Author: A.N. Ananth

For those of us in the IT Security profession, Friday May 12 was Black Friday. Networks in healthcare and critical infrastructure across at least 99 countries have been infected by the WannaCry ransomware worm, aka WanaCrypt, WannaCrypt or Wcry. The bulk of infections were reported in Russia, Taiwan and Spain. Real-time MalwareTech’s WCrypt botnet tracker maps First observed targeting UK hospitals and Spanish banks, big companies like Telefónica, Vodafone and FedEx had some of their systems infected with the threat that also hit rail stations and universities. The Spanish CERT issued an alert warning the organizations and confirming that the malware was…

Financial institutions have until Oct. 2017 to comply with many of the New York State Department of Financial Services (DFS) Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500). Affected companies must issue a certificate of compliance by Feb. 15, 2018 for certain parts of the regulation. The law, which took effect on March 1, 2017, is in response to the increasing cybersecurity threats posed to customer information and financial IT systems. What does this mean for you? If you are a financial services organization licensed and/or regulated by the New York State DFS, you are now required to assess…

When faced with daily reports of security breaches in global entities like SWIFT and Fortune 500 companies, and small enterprises being held hostage with ransomware, it’s understandable that finding and buying the ‘Next Big Thing’ in security is paramount on your IT security wishlist. However, before investing resources and funds in the next silver bullet to combat hackers, consider which ones get you the most bang for your buck. Take global threat intelligence, for example. It’s all the rage, and there are certainly good reasons for the hype. It’s an excellent resource to identify known bad actors and attack vectors;…

Information Security Buzz Expert Panel Question – May  Gartner forecasts that the total security outsourcing market will grow from $14.1 billion in 2014 to $24.5 billion in 2019 at a compound annual growth rate (CAGR) of 14.8% — making it the highest-growing security services market. What are the challenges and benefits of outsourcing your security functions?   In simpler times, say, in 2009 or 2010, security technology approaches were clearly defined and primarily based on prevention with solutions like firewalls, antivirus, web and email gateways. There were relatively fewer available technology segments and a relatively clear distinction between buying security technologies…

Retailers have had an Annus Horribilis to quote Queen Elizabeth II. Target, Home Depot, Michael’s, Dairy Queen, Sony – the list is endless. What is going wrong? Mark Kedgley notes that the truth is that there is never going to be a 100 percent guarantee of security: and with today’s carefully focused zero day attacks, the continued reliance on prevention rather than cure is obviously not working. Organizations are blithely continuing day-to-day operations while an attack is in progress because they are simply not spotting the breaches as they occur. If an organization wants to maintain security and minimize the…