 adds user capability to approve software in its whitelisting technology

Bit9 has added capabilities to its whitelisting technologies to allow end-users to create policies for approved software and applications.

According to the company, version 7.0 of its solution delivers trust-based security that allows users to create policies that leverage the trust ratings in its Global Software Registry so they can run software without involvement from IT.

The company claimed that this is the first solution to offer both IT and cloud-based trust that enables management efforts to be minimised and users to be less impacted.

Brian Hazzard, vice president of product management at Bit9, said: “We believe that this is a breakthrough as this will make application control mainstream. Previously malware had to be identified to be blocked, anti-virus is powerless against it, so what do you do at the next level? Now end-users can run the software they choose as long as it is proven to be reputable.”

Version 7.0 also adds security for virtualised environments and a single trust-based security solution for application control across enterprise systems.



White House attack once again demonstrates how vulnerable staff are to spear phishing

The reported attack on the White House Military Office has demonstrated how vulnerable companies are to spear phishing.

As reported yesterday by SC Magazine, Chinese hackers have been able to access the White House Military Office. An Obama administration national security official said that this "was a spear phishing attack against an unclassified network" and confirmed that the type of attack was ‘"not infrequent" and there were unspecified mitigation measures in place.

US officials familiar with reports of the White House hacking incident told the Washington Free Beacon said that the attack took place earlier this month and that unidentified hackers used computer servers in China to access the network, although there was no indication that any exfiltration of data took place.

Rob Rachwald, Imperva's director of security strategy, said: “This incident reminds us how easy it is as an organisation, even as secure and well funded as the White House, to get infected since anti-virus is so porous. Lucky for the White House, their team of security specialists were able to find the compromised entity, but it is not trivial and usually happens very late, if ever.

“While phishing is a technique which by hackers mimic sites such as IRS, or your bank in order to lure you to submit your credentials, ‘spear phishing' is the targeted technique of identifying an individual in an organisation that the hacker wishes to compromise, and uses different techniques in order to lure that individual to activate malware on his/her computer. Effectively, creating the compromised insider.

“Finding an individual to target is fairly easy in today's social networking world. All a hacker has to do is look for ‘White House' as the current position and select which is pertinent.”

He said that the three most common infection methods include: an email attachment of either an executable in an EXE form (less common now) or a PDF with malicious code in it; link distribution of an infected site that can come via email or any form; or a gift, something as simple as a USB given at a convention that contains malware.

Terry Greer-King, UK managing director of Check Point, said:  “This incident shows how critical employees are to an organisation's overall security process. As networks become better protected, hackers are increasingly targeting staff, but this growing risk isn't being recognised.

“In a recent survey we found that 42 per cent of UK businesses had been hit by social engineering attacks in 2010 and 2011, but only 26 per cent offered regular employee training to prevent such attacks and 44 per cent had no employee training in place. The best protection against these attacks is education, because staff are increasingly on the security front line as the easiest route onto the network.”



Prevalence of targeted attacks leads to need for detection software

The strength of targeted attacks requires more capabilities from incident response and digital forensic technologies.

Speaking to SC Magazine, Symantec's EMEA security CTO Greg Day said that as there are more and more targeted attacks now, there is a need for better threat intelligence and a ‘genealogy' of what is going on.

“There is a need for forensics and with Big Data we need more granular information on what is going on. This is an area that is hugely growing as we look for more cyber intelligence and correlation to use it,” he said.

Victor Limongelli, president and CEO of Guidance Software, said that this view is a turnaround from two and a half years ago, when targeted attacks did not get in the headlines, but following the Aurora attacks, people started talking about state sponsored hacking and incident response became an emerging area of interest.

He said: “We do subsequent analysis so you can understand the scope of the attack, rather than advanced malware on the server, Incident response is a multi-tool environment as we are not a malware identification company, but our technology finds out where the malware has gone.

“Any sizeable companies (10,000 employees or more) have incident response as they have to scan their data from different offices in multiple locations. Users use it in a proactive manner as it gives a better window into where an organisation's sense of the data is, we call it ‘authorised data in an unauthorised location'.

“We have seen incident response become an ongoing interest area as not everyone has it, but our business is more internal with a permanent focus on the endpoint and connect repositories.”

