As security threats progressively turn sophisticated and complex, cloud security and compliance continue to be the biggest pain points. An integrated approach and understanding security responsibility are key to building a robust cloud security strategy.

Minu Sirsalewala, Editorial Consultant, CISO MAG, interacted with Sanjay Manohar, Managing Director, McAfee Enterprise India, to discuss how securing the cloud in 2021 is becoming a business imperative for business continuity. Manohar also addressed the ambiguity around the shared responsibility model for cloud security, the DevSecOps approach, and the security and compliance requirements.

Manohar, as the Managing Director of McAfee Enterprise India, is responsible for driving accelerated adoption of McAfee’s cloud products, enhancing enterprise-centric product revenues, and improving customer satisfaction across the region.

With a career spanning over 26 years, Manohar’s expertise encompasses sales management and marketing domains across South-East Asia, China, and Asia-Pacific markets. He has in the past held leadership roles at technology giants such as Akamai, Oracle, and Dell at a time when cloud solutions had just begun reshaping the global IT industry. Manohar is a performance-oriented team leader and is committed to building and managing high-caliber teams, functioning in complex environments.

His core strengths include go-to-market strategy and execution, supplemented by his expertise in the areas of SaaS, enterprise software, and networking.

Manohar holds an MBA from the Bharathidasan Institute of Management, a Bachelor of Science degree from Bangalore University, and is an alumnus of the Rashtriya Military School.

Edited excerpts of the interview follow:

As more on-premise applications are moving to cloud, is cloud-native security enough to secure enterprises leveraging complex, hybrid, and multi-cloud environments?  How can cloud-native be made more secure?

There has been an increase in the adoption of cloud, driven by the pandemic, and enterprise cloud usage has increased massively. A large percentage of valuable corporate data is today on cloud. However, there has also been a substantial increase in cloud threats – according to recent McAfee Enterprise research, there were close to 366,000 incidents in India in Q4 2020, with 3.1 million attacks on cloud accounts worldwide!

To ensure effective cloud-native security, a top-down approach to IT security could be beneficial. As cloud-native applications gain prominence, companies have realized that merging the related security responsibilities with their central security teams is the way to go. This evolution is driving a shift from a project-team-led bottoms-up approach to a top-down approach for greater consistency across projects and environments. Apart from that, the automation of security practices via integration with DevOps could ensure that more cloud-native applications will be protected. The deployment of an integrated platform to protect cloud-native applications and infrastructure would make it more secure. Lastly, there is a considerable security maturity gap between cloud-native and non-cloud-native applications. As organizations gradually move to remote working and adopt IaaS and PaaS systems, an increase in investments — in both cloud-native security tools and employee training will go a long way in bolstering security and ensuring that cloud-native becomes safer to use.

Cloud misconfiguration exploits are the Achilles heel for cloud security. Public and open cloud storage buckets are unmonitored, add to it PET technologies (encryption, authentication) that are difficult to automate with unique protocols that each application requires. What cloud security solution is most effective?

By now, most organizations have realized that to ensure data security as they move to cloud, applications may have to be redesigned to become “cloud-native”. However, since cloud-native are continuously developed and deployed, and modern enterprises lack a way to measure cumulative risk, they are vulnerable to security breaches. Starting, March 2020, there has been a massive expansion in outsider assaults on cloud frameworks. The sort of assaults that agitators are following are recognizing the area of sensitive information, discovering how to take advantage of and taking advantage of weaknesses in programming to exfiltrate data.

What is the importance of security and compliance requirements such as data residency and administration access for adopting secured cloud technologies? Is it a driving force for the cloud security market?

Data residency and administration access are vital parts of cloud security for McAfee Enterprise. Depending on the industry an organization is in, it might have to comply with different regulatory frameworks. GDPR, PCI DSS, HIPAA, and HITECH are just a few compliance requirements that they must adhere to. While the ability to demonstrate compliance by meeting specific standards for business continuity and cybersecurity has become a necessity, it has also become a competitive advantage. Continuous compliance enables businesses to identify the risks and make sure they are never caught oblivious, while also being in position to detect, react, and recover from a disruption. Not just that, compliance also helps an organization keep away from the precarious monetary and reputational cost of resistance.

