A breaking development in the EU is creating ripples that have the potential to create a global tsunami. A European Court of Justice opinion has implications that highlight the pending impact for any global organization processing EU personal information outside of the EU.
We’re chuffed to announce that our EnCase® Endpoint Security product was given a five-star rating in this month’s SC Magazine Endpoint Security group product review. Those of us working in security for a few years have known that “endpoint security” doesn’t equal antivirus anymore, and it’s taken a little while for that to be unanimously accepted. We believe this review validates the need for endpoint detection and response to aid perimeter, network and log tools – and is something of a turning point as well.
Data breaches continue to fuel major media bonfires, CEOs are resigning, and the FTC is gaining ground in becoming the data-protection enforcers on behalf of consumers and business customers. Now in the wake of the Ashley Madison, Neiman Marcus, and Home Depot cyber-attacks, critical court decisions are occurring that will may raise protection standards and increase corporate liability. The smoke signal arising from the judicial system last month was the Third Circuit’s ruling affirming the data security authority of the Federal Trade Commission (FTC) in Federal Trade Commission v. Wyndham Worldwide Corp.
It’s been almost a month since the OPM breach, and there’s been much speculation and leaks pointing to the details of the attack. Here is a recap of released information so far:
June 4, 2015 - OPM announces they’ve been breached.
June 8, 2015 - Guidance Software announces that EnCase® was used in OPM’s investigation. I am quoted by SC Magazine, hinting that the PlugX Remote Access Trojan (RAT) was utilized by OPM’s attackers.
This week, in response to the OPM breach, Chris Carpenter, the Security Director at the Office of the Secretary of Defense called for an emphasis on detection and response capabilities.
The reason, Carpenter noted, is that there is a clear window of opportunity within which to find attackers inside the network and cut off their access before they have a chance to exfiltrate data. This is backed up by the fact that the vast majority of breach disclosures note that the attackers had been inside for a period of time prior the data exfiltration.