Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Dstl challenges potential cyber recruits with online game

960 640 Stuart O'Brien

The Defence Science and Technology Laboratory (Dstl) has launched an online game to recruit more than 60 staff to work in Cyber and Information Systems.

There are opportunities across a range of areas including in Data Science, Cyber & Electronics Warfare, as well as Space, Sensors & Security Systems.

Supporting the campaign is a new online game where users can play an interactive challenge via the campaign micro-website called Know the Unknown.

Dr Paul Kealey, Dstl’s Cyber and Information Systems (CIS) Division Head, said: “With defence and security operations becoming increasingly dependent on sensing and information, this recruitment drive represents our commitment to put the latest science and technology in the hands of users. What attracted me to Dstl was that every day here is different. Our talented people are having a genuine impact keeping British people and the UK Armed Forces protected from harm.”

Dstl says it’s looking for people with a flair for problem solving and a passion for new technologies seeking a career with a difference. Ideally candidates will have with design and development experience in one or more of the following areas:

  • Radar Electronic Surveillance
  • Radio frequency or communications systems
  • Navigation system development
  • Design of electronic systems
  • Digital signal processing
  • Space systems design
  • Computer science, software engineering or network engineering
  • Information technology or technical architecture
  • Systems engineering
  • Verification and validation
  • Data forensics
  • Data fusion
  • Penetration testing
  • Quantum science

Dstl is the science and technology arm of the Ministry of Defence.

For all the latest vacancies, visit the Civil Service Jobs website.

Add your name to this list of VIP cyber security professionals

960 640 Stuart O'Brien

Register today for the Security IT Summit and you’ll be joining a guest list of just 60 senior cyber security professionals.

It’s entirely free for you to attend – simply register here.

As our VIP guest, you’ll be provided with an itinerary of face-to-face meetings with suppliers who match your requirements.

You can also attend insightful seminars and network with peers who share your challenges.

You’ll be joining representatives from the likes of:

  • ABF Soldiers Charity
  • Ageas Insurance 
  • Arcadia Group
  • Artemis Fund Management
  • Associated British Foods 
  • Birketts LLP
  • Brett Group
  • Catalyst
  • Department of Work & Pensions
  • Derwentside College
  • Drivetech UK
  • EDF Energy
  • Elysium Healthcare
  • EPR Architects
  • Fabulous Fan Fayre
  • Federation of Royal Colleges of Physicians of the UK
  • Girls’ Day School Trust
  • Glenny LLP
  • Heathrow Airport 
  • Hesley Group
  • Hireright
  • Homebase
  • HS1 
  • HS2 
  • HSBC
  • International Alert
  • Marshall Motor Group
  • Natural History Museum
  • North London Forensic Service BEH NHS Trust
  • Pickering Interfaces 
  • Royal Mail Group 
  • RPS Group
  • Save the Children International
  • Sequel
  • St Andrew’s Healthcare 
  • TES Global
  • Tesco Mobile
  • Tesco Underwriting
  • TGI Fridays UK
  • The Salvation Army UK Territory
  • Tructyre ATS
  • Twentieth Century Fox Film Co 
  • United International Pictures
  • United Utilities
  • XP Power Plc

This one-day event takes place on July 2ndat the Hilton Canary Wharf, London.

Your ticket includes lunch and refreshments. But places are limited so register today.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

Do you provide Advanced Threat Dashboard solutions? We want to hear from you!

960 640 Stuart O'Brien

Each month on IT Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in May we’re focussing on Advanced Threat Dashboard solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re a Advanced Threat Dashboard solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Chris Cannon on c.cannon@forumevents.co.uk.

Here are the areas we’ll be covering, month by month:

May – Advanced Threat Dashboard
Jun – Browser/Web Security
Jul – Authentication
Aug – Penetration Testing
Sep – Vulnerability Management
Oct – Employee Security Awareness
Nov – Malware
Dec – Network Security Management

For information on any of the above topics, contact Chris Cannon on c.cannon@forumevents.co.uk.

Your personalised schedule at the Security IT Summit

960 640 Stuart O'Brien

The Security IT Summit is a highly-focused one-day event that will help underpin your cyber security strategy for 2019 and beyond.