Read the full interview in the December issue of CISO MAG.

About the Interviewer

Minu Sirsalewala is an Editorial Consultant at CISO MAG. She writes news features and interviews.

More from Minu.

The post Continuous Development of Cloud-Native Apps Makes Organizations Vulnerable appeared first on CISO MAG | Cyber Security Magazine.

McAfee’s Advanced Threat Research team released new findings into the strategic operations behind this ransomware campaign. In an email interview with Mihir Bagwe of CISO MAG, John Fokker, Head of Cyber Investigations and Principal Engineer, McAfee reveals hitherto unknown findings into how Babuk ransomware spreads, its unique vectors/techniques, and its methods to evade detection.

Prior to joining McAfee, Fokker worked at the National High Tech Crime Unit (NHTCU), the Dutch national police unit dedicated to investigating advanced forms of cybercrime. Within NHTCU he led the data science group, which focused on threat intelligence research. Through his career he has supervised numerous large-scale cybercrime investigations and takedowns. Fokker is also one of the cofounders of the NoMoreRansom Project. He started his career with the Netherlands Police Agency as a digital forensics investigator within a task force against organized crime. Before joining the national police, he served in the special operations and counterterrorism group of the Royal Netherlands Marine Corps.

Formerly a member of Royal Netherlands Marine Corps, Fokker has spent most of his career on the Special Operations team and was deployed to both Afghanistan and Somalia. During this time, he learnt valuable skills like problem solving and how to think outside-of-the-box which have proved critical in his current role, leading investigations against cyber criminals around the world.

Edited excerpts of the email interview follow:

What were the key findings of your research? 

Babuk is the first new Ransomware family of 2021. In spite of being new, they are agile in their development and have high ambitions. Also, it was the first ransomware family that expressed themselves negatively against the BlackLivesMatter (BLM) and LGBT communities.

On doing a deep dive into previous attacks we discovered that this ransomware embeds three different built-in commands to spread itself and encrypt network resources. It checks the services and processes running so it can kill a predefined list and avoid detection.

McAfee’s analysis provides evidence that the adversaries behind Babuk targeted organizations in the transportation, health care, plastics and electronics manufacturing, and agriculture sectors.

With no local language checks embedded in the malware, their code contrasts other ransomware gangs that normally spare devices in specific countries.

Babuk ransomware is known to use new techniques like multi-threading encryption and abuses Windows Restart Manager. Can you shed more light on these techniques as to how they work and what’s different in them than others?

Multi-threading encryption is often applied by threat actors to maximize the speed of encryption. However, the downside of multi-threading is that it is very CPU and process heavy so it can trigger alerts before the encryption is complete.

We believe changing the “SetProcessShutdownParameters” to 0 is done to confront the user with the Ransomware and force the user to perform a reboot of the machine thus erasing any traces that are left in memory.

Has your research team found any more unique vectors/techniques of Babuk ransomware?

Babuk ransomware binary did not include a local language check option, something that is really common amongst other Ransomware Families.

Files are enumerated in the typical way for ransomware, but Babuk has a curious check that other ransomwares do not have — it encrypts a maximum of 16 folders deep, meaning that if one folder has 17 or more subfolders, the 17th and onward are ignored. This is probably to speed up the encryption process.

Babuk was one of the first ransomware families in 2021 that announced working on a version that could also encrypt Unix/Linux based systems (ESXI and NAS).

What stands out as well with Babuk is the racial and anti-LGBTQ statements in its advertisements.

How does Babuk hide itself and avoid detection?

Babuk itself has relatively simple code structures, for instance the samples we examined were unobfuscated. Given the recruitment specifics for the affiliates we found online, we believe that Babuk is deployed at a stage that the attackers have already gained full control of a victims’ network and have shut down the victims’ security defenses, thus making it less important to build in defense evasion in the code base of the binary.

Do you see a trend emerging where the next generation of Ransomware (and Ransomware gangs) could use some of the same techniques at Babuk ransomware?

