The Hollow Sounds of Sabre Rattling in the Cyber World


The big news in the security segment this week is the newly-formed agreement that President Barack Obama has struck with Chinese President Xi Jinping. With a backdrop of U.S. threats to launch counter-attacks, the two leaders agreed to refrain from state-sponsored cyberattacks against each other that attempt to steal trade secrets or competitive business information. Sounds pretty good on the surface, but as it is with any complex agreement, you have to evaluate the implications of the deal before rendering judgement. In the following I’ll share my thoughts.

Closing the Barn Door too Late

In the U.S., we have a popular idiom that goes something like this, why close the barn door after the horse has bolted. I’m not sure how that would translate into Chinese, but here’s how it translates into lost dollars. A 2013 report published by The Commission for the Theft of American Intellectual Property estimated that annual losses from IP theft over the internet totaled in excess of $300 Billion annually, which is roughly the total amount we exported to Asia in 2012. The report also estimates that China is responsible for roughly 70% of these losses. We are talking about trillions of dollars already lost. It makes one wonder how much is left to steal and, more importantly, where is the discussion about making us whole for these losses?

Who is Attacking?

James Clapper, Director of National Intelligence, stated that he is not optimistic that the agreement with China will effectively deter state-sponsored cyberattacks on businesses. One can envision where it will be quite easy for China to continue to target U.S. businesses at arm’s length by having future attacks appear not to be state-sponsored. On top of this, you have the grim reality that for most cyberattacks, we simply do not know where they originated or who is responsible.

Economic Sanctions as a Weapon

The stated deterrent is economic sanctions, which the U.S. has used effectively in the past, but success with this approach has relied on forming a coalition among a larger group of countries. When a single country imposes economic sanctions unilaterally, it becomes a more difficult task as the trading partner intended for punishment can many times find alternative outlets and sources for the impacted goods. Current weaknesses in the Chinese economy will also contribute to significant reluctance for the U.S. to impose damaging sanctions that could trigger a broader global economic decline.

Increasing Protection

U.S. businesses may understandably not feel any safer after the agreement than they did before. The basic tenet in the field of security is to invest in protection in relation to the value of the assets being protected. The U.S. is under-investing in security as evidenced by the continuing breaches and losses suffered. Stopping foreign hackers starts with basic security measures such as two-factor authentication and data encryption. At the same time, U.S.-based enterprises should expect more protection from their government, but it will need to be a partnership where businesses increase their investment in security and the government initiates more effective means of deterring attacks on American targets such as implementing more menacing counter-attacks and preemptive strikes on would-be foreign hackers.

Managing Shadow IT

By Rachel Holdgrafer, Business Content Editor, Code42

Code42_Shadow_IT“Shadow IT,” or solutions not specified or deployed by the IT department, now account for 35 percent of enterprise applications. Research shows an increase in IT shadow spend with numbers projected to grow another 20 percent by the end of 2015.

Experts agree that shadow IT is here to stay, particularly the growing tendency to use cloud services for collaboration, storage and customer relationship management.

Enterprise organizations can’t afford to bypass the productivity and profitability that comes with a happy and enabled mobile workforce. However, the utilization of SaaS that IT has not vetted and approved may expose regulated or protected personal data, which a business is responsible for remediating.

California leads the way in the privacy arena with the Security Breach Notification Law and Online Privacy Protection Act. The Federal Trade Commission is the primary U.S. enforcer of national privacy laws, with other national and state agencies authorized to enforce additional privacy laws in vertical industries such as banking and health care.

Sanctions and remedies for non-compliance with FTC data protection laws include penalties of up to US $16,000 for each offense. The FTC can also obtain an injunction, restitution to consumers, and repayment of investigation and prosecution costs. Criminal penalties include imprisonment for up to ten years. In 2006, a data broker agreed to pay US $15 million to settle charges filed by the FTC for failing to adequately protect the data of millions of consumers. Settlements with government agencies can also include onerous reporting requirements, audits and monitoring by third-parties. A major retailer that settled charges of failing to adequately protect customer’s credit card numbers agreed to allow comprehensive audits of its data security system for 20 years.

