Simplicity is a strategy that works.

Chase Cunningham

This last week I was fortunate enough to be invited out to Hollywood to participate in a large exercise for the entertainment industry focusing on cyber security planning and threat management.  There were folks in attendance from a variety of organizations, all of which were very interested in just how exposed they might be to data theft.  The resounding call from nearly every executive that I talked to during this event was that they were aware of how exposed they likely were, and that they were extremely worried about who would be next to have their movie or tv show leaked to the public. 

Read more

Automated Malware Analysis Technologies Central To Defense Strategies

Jeff Pollard

"The most important security alerts we see."

That’s how one customer described the importance of Automated Malware Analysis technologies in their security workflow. After months of demonstrations, reference calls, and analysis we are thrilled that The Forrester Wave™: Automated Malware Analysis, Q2 2016 is live! Many clients we talked to used multiple vendors to analyze malware in order to maximize analysis results.

The underlying mechanisms for automated malware analysis are fascinating for the technophile - combining content security, hypervisor-driven execution, behavioral analytics, and algorithmic API analysis. Incredibly sophisticated software engineering and statistical modeling adds another layer of intrigue. Mix those together with evasive adversaries attempting to bypass the technology and it's an intense discussion!

We used the importance of AMA solutions as the dominant element of detection and prevention in client environments to inform our assessment.

Here’s an overview of our approach:

  • Visibility is a cornerstone of detection and protection. In order to detect it, you must see it in the first place.
  • Flexible deployment models are key to dynamic production environments. If it is hardware or on-premise only, then it only fits in environments that match the form factor.
  • Scalability avoids creating a problem as the environment grows. Scalable infrastructure allows the business to orchestrate workloads based on need and priority, AMA solutions should offer the same capabilities to better align with technology needs.
Read more

Epsilon's Data Breach Raises Awareness Of Cyber Crime

Shar VanBoskirk

By now, you've all heard about Epsilon's April 1 data breach — an unauthorized party accessed a subset of Epsilon's email clients' data. My colleague Dave Frankland outlines the circumstances of the incident and its implications on Customer Intelligence and data security in his blog post immediately following the incident.

I attended Epsilon's Customer Symposium in Naples, Fla., last week, and I wanted to pipe in with some commentary based on what was addressed directly by Epsilon at the event.

Marketers: The way I would look at this is "if a data breach can happen to Epsilon — a firm which specializes in data and data management — it can definitely happen to me." We learned from Bryan Sartin, director of investigative services, Verizon Business Security Solutions, and Mick Walsh, supervisor, Miami Electronic Crime Task Force, US Secret Service, that electronic crime is a huge and growing business, due in part to the ease of access to consumer information online and the ease of access to the data black market through online search engines. Three-quarters of cases of electronic crimes executed through malware come from data disclosed through Facebook.

Note that most cyber crimes:

Read more