This is already happening. Babuk uses very similar techniques as the other big-game ransomware families. The affiliates that perform the actual penetration and exploitation have become very skilled groups that are proficient in compromising a complete network.

Are there any signs of code reuse in Babuk ransomware as we generally see in other ransomware source codes?

We examined that the code similarity between Babuk and other ransomware families that we are tracking; we discovered an 86% overlap with other families including Vasa Locker, even the ransom note showed a high degree of overlap. This relationship can indicate that the group behind Babuk have created their ransomware based on Vasa Locker.

The threat group behind it seems to be targeting multiple sectors. Recent ransomware attacks paint an opposite picture though. They are industry specific and have a clear motivation behind them. What could be Babuk operators’ aim in this case? Are they newbies trying to establish themselves or just targeting larger audiences for better returns?

Babuk, like many other ransomware families, is flexible in its targeting. We don’t believe that the major families are strictly industry specific. This perception mostly lies in the fact that the sectors that are susceptible to being extorted by disclosing stolen data are the attacks that hit the headline news. However, there are far more attacks happening and that shows ransomware gangs largely operate like bull-sharks, attacking anything that moves, or in this case, any organization that is vulnerable and has money.

Are the operators of the Babuk ransomware only going after larger corporations or should smaller organizations also be wary of it?

As McAfee, we would advise every organization to take the threat of ransomware very seriously, even smaller organizations might have a significant revenue and security isn’t always at their top of priority. During our daily research we see many organizations fall victim in situations that could have been avoided with the right pro-active security measures. For instance, using a security solution such as McAfee MVISION Insights, that allows an organization to become action-oriented, and pro-active against cyber threats.

About the Interviewer

Mihir Bagwe is a Tech Writer and part of the editorial team at CISO MAG. He writes news features, technical blogs, and conducts interviews on latest cybersecurity tech and trends.

 

Other Interviews from the Author:

• “CISO needs to speak the language which the CIO, CEO, and the Board speaks or understands” – Pawan Chawla
• “Invalidation of the EU-U.S. Privacy Shield was a long time coming” – Robert Meyers
• “COVID-19 is a humanitarian crisis but also emerging as a data security challenge” – Nikhil Korgaonkar
• “Unified solutions could hold the key in enforcing endpoint security policies” – Karmesh Gupta

The post McAfee Reveals the Unknown About Babuk Ransomware appeared first on CISO MAG | Cyber Security Magazine.

McAfee said that it noticed over 419 cyberthreats per minute in Q2 2020, which is a surge of 12% compared to the previous year. While 79% of those respondents above the age of 65 believe there is a greater cyber risk due to COVID-19 than less (70%) of respondents between the age of 18-24 said the same. 27% of respondents between the ages 18 to 24 check if emails or text messages on discounts and deals sent to them are authentic.

In addition, McAfee stated that the National Retail Federation (NRF) reported 54% of consumers wish to receive gift cards this holiday season. The survey proved that 35% of respondents plan to fulfill this request by purchasing more online gift cards this year.

Judith Bitterli, VP of Consumer Marketing, said, “Many are wondering what this year’s holiday season will look like as consumer shopping behaviors continue to evolve and adapt to the challenges faced throughout 2020. With results showing the growing prevalence of online shopping, consumers need to be aware of how cybercriminals are looking to take advantage and take the necessary steps to protect themselves- and their loved ones- this holiday season.” 

How to Shop Safe Online

In order to stay safe while shopping online, McAfee advises:

• Employ multi-factor authentication to double check the authenticity of digital users and add an additional layer of security to protect personal data and information.
• Browse with caution and be vigilant on what you are clicking, as it may be a malware or phishing links.

Related Story: Ask Yourself These 4 Questions Before Shopping Online

The post Surge in Online Shopping is a Special Offer for Cybercriminals: McAfee appeared first on CISO MAG | Cyber Security Magazine.

What’s more? All three suites include McAfee MVISION Insights, which lends a proactive and actionable threat posture capability that prioritizes risk, predicts the success of countermeasures, and prescribes remedial actions to its customers.

