Wednesday, 18 January 2017

AlienVault Appoints Marcus Bragg as CRO

AlienVault®, the leading provider of Unified Security Management™ (USM™) and crowdsourced threat intelligence, today announced the appointment of Marcus Bragg as the company’s chief revenue officer (CRO). In this newly created role, Bragg will lead AlienVault’s field operations and oversee all sales, customer support, customer experience and strategic partnership efforts.

“Over the past few years, we’ve built a world-class velocity sales organization that works hand-in-hand with our dedicated customer success and support teams,” said Barmak Meftah, AlienVault’s president and CEO. “As CRO, Marcus will oversee and further align the operations of these great teams and identify new opportunities and partnerships to augment our growth. His extensive experience and proven leadership in both sales growth and customer success will be a strong addition to the team, and we’re thrilled to have Marcus on board.”

Bragg brings nearly 20 years of industry experience to AlienVault. Prior to joining the company, he was senior vice president of worldwide sales and customer success at Zendesk. While there, he helped grow the company from $50 million to $300 million in revenue and through one of 2014’s most successful IPO’s with a market cap of more than $2 billion. Before Zendesk, Bragg was the group vice president of customer experience and CRM sales at Oracle, after the company’s acquisition of RightNow Technologies.

“AlienVault’s unique approach to unified security management combined with crowdsourcing threat intelligence from thousands of global security professionals has proven to be a winning proposition for thousands of enterprises. AlienVault’s award-winning product, unrivaled focus on the customer and experienced executive team have propelled the company’s growth,” said Bragg. “It’s an ideal time to join AlienVault, and I look forward to helping the company further accelerate its global growth and customer success.”

The post AlienVault Appoints Marcus Bragg as CRO appeared first on IT SECURITY GURU.

from AlienVault Appoints Marcus Bragg as CRO

Obama commutes Chelsea Manning’s sentence

Chelsea Manning will walk out of prison a free woman on May 17 after President Obama in the waning days of his presidency heeded the calls of activists and the public to commute the sentence of the former Army soldier turned whistleblower.

Original source: SC Media

View full story

The post Obama commutes Chelsea Manning’s sentence appeared first on IT SECURITY GURU.

from Obama commutes Chelsea Manning’s sentence

Hewlett Packard Enterprise Report Reveals Trials and Errors of Security Operations

Hewlett Packard Enterprise (HPE) today published its fourth annual State of Security Operations Report 2017, which provides deep analysis on the effectiveness of organizations’ security operations centers (SOCs), and best practices for mitigating risk in the evolving cybersecurity landscape. With increased pressure to rapidly innovate and align security initiatives with business goals, a SOC provides the foundation for how organizations protect their most sensitive assets, and detect and respond to threats. However, findings from this year’s report show that the majority of SOCs are falling below target maturity levels, leaving organizations vulnerable in the event of an attack.

Published by HPE Security Intelligence and Operations Consulting (SIOC), the report examines nearly 140 SOCs in more than 180 assessments around the globe. Each SOC is measured on the HPE Security Operations Maturity Model (SOMM) scale that evaluates the people, processes, technology and business capabilities that comprise a security operations center. A SOC that is well-defined, subjectively evaluated and flexible is recommended for the modern enterprise to effectively monitor existing and emerging threats; however, 82 percent of SOCs are failing to meet this criteria and falling below the optimal maturity level. 1 While this is a 3 percent improvement year-over-year, the majority of organizations are still struggling with a lack of skilled resources, as well as implementing and documenting the most effective processes.

“This year’s report showcases that while organizations are investing heavily in security capabilities, they often chase new processes and technologies, rather than looking at the bigger picture leaving them vulnerable to the sophistication and speed of today’s attackers,” said Matthew Shriner, Vice President, Security Professional Services, Hewlett Packard Enterprise. “Successful security operations centers are excelling by taking a balanced approach to cybersecurity that incorporates the right people, processes and technologies, as well as correctly leverages automation, analytics, real-time monitoring, and hybrid staffing models to develop a mature and repeatable cyber defense program.

Key Observations

  • SOC maturity decreases with hunt-only programs. The implementation of hunt teams to search for unknown threats has become a major trend in the security industry. While organizations that added hunt teams to their existing real-time monitoring capabilities increased their maturity levels, programs that focused solely on hunt teams had an adverse effect.1
  • Complete automation is an unrealistic goal. A shortage of security talent remains the number one concern for security operations, making automation a critical component for any successful SOC. However, advanced threats still require human investigation and risk assessments need human reasoning, making it imperative that organizations strike a balance between automation and staffing.1
  • Focus and goals are more important than size of organization. There is no link between the size of a business and maturity of its cyber defense center. Instead, organizations that use security as a competitive differentiator, for market leadership, or to create alignment with their industry are better predictors of mature SOCs.1
  • Hybrid solutions and staffing models provide increased capabilities. Organizations that keep risk management in-house, and scale with external resources, such as leveraging managed security services providers (MSSPs) for co-staffing or in-sourcing, can boost their maturity and address the skills gap.1

Implications & Recommendations

As organizations continue to build and advance SOC deployments alongside the evolving adversary landscape, a solid foundation based on the right combination of people, processes and technology is essential. To help organizations achieve this balance, HPE recommends:

  • Mastering the basics of risk identification, incident detection, and response, which are the foundation to any effective security operations program, before leveraging new methodologies such as hunt teams.
  • Automating tasks where possible, such as response automation, data collection, and correlation to help mitigate the skills gap, but also understanding the processes that require human interaction and staffing accordingly.
  • Periodic assessment of organizations’ risk management, security and compliance objectives to help define security strategy and resource allocation.
  • Organizations that need to augment their security capabilities, but are unable to add staff should consider adopting a hybrid staffing or operational solution strategy that leverages both internal resources and outsourcing to a MSSP.


