A breaking development in the EU is
creating ripples that have the potential to create a global tsunami. A European
Court of Justice opinion has implications that highlight the pending impact for
any global organization processing EU personal information outside of the EU.
EU Data Protection: When Your Organization's Lifeblood becomes Poisonous
Celebrating Our 5-Star Rating from SC Magazine for EnCase Endpoint Security
We’re chuffed to announce that our EnCase® Endpoint Security product was given a five-star rating in this month’s SC Magazine Endpoint Security group product review. Those of us working in security for a few years have known that “endpoint security” doesn’t equal antivirus anymore, and it’s taken a little while for that to be unanimously accepted. We believe this review validates the need for endpoint detection and response to aid perimeter, network and log tools – and is something of a turning point as well.
Defending Your Security Program: The FTC, Breach Class Actions, and You
Data breaches continue to fuel major media bonfires, CEOs are resigning, and the FTC is gaining ground in becoming the data-protection enforcers on behalf of consumers and business customers. Now in the wake of the Ashley Madison, Neiman Marcus, and Home Depot cyber-attacks, critical court decisions are occurring that will may raise protection standards and increase corporate liability. The smoke signal arising from the judicial system last month was the Third Circuit’s ruling affirming the data security authority of the Federal Trade Commission (FTC) in Federal Trade Commission v. Wyndham Worldwide Corp.
What Hit OPM? What We Know So Far
It’s been almost a month since the OPM breach, and there’s been much speculation and leaks pointing to the details of the attack. Here is a recap of released information so far:
June 4, 2015
- OPM announces they’ve been breached.
June 8, 2015
- Guidance Software announces that EnCase® was used in OPM’s investigation. I am quoted
by SC Magazine, hinting that the PlugX Remote
Access Trojan (RAT) was utilized by
OPM’s attackers.
Office of the Secretary of Defense Calls for Emphasis on Detection and Response
This week, in response to the OPM breach, Chris Carpenter, the Security Director at the Office of the Secretary of Defense called for an emphasis on detection and response capabilities.
The reason, Carpenter noted, is that there is a clear window of opportunity within which to find attackers inside the network and cut off their access before they have a chance to exfiltrate data. This is backed up by the fact that the vast majority of breach disclosures note that the attackers had been inside for a period of time prior the data exfiltration.
- Posted by: Siemens
- No comments
- Categories: Anomalies , Baselines , Data Breach , EDR , Endpoint Detection and Response