McAfee’s MVISION Suite

The tag line of MVISION suite, “Stop more, manage less, and protect uptime,”  perfectly sums up what the suite does. It allows users to stop a greater number of attacks and empowers them to do so with the least number of tasks to manage thereby protecting their uptime.

In recent months, the very definition of the workplace has expanded.  Thus, McAfee observed a need for a device-to-cloud suite, which would help ensure visibility, and the ability to control and effectively manage cybersecurity across hybrid IT environments. McAfee’s device-to-cloud suite options include:

• MVISION Advanced: A proactive endpoint threat prevention solution that renders next-gen defense mechanisms and rollback remediation features to protect against the latest forms of ransomware and other advanced malware.
• MVISION Premium: An endpoint and data protection solution that takes the help of an AI-powered Endpoint Detection and Response (EDR) and Data Loss Prevention (DLP Endpoint), to defend devices and data from advanced attack vectors.
• MVISION Complete: This is McAfee’s unified endpoint security portfolio with MVISION Unified Cloud Edge, that combines McAfee’s Secure Web Gateway (SWG), advanced DLP, and Cloud Access Security Broker (CASB) to deliver complete device-to-cloud protection. MVISION Complete enables organizations to better safeguard their digital transformation efforts and distributed workforce, with unified threat and data protection across all threat vectors – endpoints, web, and cloud.

Related News:

McAfee Consumer Security Portfolio Integrates Social Media and Tech Scam Protection

McAfee Report Predicts 2020 to be Year of Mobile Sneak Attacks

McAfee’s Device-to-Cloud Solution is a Boon

McAfee’s MVISION portfolio has a booster shot with the release of these newly designed suites. It provides security that spans across devices, networks, and clouds. If we dissect it further, McAfee’s device-to-cloud solution provides simple cloud management with better visibility and control; automated responses and updates that increase staff productivity; and unified policies on endpoints, web, and cloud that help lower the total cost of ownership at a time where many organizations are looking to trim budgets.

Anand Ramanathan, Vice President of Product Management, McAfee, said, “Customers are facing a rise in cyber activity that can expose them to damaging threats. At the same time, they are struggling with control, management, and visibility across their organization as they enable their teams to work from anywhere. McAfee device-to-cloud suites provide all-inclusive security that sits alongside an organization’s device and cloud footprint, offering the end-to-end protection that dynamic modern environments need today – and for what may lie ahead.”

These newly launched solutions will be showcased as part of MPOWER Digital 2020, which is McAfee’s virtual event to be held from October 29 through November 13, 2020.

**Disclaimer**

CISO MAG did not evaluate the products mentioned in this news report. Facts mentioned here were drawn from a McAfee Press Release and CISO MAG shall not be held liable for any discrepancies, inconsistency, and performance claims of this product.

The post McAfee’s Latest SaaS-based Suite Delivers Unified Cybersecurity Solution appeared first on CISO MAG | Cyber Security Magazine.

“With the convergence of home, office, and school, today’s consumers need end-to-end device and web protection that secures every aspect of their digital lives,” said Venkat Krishnapur, Vice President of Engineering and Managing Director, McAfee India. “Tailored to the increasingly connected world in which we live, McAfee’s evolved product suite is a holistic approach to securing every facet of the connected consumer’s life.”

Security and Privacy Get a Boost 

According to the McAfee COVID-19 Threat Report: July 2020, from McAfee Labs, there was an average of 375 new threats per minute via malicious apps, phishing campaigns malware, and more.

To address these threats and combat emerging Coronavirus-related scams, McAfee’s product lineup includes the following updates and enhancements:

• Tech Scam Protection: McAfee WebAdvisor now provides a warning when visiting websites that can be used by cybercriminals to gain remote access to your PC, combatting the reported 128 crore total online fraud loss in India.
• Advanced Malware Detection: McAfee enhanced its machine learning capabilities to improve overall time to detect emerging threats across devices as well as added protection against file-less threats.

