An explosion of fresh customized malware continues to leave even the industry’s top security products lagging behind as organizations are doing everything they can to protect their networks and customers. Congress has even stepped up their efforts to pass legislation that better protects our digital and critical infrastructures from new cyber threats. But with more targeted attacks successfully exploiting enterprises, the question that still remains is: Are we doing enough? Here were some of the top security stories from June 2010. ( Read More… )
Most recent comment:
Jeffrey
"But with more targeted attacks successfully exploiting enterprises, the question that still remains is: Are we doing enough?"
...
One of the hottest topics in cyberspace is the “Protect Cyberspace as a National Asset Act” (PCNAA), a bill the U.S. Senate is considering that would help strengthen the mechanisms by which government and private industry protect the safety and security of the Internet. According to the article, “Plan cyberwar defenses now, before any attacks succeed,” the flaws in America’s counterterrorism strategy continue to leave our cyber-communications network vulnerable to attacks aimed at breaching our personal privacy, stealing our secrets, and even physically harming us.
While it is good news that Congress is taking proactive steps before things explode, their solution to consolidate power within the government to legally monitor and respond to cyber threats as they occur is no way to get on top of the actual problem. Instead of proactively addressing the situation with a reactive set of solutions, they need to carry these measures through with proactive solutions that prevent the situations in the first place. ( Read More… )
For organizations that run the nation’s most critical infrastructures, it’s important to understand that today’s targeted cyber attacks are designed to carry out any number of activities including monitoring network processes to bringing down the grid. Just because hackers haven’t carried out an attack doesn’t mean malware isn’t already resident in a system waiting for the most opportune time to launch.
In the article, “Attackers can take out critical infrastructure, but profit lies elsewhere, researcher says,” Jason Larson, a security researcher at the Idaho National Laboratory, said there’s plenty of evidence that hackers have already infiltrated control systems that run power generation plants, gas and oil refineries, and other chemical factories, but so far their activity is observational. ( Read More… )
Cisco recently initiated the End-of-Life process for the Cisco Security Agent (CSA) endpoint security solution.
Even before Cisco announced CSA’s end-of-life, CSA customers have been interested in CoreTrace’s application whitelisting solution, BOUNCER, because of BOUNCER’s ability to protect endpoints at a fraction of the HIPS administration effort. BOUNCER can do this by:
- Rapidly secure endpoints without requiring manual tuning
- Auto-generate whitelists for each computer
- Protect against even the most sophisticated malware like memory attacks
- Prevent unauthorized applications
- Dynamically update each system’s whitelist for new authorized applications and upgrades
Today, we announced the Cisco Security Agent (CSA) Transition Program ( Read More… )
In an important step to enforce new state laws around protecting the privacy of medical records, the California Department of Public Health (CDPH) has fined five California hospitals a total of $675,000 for failing to prevent unauthorized access to their confidential patient information.
With targeted malware attacks posing greater threats to health care institutions, the director of CDPH, Dr. Mark Horton, said ensuring the privacy of patient data is a critical component to the medical industry.
“Medical privacy is a fundamental right and a critical component of quality medical care in California. We are very concerned with violations of patient confidentiality and their potential harm to the residents of California.”
While Federal regulations such as HIPAA have prompted health care organizations to take measures to better protect digital patient records, stopping highly targeted cyber attacks continue to be one of the industry’s top challenges. ( Read More… )