The U.S. Department of Homeland Security takes the security of our power grid seriously and with good reason. A disruption to our power distribution systems could have devastating effects for our citizens, businesses and our economy. That is the driver behind the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) regulations; keeping our national power grids safe.
Yesterday came the latest report of how fragile our power infrastructure can be. Continue reading this post…
I am kicking off a monthly blog post that will wrap up some of the previous month’s top stories in endpoint security. This idea originally occurred to me when I thought about the life of an IT/security professional today. Teams that are not using application whitelisting need to respond to every single attack and vulnerability uniquely. This is the proverbial case of treating the symptoms instead of the disease. This monthly post will highlight many of the major “symptoms” that teams are struggling to deal with. Our take: deal with the disease.
Last month featured a number of interesting, if troubling stories, ranging from the largest credit card theft indictment in history, to using Twitter to control botnets. So without further ado, here are a selection of some of the top endpoint security stories for August 2009: Continue reading this post…
I came across this post from John Pescatore today on his Gartner blog titled, “Twelve Word Tuesday: I’d Start Over Again on Desktop Security”, and I couldn’t agree more. The evidence of the failure of blacklisting anti-virus can be found everywhere.
John, makes a reference to the Government’s Cash for Clunkers program and I think the analogy is an appropriate one. There are many desktop security companies that are heavily invested in the way things are today. Their recurring revenue model is based on subscriptions to a bloated blacklist. Their security solutions work on a find and clean model and not a preventative model. The likelihood that they will “start over” on security is slim to none and more likely they will keep trying to add a fresh coat of paint, change the tires and oil and patch things together with new additions. The problem is the engine is broken and won’t last much longer. Continue reading this post…
This week Michael Assante, the Chief Security Officer (CSO) for the North American Electric Reliability Corporation (NERC), testified before congress about the threats facing the modern electric grid. The focus of this testimony in particular was the readiness of the systems comprising the electric grid to defend themselves against cyber attacks. At the beginning of his testimony, Mr. Assante called out the unique aspect of the dangers posed by a cyber attack and why that was so concerning to him.
“Unlike other concerns, such as extreme weather, security-related threats can be driven by malicious actors who intentionally manipulate or disrupt normal operations as part of a premeditated design to cause damage. Cyber-related threats pose a special set of concerns in that they can arise virtually anytime, anywhere and change and emerge without warning.” Continue reading this post…
This is the fourth and final post in a series introducing CoreTrace’s view of the inevitable transition that desktop security must make to a protection focused, application whitelisting solution and how that will happen practically. We believe that the recognition that traditional blacklist antivirus can no longer protect PCs has arrived and that it is time for IT and security professionals to discuss how a transition to a protective system can take place.
Of course this will not happen overnight. There have been significant investments made in existing blacklist antivirus technology as well as the operational processes to support this technology. These processes exist not only to update and manage blacklisting, but also support the necessary ongoing updating of operating systems and applications that are vulnerable to new malware attacks. We believe that application whitelisting is the logical next evolution of desktop security and that there are three critical steps that will take place for an organization to adopt this technology. We have addressed the first two in previous posts:
- Step 1 Protect – Organizations desperately need to implement a system that can protect their systems against zero day attacks.
- Step 2 Purify – Once their systems are protected, there will be a purification process that eventually cleans all existing systems of any infections, unauthorized software, or malware.
The third step, change management, is addressed in this post and has been the single biggest obstacle to widespread adoption of application whitelisting. Continue reading this post…