Improving Customer Experience

Consumers default to convenience over security, making protecting themselves online an afterthought until it is too late, and they become compromised. Despite the increase in online frauds during the pandemic, online payments in India have soared, with UPI (Unified Payment Interface) recording close to 1.5 billion transactions in July 2020.

At a time where returning to previous routines is still uncertain and internet usage continues to climb, McAfee recognizes consumers need intuitive solutions that allow them to devote attention to what matters most to them right now, including:

• A Better User Experience: An improved PC and app experience with easier navigation and readable alerts, and clear call to actions for faster understanding of potential issues.
• Updated Password Protection: Access iOS applications even faster with automatically filled in user account information and passwords in both apps and browsers on iOS devices.

Safety Now – and Into the Future

As consumers globally continue to settle into a new way of operating, they rely on the internet to live their connected lives- to get work done, seek entertainment, connect with friends and family, conduct purchases, schooling, and more.

Key Features

• Optimized Product Alerts: Redesigned product alerts, so consumers are better informed about possible security risks, with a single-click call to action for immediate protection.
• Social Media Protection: To help prevent users from accidentally visiting malicious websites, McAfee now annotates social media feeds across six major platforms – Facebook, Twitter, YouTube, Instagram, Reddit, and LinkedIn.
• Enhanced App Privacy Check: Consumers can now easily see when mobile apps request personal information, with app privacy now integrated into the main scan of Android devices.

Disclaimer: CISO MAG did not evaluate the products mentioned in this news report. Facts mentioned here were drawn from a McAfee Press Release and CIO MAG shall not be held liable for the performance of this product.

The post McAfee Consumer Security Portfolio Integrates Social Media and Tech Scam Protection appeared first on CISO MAG | Cyber Security Magazine.

Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm.

– Rajiv Gupta, Senior VP and GM, Cloud Security – McAfee

Thus, it is more essential than ever for businesses to arm their SecOps teams with a solution that enables them to manage the ‘n-number’ of security risks impacting their cloud environment. One such solution that helps the SecOps teams in mapping the cloud threats to MITRE ATT&CK, a curated knowledge base and model for noted cyber adversary behavior, is now being provided by McAfee’s MVISION Cloud.

Mapping Cloud Threats to MITRE ATT&CK

McAfee’s MVISION Cloud, a device-to-cloud cybersecurity provider has announced the integration of MITRE ATT&CK into the company’s flagship service. McAfee MVISION Cloud, also known as Cloud Access Security Broker (CASB), claims to deliver an accurate methodology to hunt, detect, and stop cyberattacks on cloud services. Being the first of its kind, this new offering from McAfee gives SecOps teams much-needed direct visibility of the source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK.

Rajiv Gupta, Senior Vice President and General Manager of Cloud Security, McAfee, said, “Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm. By translating cloud threats and vulnerabilities into the common language of ATT&CK, MVISION Cloud allows security teams to extend their processes and run books to the cloud, understand and preemptively respond to cloud vulnerabilities, and improve enterprise security.”

How This Helps SecOps Teams

The ATT&CK integration with McAfee MVISION Cloud has rendered new capabilities to the SecOps teams for mitigating cloud attack risks and vulnerabilities, which include:

• Moving from a Reactive to Proactive Approach: It allows SecOps teams to visualize not only executed threats in the ATT&CK framework, but also potential attacks that they can stop across multiple Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) environments.
• Break Silos: SecOps teams can now bring pre-filtered cloud security incidents into their Security Information Event Management/Security Orchestration, Automation, and Response platforms via API, mapped to the same ATT&CK framework they use for device and network threat investigation.
• Take Direct Action: Helps in fortifying Cloud Security Posture Management (CSPM) by providing security managers with cloud service configuration recommendations for SaaS, PaaS, and IaaS environments, which address specific ATT&CK adversary techniques.

With the introduction of ATT&CK into McAfee MVISION Cloud, SecOps teams will no longer be required to manually sort and map incidents to a separate framework for cloud threats and vulnerabilities, which can be cumbersome and time-consuming. It provides the security teams with a meaningful tool that enables them to automatically map all their threat incidents to a single framework and maintain a log of the cloud attacks that have been fully executed, and also the ones that are in progress. It also has the ability to combine incidents, anomalies, threats, and vulnerabilities into one holistic, familiar view.