It takes place on July 2nd at the Hilton Canary Wharf, London and is entirely FREE for you to attend. This will be your schedule:

8.00am: Registration
8.45am: Opening presentation
9.40am: Seminar sessions
10.30am: Pre-arranged 1-2-1 meetings with suppliers of your choice
1.30pm: Lunch & networking
2.20pm: Pre-arranged 1-2-1 meetings with suppliers of your choice
4.30-pm: Event closes

The Security IT Summit could be the best day you spend out of the office in 2019.

Register today and join cyber security professionals from Heathrow Airport, the Home Office, United International Pictures and more.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

READER OFFER: Benchmark yourself against the industry standard for vulnerability management

960 640 Stuart O'Brien

How do you currently manage vulnerabilities within your organisation?

Discover where you stand against your peers with our free self-assessment and get a relevant, actionable executive report!

Our assessment takes less than 4 minutes and the first 10 people to complete it will receive a £5 Amazon Voucher!

Click here for your free self-assessment.

Redscan criticises new Government cybersecurity stats

960 640 Stuart O'Brien

Redscan has disputed the findings of the Department for Digital, Culture, Media and Sport’s latest Cyber Security Breaches Survey.

The firm has argued that response bias and the sample of participants makes it impossible to fully trust the data.

The DCMS report found that the cost of breaches has gone up for the third year in a row and suggests that fewer breaches are taking place (due to businesses being more secure).

Redscan has taken issue with that conclusion, with CTO Mark Nicholls stating that while the Government’s latest cybersecurity survey figures provide some interesting insights, response bias of the participants means we should avoid drawing any firm conclusions.

He said: “The finding that many businesses can identify a data breach instantly, for instance, just doesn’t ring true. Interpreting the results is also clouded by the fact that half of organisations surveyed were micro businesses with fewer than 9 employees. 

“While the report suggests that cyber security is becoming a higher priority among businesses, evidenced by more senior management buy in, businesses still struggle to properly assess the risks as well as identify and respond to breaches. 

“Despite an increase in the cost of breaches, the figures are still surprisingly low– likely due to businesses self-reporting, as well as the fact that these numbers don’t consider hidden costs such as reputational damage. 

“Nowhere near enough businesses have undertaken cyber risk assessments and less than a third made changes because of the GDPR’s introduction. These are very worrying statistics, no matter how you look at them. 

“The proportion of businesses identifying breaches or attacks (32%) is now lower than in 2018. The report suggests that this may be due to businesses being more secure, but many simply aren’t aware they’ve been breached. Attackers are getting stealthier and staying on the network undetected for longer. 

“As to the statistic that two third of business businesses can identify a breach instantly, this is patently false. Real-world data from the ICO suggests it takes closer to 60 days on average.” 

GUEST BLOG: SME collaboration delivering effective Public Sector IT security

960 640 Stuart O'Brien

Written by Bernard Parsons, CEO, Becrypt

When Becrypt began developing security technology for government more than a decade ago, relationships with Systems Integrators were the only viable route to understanding and accessing customer requirements.

Our experiences today are of a vastly more diverse supply chain, with some major government programmes consuming our services as part of a collaborative ecosystem of cyber security SMEs.

The public sector is under intense pressure to transform its services by delivering better, more reliable experiences, more efficiently for UK citizens. Technology is at the heart of that ambition.

User expectations increase exponentially as consumer tech evolves, added to which the opportunities emerging from private sector innovation in everything from Artificial Intelligence (AI) to big data analytics are so significant that the public sector has an obligation to establish how they can be deployed for public benefit.

Nevertheless, unlocking the advantages of flexible, mobile, data-driven services requires effective cyber security. Public sector data is incalculably valuable; from citizens’ personal identifiable information to highly classified government records, the risk of compromise by accident or malicious intent must be appropriately managed.

Within one major government programme, we are actively collaborating with ten innovative SMEs working directly with government to deliver cloud-based services and mobile platforms that have functional and performance characteristics more typical of our faster-paced private sector customers than government systems of old, whilst achieving the ‘high assurance’ requirements of sensitive government networks.