So, what is the answer? How do you start to get a handle on shadow IT?

Ask employees which cloud services they are using. You might also need to utilize a combination of automated and manual discovery tools to get a complete picture of what programs employees are using and what data is hosted and shared in provider clouds. These “cloud consumption” dashboards can monitor and assess cloud usage and detect encryption tools at each host.

Protect your data.
Implement automatic backup of all endpoint data in the enterprise to capture a real-time view of where employee data lives, when and where it moves and who has touched it—even as it moves to and from non-approved clouds.

Act fast when the inevitable happens.
The reality is a breach may be inevitable, but you can recover. With continuous and automatic endpoint backup, IT can quickly evaluate the content of files believed to have been breached and act in good faith to lessen the impact. Additionally, understanding what was stolen allows a company to make an accurate disclosure and manage consumer confidence issues.

For CIOs and IT staff accustomed to maintaining complete control over their digital ecosystems, relinquishing even a bit of this control can be terrifying—even in the name of productivity. And yet, with a security strategy that focuses on complete data visibility, they can empower mobile workers while minimizing the risks associated with the dark side of shadow IT.


Take Advantage Of Network Security – An Ounce Of Prevention Is Worth A Pound Of Cure

In the minutes, hours and days that follow a widespread, widely publicized data breach, most companies scramble, amping up their security measures in an effort to overcompensate for their lack of proactive preparation. A Forrester Research study revealed that more than 45 percent of businesses opt to increase security and audit requirements after an attack occurs. But as our grandmothers always say, an ounce of prevention is worth a pound of cure. Basically, Grandma was trying to say that a proactive approach to security—versus a reactive one—helps to ensure that your business is protected without having to learn the hard way.

While a lax data security plan may be the most detrimental of business strategies, a close second is taking a “one and done” approach. In reality, true data and network protection requires constant effort —it’s not a checklist to be completed, filed away and forgotten. System security, as a whole, is a moving target with new threats and vulnerabilities popping every day and from all angles. Which means one security solution may become outdated just as quickly as it was implemented. Without dedicated resources and the training required to implement and monitor advanced security solutions, organizations are basically sitting ducks, putting their corporate assets at greater risk.

Network Security

So where do you start? System protection begins with a thorough risk vulnerability assessment—and trust me, there are plenty of vulnerabilities to look for. For example, consider the impact of Bring-Your-Own Device (BYOD), with its myriad of points at which employees may unknowingly compromise corporate network security. Or take into account the rising threat and increased variety of Distributed Denial of Service (DDoS) attacks. From organized crime rings to hacktivists to foreign government hacking attempts, the complexities and motives are changing by the day.

By identifying the most vulnerable points within your current system and workflow, you can then start to draft a strategy and analyze potential solutions. Creating a customized security plan, one that’s tailored to addressing those vulnerabilities head-on, is foundational to a solid strategy. Your plan may include simple items, such as creating and implementing a formal BYOD policy. Or you may need more comprehensive protection, enhancing your network and cloud security through a Managed Service Provider (MSP) or bringing in a variety of tactical solutions, such as firewalls, antivirus, OS hardening, intrusion detection and web filtering as applicable. A complete security solution should protect your data and applications from all angles — network, cloud and employee communication—to mitigate any threat to your data.

Part of a successful security plan, however, is allocating enough staff and resources to support that plan. The best-protected systems are those that are constantly managed by a dedicated IT team. If, in your risk assessment efforts, you find that you’re lacking resources to provide ongoing support and monitoring, a Managed Network Security Solution may be the answer.

Our Managed Network Security Solutions provide not only security, but also the team that can support your security mission. We offer 24 x 7 x 365 management and monitoring, going beyond protecting PC desktops with custom, comprehensive real-time protection against attacks, defending and protecting your entire office-computing environment against the latest generation of Internet threats.

Take the first step toward achieving system security and contact a Prime representative today. Remember that ounce of protection? When we’re talking about data security, it’s worth WAY more than a pound of cure.

