Ken “The Virus Doctor” Dwight on Malware Threats at SpiceWorld 2017

The Virus DoctorKen “The Virus Doctor” Dwight and I sat down at SpiceWorld 2017 to discuss ransomware and other malware threats to you and your security. Ken Dwight has been in the cybersecurity business for as long as cybersecurity has been a thing and long before anyone coined the term, cybersecurity.

Ken also offers his book and a Virus Remediation class from his website. He has helped many companies recover from virus infestations, ransomware attacks, and various malware infections. He is a consultant, a speaker, and a practitioner in the dark art of virus killing.

It was a pleasure to speak with Mr. Dwight on camera at SpiceWorld 2017.

Copyright 2017 The SecurityNOW Show. License: CC BY.

Data Science and Security with SOPHOS Data Scientist Hillary Sanders

SOPHOSHillary Sanders and I sat down for a chat at SpiceWorld 2017 in Austin about data science and security. We discussed the ins and outs of data science, machine learning, neural networks, and how this data helps security researchers. Ms. Sanders is a data scientist and data science researcher at SOPHOS. As you’ll see in the video, she loses me in part of the discussion. I’m very familiar with biological neural networks but the computer ones are pretty complex. These neural networks and their reliance on big data is the significant first step toward some pretty impressive artificial intelligence (AI) possibilities.

Although Elon Musk and Stephen Hawking have warned us about the future of AI, I think that AI is the true future of computing. And I’ve thought so for a very long time, beginning back in the day when I wanted to learn LISP and Prolog programming. Unfortunately, I did not have the financial resources to learn those languages at the time. I digress.

Hillary explains data science and her work in such a way that I hope many more young people will be inspired to follow her into this next exciting chapter of computing. She is also an accomplished artist and you should view her work at hillarysanders.com. Her site isn’t just art, it’s also about her work as a data scientist and a programmer. Check out the Cheatsheets page.

Copyright 2017 SecurityNOW. License: CC BY.

Online Shopping Hazards with guest WWPass VP of Strategy Perry Chaffee

Perry Chaffee of WWPassPerry Chaffee, WWPass VP of Strategy, and I turn our attention toward online shopping because it is the holiday shopping season and security is a big concern, or should be, for anyone making online purchases. You don’t want your shopping experience to be tainted with unusual charges, identity theft, or account compromise of any kind. For these reasons, you need to be aware of your shopping experience and your security.

Here are a few guidelines that Perry and I talk about during the podcast:

  1. Use a strong password.
  2. Use a password manager.
  3. Use a credit card rather than a debit card for purchases.
  4. Enable two-factor authentication for better security.
  5. Before entering passwords or credit card information, look for the https in your browser’s URL.
  6. Close your browser after shopping on a site and reopen it for your next purchase.
  7. Be sure that the site you’re on is the one you want to use.
  8. Never give anyone your password over the phone.
  9. Be VERY careful of links embedded in emails as they can look very similar to real sites.
  10. Be aware of your surroundings and don’t speak your credit card information out loud in public places.

WWPassThis is not a sponsored podcast but WWPass is a commercial security solution for individuals and businesses to help keep all your online transactions and shopping experiences secure.

Length: 18:02 minutes. Format: MP3. Rating: G

Please contact us for sponsorships, sponsored posts, and videocasts.

Copyright 2017 The SecurityNOW Podcast Show. License: CC BY.

Absolute’s Global Security Strategist Richard Henderson discusses 2018’s Security Threats

Richard HendersonRecurring guest Richard Henderson (Global Security Strategist for Absolute) and I discuss what we think are the greatest threats to security in 2018. We ponder ransomware, standard threats, cryptocurrencies, and other advanced persistent threats.  Richard and I agree that 2018 will be another significant security threat year. One thing to note is that while attackers are more persistent, there are some threats that are actually waning such as certain types of ransomware, viruses, and malware that’s easily stopped by smarter browsers, host-based firewalls, and operating system security. That said, we don’t expect attacks to decrease in 2018.

As always, our podcasts are licensed CC BY and are rated G for all audiences and venues.

Length: 29:07 minutes. Format: MP3. Rating: G.

Please contact us for sponsorships, sponsored posts, and videocasts.

A Ransomware Discussion with Absolute’s Richard Henderson (Podcast)

RansomwareRichard Henderson, The Global Security Strategist for Absolute, and I spoke about the global Ransomware threat, its prevention, and what to do if you’re victimized by an attack. Richard and I disagree a bit on what you should do if you’re a Ransomware victim. I say that you should never pay. He says that there are circumstances where it makes more sense to pay the ransom.