This new way of working has been driven in part by a convergence of public and private sector requirements, both in terms of technology expectations and cyber threat. To help drive the required innovation, government departments now engage directly with SME’s through agile sprint processes, supported by lighter-weight contracting vehicles, leveraging the agility of SMEs and their desire to align innovation with emerging customer requirements.

Whilst agile SME suppliers have flexibility to tailor solutions closely to public sector customer requirements, government’s relatively recent desire to avoid bespoke systems, combined with market convergence, allows the same R&D costs to meet the needs of broader markets.

For example, Becrypt has worked with the National Cyber Security Centre and other government departments to develop a ‘Cloud Client’ End User Device platform for accessing cloud and online services, leveraging open source components to develop a security-focused operating system. As a ‘born-in-government’ product, we have then been able to deploy the same technology across other security conscious organisations, such as those within the Critical National Infrastructure.

The wider marketing of products built for, or at least influenced by government is helped in part by the thorough technical due diligence or product assurance that government typically undertakes. Such activities are very resource intensive but can nevertheless be a very effective mechanism for an SME needing to establish its first market for a new product. Using product assurance or system accreditation as a meaningful differentiator, is more viable for an SME than the alternative of competing with the vast marketing budgets of multinationals, allowing a beachhead to be created within government, before ‘crossing the chasm’ to adjacent markets where requirements now overlap.

There will of course always be an important place for System Integrators as part of the cyber security supply ecosystem for government, and indeed many are evolving internal structures to promote greater agility, innovation and collaboration through mechanisms such as ‘Intrapreneurship’.

But in our experience, collaboration between cyber SMEs over recent years, combined with new public sector engagement models, has had a transformative effect on a number of key government IT programmes.

Document-based malware increase ‘alarming’

960 640 Stuart O'Brien

Researchers have uncovered what they’re calling an ‘alarming’ rise in the use of document-based malware.

A recent email analysis conducted by Barracuda Networks revealed that 48% of all malicious files detected in the last 12 months were some kind of document. 

More than 300,000 unique malicious documents were identified.

Since the beginning of 2019, however, these types of document-based attacks have been increasing in frequency – dramatically. In the first quarter of the year, 59% of all malicious files detected were documents, compared to 41% the prior year.

The team at Barracuda has taken a closer look at document-based malware attacks and solutions to help detect and block them.

Cybercriminals use email to deliver a document containing malicious software, also known as malware. Typically, either the malware is hidden directly in the document itself or an embedded script downloads it from an external website. Common types of malware include viruses, trojans, spyware, worms and ransomware.  

The Modern Framework for Malware Attacks

After decades of relying on signature-based methods, which could only be effective at stopping a malware strain once a signature was derived from it, Barracuda says security companies now think about malware detection by asking “What makes something malicious?” rather than “How do I detect things I know are malicious?”.

The focus is on attempting to detect indicators that a file might do harm before it is labeled as being harmful.

A common model used to better understand attacks is the Cyber Kill Chain, a seven-phase model of the steps most attackers take to breach a system:

·       Reconnaissance –target selection and research

·       Weaponisation –crafting the attack on the target, often using malware and/or exploits

·       Delivery –launching the attack

·       Exploitation –using exploits delivered in the attack package

·       Installation –creating persistence within the target’s system

·       Command and control –using the persistence from outside the network

·       Actions on objective –achieving the objective that was the purpose of the attack, often exfiltration of data

Barracuda says most malware is sent as spam to widely-circulated email lists, that are sold, traded, aggregated and revised as they move through the dark web. Combo lists like those used in the ongoing sextortion scams are a good example of this sort of list aggregation and usage in action.

Now that the attacker has a list of potential victims, the malware campaign (the delivery phase of the kill chain) can commence, using social engineering to get users to open an attached malicious document. Microsoft and Adobe file types are the most commonly used in document-based malware attacks, including Word, Excel, PowerPoint, Acrobat and pdf files.

Once the document is opened, either the malware is automatically installed or a heavily obfuscated macro/script is used to download and install it from an external source. Occasionally, a link or other clickable item is used, but that approach is much more common in phishing attacks than malware attacks. The executable being downloaded and run when the malicious document is opened represents an installation phase in the kill chain.