The methodology for assessments is based on HPE’s Security Operations Maturity Model (SOMM), which focuses on multiple aspects of a successful and mature security intelligence and monitoring capability including people, process, technology, and business functions. The SOMM uses a five-point scale – a score of “0” is given for a complete lack of capability while a “5” is given for a capability that is consistent, repeatable, documented, measured, tracked, and continually improved upon. The ideal composite maturity score for a modern enterprise is “3”, while managed security service providers (MSSPs) should target a maturity level between “3” and “4”. The reliable detection of malicious activity and threats to the organization, and a systematic approach to manage those threats are the most important success criteria for a mature cyber defense capability.

The full methodology is detailed in the report.

The post Hewlett Packard Enterprise Report Reveals Trials and Errors of Security Operations appeared first on IT SECURITY GURU.

from Hewlett Packard Enterprise Report Reveals Trials and Errors of Security Operations

Security concerns holding back innovation, finds Claranet

Research has found that UK IT departments are some of the most likely in Europe to identify security and compliance as the biggest challenge they are currently facing and, as a result, they are also some of the most likely to host their applications internally. For Claranet, as security fears inhibit risk taking and, by extension innovation, organisations must work to alleviate their concerns if they wish to remain competitive in their market and innovate in a controlled way.

Vanson Bourne surveyed 900 end user IT leaders from mid-market businesses in the six markets in which Claranet operates (Germany, Benelux, France, Spain, Portugal, and the UK) and found that 57 per cent of UK organisations rank security and compliance as the biggest IT challenge, joint highest with security conscious Germany. This concern is reflected by the fact that 50 per cent of applications managed by UK businesses are hosted on internal infrastructure, which can be attributed to prevailing attitudes towards cloud security and data ownership. Additionally, authentication and security are the applications that are most likely to be hosted internally, with 63 per cent of UK organisations doing so, due to the fact that these are often associated with highly secure data.

For Ian Furness, Hosting Services Director at Claranet, it’s critical that British businesses address these security concerns and maintain the integrity of their data so they can facilitate innovation and respond to changing market pressures.

He explains: “Security concerns amongst UK organisations are justified as businesses come under increasing pressure to keep up with the constantly evolving threat landscape, especially as more data is analysed and stored online. However, these security concerns make organisations a lot more risk adverse, which ultimately stifles innovation. Considering that today’s businesses are becoming much more software driven and the gate to competitiveness comes down to adapting applications that respond to increasing market pressures, security concerns, if left unaddressed, present a major stumbling block to the prosperity of businesses in the UK.

“Organisations often equate security to having perceived control, which indicates why British businesses are more likely to host their applications internally. It’s understandable that organisations may want to take this approach for their applications, particularly those that are associated with high risk information. But just because your servers are under your roof, this doesn’t necessarily make them more secure. In fact, if managed and maintained correctly, alternative delivery models, such as public cloud, are suitable for even the most sensitive data and can bring massive transformational benefits to organisations.

“Though security is not likely to change as the number one IT priority any time soon, the specific threats, and the ways businesses manage and respond to them, most certainly will. Businesses will need to stay alert to changes to legislation and the nature of prevailing threats as more and more data is stored and analysed. IT services provider (ITSPs) have a critical role to play here. A well-staffed ITSP with years of security expertise is likely to be in a better position to maintain the integrity of data, compared to an under-resourced in-house IT team. By working with a trusted ITSP, businesses can benefit from transformational benefits and highly compliant security protocols in tandem,” concludes Furness.

The post Security concerns holding back innovation, finds Claranet appeared first on IT SECURITY GURU.

from Security concerns holding back innovation, finds Claranet

Hacker cracks Facebook with remote code execution bug

Facebook has paid US$40,000 to vulnerability hunter Andrew Leonov for disclosing how the hacker gained remote code execution on its servers through the widely-reported ImageMagick flaw.

Original source: The Register

View full story

The post Hacker cracks Facebook with remote code execution bug appeared first on IT SECURITY GURU.

from Hacker cracks Facebook with remote code execution bug

Gmail phishing: Latest cyber attack infects users by mimicking past emails

A sophisticated new phishing technique that composes convincing emails by analysing and mimicking past messages and attachments has been discovered by security experts.

Original source: The Independent

View full story

The post Gmail phishing: Latest cyber attack infects users by mimicking past emails appeared first on IT SECURITY GURU.

from Gmail phishing: Latest cyber attack infects users by mimicking past emails

Malware Uses Google Services as Command-and-Control Servers

Recent versions of the Carbanak malware are now abusing several Google services to host command-and-control (C&C) infrastructure, which they use to manage infections and exfiltrate stolen data.

Carbanak is the name of a financially-motivated cyber-criminal group that operates with the help of a custom-made malware family, also named Carbanak.

Original source: Bleeping Computer

View full story

The post Malware Uses Google Services as Command-and-Control Servers appeared first on IT SECURITY GURU.

from Malware Uses Google Services as Command-and-Control Servers