Security consultant Nik Barron said that these days, incident response is very often tied in with forensics (often bundled together as ‘DFIR â€" digital forensics and incidence response) and said his interest in forensics came about as a result of incident response, particularly tracing down infection routes for malware via browser histories.

He said: “With targeted attacks you really need something a bit more comprehensive than a traditional intrusion detection system (IDS) which, being largely signature based, is open to circumvention by clever attackers. In the same way you can repack malware to avoid anti-virus signatures, you can often do the same with network attacks to avoid IDS.

“What is becoming more common is what I'd loosely call ‘network surveillance', which will monitor everything that's going on at a suitable level of detail for subsequent analysis. This is also important so you can see a baseline of normal activity and then spot discrepancies that may show someone's up to no good.”

Limongelli said that its technology is not offered as a hosted service as it needs to be on the network and endpoint. Barron agreed, saying that such systems need intimate access to the internal workings of your business and that a hosted service isn't really an option in the traditional sense, as the kit needs to be internal.

“However there's no reason I suppose you couldn't have someone else provide the kit and monitor it remotely, subject to the usual constraints of security and privacy,” he said.



StumbleUpon Introduces New Look For Site

There are times when any business must change its approach, and for an online business like StumbleUpon, a plunge in traffic, the departure of a CEO, and the introduction of a new mobile app for iPhones might certainly indicate that the moment is right. This big name in social bookmarking recently announced a redesign, too. Now may be a good opportunity for all online entrepreneurs to reflect on the need to move forward, innovate, and keep up with the times.

Stumbling Around

Quick change artists. StumbleUpon was once the marvel of the social bookmarking world, known as a huge traffic driver for Websites and touted by many an online marketer for its ability to help connect with niche audiences. But a traffic decrease since December proves the site is far from infallible. Perhaps wisely, the people behind this social media powerhouse have decided it's time to rebuild from the ground up. There are times when you need to do the same. The Next Web

I'm in a Pinterest state of mind. Many observers have noted the similarities between StumbleUpon and another bright, new star in the social media firmament: Pinterest. But rest assured, writes Greg Finn, a social media and search marketing expert, StumbleUpon's DNA is still at the heart of the site's reinvention. Don't be afraid to borrow a good idea with a redesign, but stay true to your roots and users. Marketing Land

Site Specific

The ugliest site in the world. Is your business Website still plagued by bad color schemes, poor grammar, even worse navigation, obtrusive ads, and (yikes!) even that old-school approach of playing music to harsh your visitors' mellows while they're trying to surf on through (probably listening to their own music at the time?) If any of these descriptions  sound familiar, it's time to make changes immediately. Small Biz Diamonds

Framing your fears about online video. Marketing coach Stephanie Ward gets that many small business owners may be apprehensive about creating online video. Maybe you're not comfortable with the idea of creating video or being on camera, or perhaps you fear the technical challenges video presents. But the fact is, video can be an important addition to your business Website and a great way to grow your business. If you haven't added video to your Website yet, check out Stephanie's challenge. Firefly Coaching

Caught in the Web

What your Website says about you. Famous Canadian entrepreneur Arlene Dickinson may be the star of Dragon's Den, a Canadian version of Shark Tank, where entrepreneurs pitch their ideas to big time investors, but that doesn't mean her company's Web presence is keeping up with the latest trends. One blogger complains the company still doesn't have a mobile-friendly Website and that Dickinson's blog hasn't been updated in months. The Your Web Department Blog

Beating a path to your door. You may believe that just having a super cool Website will attract all the visitors and customers your business could ever need. Not so, says blogger Joel Mayer. You'll have to do some of the work yourself in the form of keywords, page titles, link building, and Meta tags, if you want visitors to even find you online. It's called Search Engine Optimization and must be an important part of all your online marketing plans. The Savvy Copywriter

Share and share alike. To attract traffic to your Website, you will also need to convince others to share your content via social media. If this isn't happening, the problem may stem from the material your Website offers. If you'd like to make your content more appealing to social media users, check out marketer Brad Smith's post about how to make others want to share your stuff and promote you to the world. Social Media Today



Subscribe to: Posts (Atom)