Archive files and script files are the other two most common attachment-based distribution methods for malware. Attackers often play tricks with file extensions to try to confuse users and get them to open malicious documents. 

Barracuda says modern malware attacks are complex and layered; the solutions designed to detect and block them are, too.

Detecting and Blocking Malware Attacks

Blacklists  —With IP space becoming increasingly limited, spammers are increasingly using their own infrastructure. Often, the same IPs are used long enough for software to detect and blacklist them. Even with hacked sites and botnets, it’s possible to temporarily block attacks by IP once a large enough volume of spam has been detected. 

Spam Filters / Phishing-Detection Systems —While many malicious emails appear convincing, spam filters, phishing-detection systems and related security software can pick up subtle clues and help block potentially-threatening messages and attachments from reaching email inboxes.

Malware Detection — For emails with malicious documents attached, both static and dynamic analysis can pick up on indicators that the document is trying to download and run an executable, which no document should ever be doing. The URL for the executable can often be flagged using heuristics or threat intelligence systems. Obfuscation detected by static analysis can also indicate whether a document may be suspicious.

Advanced Firewall — If a user opens a malicious attachment or clicks a link to a drive-by download, an advanced network firewall capable of malware analysis provides a chance to stop the attack by flagging the executable as it tries to pass through.

Majority of British businesses fear disruption to business critical apps

960 640 Stuart O'Brien

Nearly 50 per cent of UK organisations do not prioritise the protection of the applications that their business depend on – such as ERP and CRM systems – any differently than how low-value data, applications or services are secured. 

That’s according to an independent survey was conducted among 1,450 business and IT decision makers, primarily from Western European economies, by CyberArk.

It indicated that the respondents felt that even the slightest downtime affecting business critical applications would be massively disruptive, with 64 per cent of UK respondents agreeing that the impact would be severe.

Despite the fact that half of organisations have experienced data loss, integrity issues or service disruptions affecting business critical applications in the previous two years, the survey found that a large majority (68 per cent) of UK respondents are confident that their organisation can effectively stop all data security attacks or breaches at the perimeter.

This brings to light a what CyberArk says is a ‘remarkable’ disconnect between where security strategy is focused and the business value of what is most important to the organisation. An attacker targeting administrative privileges for these applications could cause significant disruption and could even halt business operations.

The survey also found that 70 per cent of organisations indicated they have moved (or will move within two years) business critical applications to the cloud. A risk-prioritised approach to protecting these assets is necessary in this model as well if this transition is to be managed successfully.

“From banking systems and R&D to customer service and supply chain, all businesses in all verticals run on critical applications. Accessing and disrupting these applications is a primary target for attackers due to their day-to-day operational importance and the wealth of information that resides in them – whether they are on-premises or in the cloud,” said David Higgins, EMEA technical director at CyberArk. “CISOs must take a prioritised, risk-based approach that applies the most rigorous protection to these applications, securing in particular privileged access to them and assuring that, regardless of what attacks penetrate the perimeter, they continue to run uncompromised.”

Automation reduces the risk of phishing attacks

960 640 Stuart O'Brien

It’s hard to overestimate how fundamental email has become to initiating cyberattacks. While there are numerous ways for attackers to target organisations, email is nearly always the common denominator.

Email phishing attack detection, analysis and rapid response is one of the biggest challenges email admins and security teams face today.

Did you know?

  • Phishing represents 98% of social incidents and 93% of breaches.
  • Email continues to be the most common vector for cyber attacks (96%).

Download our latest Whitepaper in Partnership with Ironscales: Office 365 is not built to defend against modern real world email threats

Learn why organisations that rely on cloud email services must budget for advanced phishing prevention, detection and response.

https://discover.everycloud.co.uk/automation-reduces-the-risk-of-phishing-attacks

For more information, contact:

Paul Richards, Director, EveryCloud

Mob: +44 7450 100 500 | DDI: 0203 904 3182 | Tel: 0800 470 1820

Email: paul.richards@everycloud.co.uk