I write the introductory column for ADMIN magazine and in the most recent issue (Number 40), I wrote about this very topic. I titled it, “Feeding Seagulls is Wrong.” It is a light-hearted look at feeding seagulls, which I compare to ransomware writers. To me, paying ransomware writers is like feeding seagulls: You’re down a bag of Cheetos (Some amount of Bitcoin) and the seagulls (Ransomware writers) are never satisfied.

Listen to the podcast. Read my column. Make a decision. And feel free to tweet me @kenhess to start a discussion.

Podcast details:

Length: 24:11 minutes. Format: MP3. Rating: G for all audiences.

Copyright 2017 The SecurityNOW Podcast Show. CC BY.

ThinAir CEO Tony Gauda on Insider Threats (Podcast)

ThinAirIn Preston’s absence, I spoke with ThinAir CEO Tony Gauda about insider threats. Insider threats cost companies billions of dollars, thousands of lost labor hours, and loss of credibility with customers. If you don’t believe that insider threats are a real problem, it might interest you to know that among companies experiencing data breaches, internal actors were responsible for 43 percent of data loss, half of which was intentional and half accidental.

There are two types of insider threats that are mentioned above:

  1. The malicious insider who purposely steals data, and
  2. The unaware or innocent insider who accidentally causes a breach.

From the ThinAir website:

The average cost of a data breach is now $3.62 million, up 16% since 2013, according to a recent IBM-Ponemon report. It only takes minutes for a thief to steal information, but organizations typically need 191 days to identify a breach and another 66 days to contain it. The two major costs are related to an investigation, and the forensics to determine the root cause and the scope. Factor in the inevitable lawsuits, customer churn, and brand damage, and an organization will feel the effects of a breach for years to come.

What if instead of attempting to reconstruct the crime scene, you could play back the security tape in high definition? What if you knew the source, complete impact, and vector of exfiltration in 90 seconds?

The problem is real and it’s expensive. Tony Gauda and I explore the many possibilities and some solutions to the problem in this podcast.

Podcast details:

Length: 20:39 mins. Format: MP3. Rating: G for all audiences.

Thanks to Tony Gauda and Caitlin Gribbons at Inkhouse for connecting us.

ISACA Report Confirms SSH Keys Need To Be Properly Managed To Ensure Compliance and Reduce Risk

HELSINKI, WALTHAM, Mass. and ROLLING MEADOWS, Ill., Sept. 12, 2017 – The use of Secure Shell (SSH) is ubiquitous, a critical service on which the security profile of most organizations depends. Yet, according to a new report issued by ISACA and sponsored by SSH Communications Security, only rarely is that usage appropriately secured, assessed, documented and managed in a systematic and risk-aware way. Consequently, poorly managed SSH key environments may lead to compliance challenges and security breaches. The full report can be downloaded free of charge from the ISACA or SSH Communications Security websites.

The report outlines considerations that technology risk professionals, auditors, security practitioners and governance professionals should take into account as they approach the use of SSH in their enterprises. It offers guidance for the assessment of SSH usage, including items to incorporate in audit plans to ensure SSH access control and management is in place. Key areas auditors should consider regarding SSH keys include:

  • Security issues: Practical challenges include managing and tracking cryptographic keys at scale, responsibility for “key hygiene” and executive oversight for the use of SSH.
  • Assurance considerations:The ubiquity and transparency of SSH access makes the surface area for consideration very large, while the underlying mechanics of operation make it specialized and potentially complex. The report explores the core areas that auditors should consider when evaluating SSH usage.
  • Suggested controls: ISACA recommends specific areas to focus on when evaluating enterprise networks for SSH compliance, including configuration management and provisioning.

Frank Schettini, Chief Innovation Officer, ISACA, said: “SSH is one of those rare technologies that is in frequent use in almost every type of organization around the world. The report from ISACA examines the specific steps audit practitioners should take to ensure that they are not ignoring SSH usage and the access it provides, and gives general guidance on appropriate controls to assess and manage SSH keys. Our goal is to provide a practical starting point for improving any organization’s security posture and overall governance.”

Fouad Khalil, VP of Compliance, SSH Communications Security, said:

“Audit, risk, security and governance practitioners have a huge and complex job on their hands when it comes to SSH user key management. ISACA’s new report recommends that practitioners systematically address, assess and periodically re-evaluate the mechanics of SSH usage within their environments. Our robust set of solutions removes the complexity and difficulty from these urgent, critical tasks so organizations can become or remain secure and compliant.”

About ISACA

Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. ISACA leverages the expertise of its half-million engaged professionals in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology.

About SSH Communications Security

SSH Communications Security (NASDAQ OMX) is a leading provider of enterprise cybersecurity solutions that monitor, control and automate trusted access to critical data. Customers worldwide trust our flagship Universal SSH Key Manager® and other solutions to manage access, enhance security and achieve compliance. SSH sells direct through offices in North America, Europe and Asia and through a global network of certified partners. Access more at www.ssh.com