In Cloud We Trust – Cloud Security

Network Security 4

We’ve all heard it before: “If you move to the cloud, all of your data will be at risk!”

Countless studies have shown that cloud security is the major factor standing in the way of cloud adoption. While in some cases companies are right to be wary, like most things, not all cloud providers are created equal. In fact, the security a company experiences with the cloud solely depends on the provider chosen. It’s wrong to lump all cloud providers together and assume a general opinion on cloud security, whether that opinion is good or bad. Just as some companies currently have better in-house security than others, some cloud providers view security as a larger priority than others. And the word security is all-encompassing, referring to physical and network security, as well as compliance.

Physical Security

A great cloud provider will have multiple physical security measures in place. Look for providers that can offer the following: full credential-limited access to data centers, key card protocols, biometric scanning systems, exterior security systems, on-premises security guards, digital surveillance and recording, secured cages, around-the-clock interior and exterior surveillance monitor access, and employees that have undergone multiple, thorough background security checks. This isn’t asking too much. These are the things that will protect your information. The best facilities will also include environmental controls such as redundant HVAC systems, circulated and filtered air, and fire suppression systems.

Network Security

A reliable cloud provider should be able to guarantee geographical diversity of data center locations as well as full redundancy. With these steps in place, companies can ensure that in the event of a disaster, their business-critical data and applications will be safe and accessible, even if one of the data centers is affected. Look for in-flight and at-rest encryption, strong firewalls, password protection and around-the-clock monitoring. Make your provider prove itself, and ensure that it can demonstrate strict and accurate Service Level Agreements.


Today, more and more industries have regulations and standards to meet. “Compliance” is an extremely important word for businesses in all industries, as it refers to the laws that are in place for security and privacy purposes. Your cloud provider should meet, if not exceed, large compliance laws such as HIPAA, PCI DSS, and Sarbanes-Oxley. Whether or not your company needs to meet these regulations, you want a cloud provider that understands and follows the top compliance laws because this demonstrates that they are knowledgeable and trustworthy.

The reality of today is this: cloud computing is a growing, important technology that is being adopted by the majority of businesses. In order to remain relevant and modern, cloud is the way to go. By no means should you risk your company’s security to do so, but you should work to find a provider that is trustworthy and can offer excellent physical and network security for your data. You have to remember that cloud providers are businesses too – they put loads of money into ensuring that their customers information is secure. For the most part, they aren’t willing to risk their reputation and customers for lesser security. As long as you take the appropriate steps to ensure you’re working with a legitimate, secure provider, the cloud is ‘absolutely a viable and intelligent option for your organization. And when you make the move, you’ll experience better security than you ever had in-house.

Business IT: It’s all in the Fundamentals

Here are some basics in Business IT Security. It is almost like football :

  1. Block and Tackle- your safety depends on it.
  2. Have an Executable Plan and Stick to it.
  3. Don’t get Juked

Like they say, “Everything else is commentary, go learn it!”.

Security: Blocking and Tackling

While there’s no such thing as an IT environment that is 100 percent secure, taking fundamental steps to assess and  harden IT systems is the basic “blocking and tackling” of IT security that removes the root cause of the vast majority of breaches. These steps include:

» Assess and inventory configurations on all servers and devices, and compare the results to some under-stood, recognized security standard (like CIS, NIST, or ISO 27001)

» Gain immediate, real-time insight into any changes to the files, configurations items and states that define this security standard

Blocking and tackling for security professionals means going back to basics and eliminating the “easy ins” preyed on by attackers, like open ports and unused services, the use of default or easily guessed administrator passwords, or improperly configured firewalls.

Blocking and tackling for IT security teams also means keeping continuous watch on these systems, to detect the clues that indicate attacks in progress, like security controls disabled by anti-forensic activities, oddly elevated permissions or unexpected changes to critical files.

Security configuration management solutions are built to make these issues visible to IT security professionals, and to give them the information and tools they need to manage them in the most automated way possible.