The post Good News for SecOps Teams! Mapping Cloud Threats to MITRE ATT&CK Gets Easier appeared first on CISO MAG | Cyber Security Magazine.

McAfee found the top ten web risk list on both television and films from more than 100 popular entertainment titles available on various streaming platforms in the U.S. According to McAfee’s analysis, web series Brooklyn Nine-Nine and Warrior film are identified as the top titles targeted by cybercriminals. Most of the consumers look for free and accessible content for the original TV series. It is found that threat actors follow consumer trends and behaviors to create their scam strategies. Children’s movies account for almost half of the top film titles.

“With cybercriminals regularly tracking changes in social trends like school closures, parents need to be extra vigilant when it comes to searching online for content for their children to watch,” McAfee said.

Top 10 Web Risk TV List:

1. Brooklyn Nine-Nine
2. Elite
3. Harlots
4. Letterkenny
5. Poldark
6. Lost
7. You
8. Gentefied
9. PEN15
10. Skins

Top 10 Web Risk Movies List

1. Warrior
2. Zombieland
3. The Incredibles
4. Step Brothers
5. Bad Boys
6. Aladdin (2019)
7. The Lion King (1994)
8. Swingers
9. Frozen 2
10. The Invitation

Baker Nanduru, VP of Consumer Endpoint Segment at McAfee, said, “With consumers increasingly going online to stay entertained during lockdowns it has created the perfect storm for web crime. History has proven that cybercriminals follow consumer trends and behaviors to educate their scam strategies. It’s important that consumers stay alert while online and avoid malicious websites that may install malware or steal personal information and passwords.”

Mitigation Measures

McAfee offers certain protective measures to stay safe online, these include:

• The safest thing to do is to subscribe to a streaming site that offers the content or download the movie from sources like iTunes or Amazon, instead of downloading a free version from a website that could contain malware.
• Many illegal streaming sites are riddled with malware disguised as pirated video files. Do your device a favor and stream the show from a reputable source.
• Use parental control software. Kids are tech savvy and may search for movies by themselves. Ensure that limits are set on your child’s device and use software that can help minimize exposure to potentially malicious or inappropriate websites.

McAfee analysis is based on the web results for searches of the entertainment titles with search terms – free download, free login, free, torrent, and pirated download.

The post McAfee Reveals Most Targeted Online Entertainment Titles appeared first on CISO MAG | Cyber Security Magazine.

Founded by former NSA employees, Light Point Security protects users from zero-day and other emerging malware like ransomware and credential phishing attacks by isolating browser sessions in a remote virtual environment outside of the corporate network. The acquisition integrates Light Point Security’s browser isolation technology with McAfee Secure Web Gateway for inbound and outbound protection for all web and cloud traffic. Additionally, McAfee stated that it’s going to integrate browser isolation into its newly released MVISION UCE solution, which includes McAfee Secure Web Gateway, McAfee Data Loss Prevention, and MVISION Cloud (CASB) to enable a complete implementation of the SASE Architecture.

Ash Kulkarni, EVP and Chief Product Officer at McAfee, said, “Web browsing is one of the most common threat vectors for endpoints to get infected. Adding Light Point Security’s capabilities into our products will create solutions that enable our customers to mitigate web-based threats without impacting user experience. We are constantly working to find ways to help our customers safely adopt the cloud so they enjoy increased productivity without experiencing heightened concerns about cyber-attacks. Light Point Security’s browser isolation capabilities will bolster the McAfee Unified Cloud Edge offering to make it a preferred solution for security-focused businesses without compromising on productivity.”

Commenting on the acquisition, Zuly Gonzalez, co-founder and CEO of Light Point Security, said, “Light Point Security’s technology enables users to browse any website safely, securely and without limitations, without having to keep up with website changes. This stops attacks launched against a web browser before they can even enter the network without hampering user experience. We’ve been recognized for revolutionizing the way that organizations think about security; now we will be joining a leading standalone cybersecurity player to be part of the next revolution.”

McAfee Appoints New Chief Executive Officer

McAfee, appointed Peter Leav as the new Chief Executive Officer, effective from February 3, 2020. Leav had previously served as President and CEO of BMC Software. He holds more than 20 years of executive leadership experience in large-scale technology companies like NCR Corporation, Symbol Technologies, Cisco Systems, Proofpoint, and Motorola.

Apart from addition to leadership roles, McAfee also forged multiple partnerships. The company acquired NanoSec, a container security startup, to improve its compliance and to mitigate the risk of its container deployments. NanoSec is a multi-cloud and zero-trust application security platform that’s focused on the container approach to application security. The acquisition will allow McAfee to boost its MVISION Cloud and MVISION Server Protection products.

The post McAfee Acquires Browser Isolation Firm Light Point Security appeared first on CISO MAG | Cyber Security Magazine.

With attackers using sophisticated technologies to break into victims’ devices, it’s important for enterprises to maintain robust security measures. According to McAfee, 504 threats are discovered every minute, which represents the severity of cyber risks.

Terry Hicks, Executive Vice President at McAfee, said, “Consumers are connected more than ever, and McAfee is dedicated to protecting them online when they shop, bank, share and journey across the internet. Our partnership with Samsung continues our mission to give consumers peace of mind that their personal data, as well as their families and friends, won’t be jeopardized online.”

“There are now roughly four billion consumers connected online for an average of over six hours a day, from sharing photos to socializing with friends to completing bank transactions. Consumers expect to be able to do what they desire online- whenever and wherever they want- without worrying about the potential risks that might be lurking online,” Hicks added.

Earlier, McAfee partnered with Amazon Web Services (AWS) to offer cloud-based security solutions. McAfee stated its new security product delivers real-time visibility into all database activities and offers monitoring services to prevent sophisticated attacks. The new alliance allows the users to benefit from real-time protection for database workloads migrated to Amazon RDS while monitoring databases.

The post Samsung Extends Partnership with McAfee for Data Security appeared first on CISO MAG | Cyber Security Magazine.

By Patrick Flynn, Director of National Security Programs, McAfee

This same concept can be applied in the theater of cybersecurity operations. However, the current scope of intelligence in many enterprises describes just one aspect of the IPB discipline: information collection. The critical component missing to complete the process is a specialized researcher trained in this type of analysis and subsequent application of intelligence.

A disciplined intelligence cycle goes deep—applying advanced data collection methodologies from open, closed and propriety sources, social media, human intelligence and the dark web against areas such as cybercrime, hactivism, or cyber espionage, to thoroughly analyze the adversary. Intelligence can ultimately be used to prepare organizations tactically and strategically to both anticipate and mitigate modern threats.

The latest research and analysis from McAfee Advanced Program Group (APG) researcher Anne An, detailing the actions of Chinese non-state threat actor groups is a great example of intelligence that is invaluable for organizations. This unique take on Chinese cyber criminality educates practitioners on the threats around them, empowering them to prepare their organization to be proactive, rather than reactive. Further, there are many times where organizations are unaware that they have been a victim of a cyberattack. This could include stolen data, which McAfee APG may find being sold on the dark markets, and in some cases, could have a devastating effect on their business.

Editor’s note: Read Anne An’s story in the next issue of the CISO MAG e-zine. Download the e-zine here: https://staging-cisomagcom.kinsta.cloud/magazine/

Sun Tzu, the Chinese general, and military strategist once articulated, “The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.” These ancient words are still very meaningful today. If organizations robustly embrace the intelligence process, their defensive posture will exponentially improve.

Patrick Flynn is a public sector security expert with more than 25 years’ experience in the federal government. Flynn is currently Director of National Security Programs for McAfee and previously served in similar roles at Northrop Grumman and General Dynamics. Flynn’s public sector experience includes work at the U.S. Department of Homeland Security as the Director of Communications of the Joint Wireless Program Office. He also served as Assistant Chief of the CBP Office of Border Patrol. Prior to that role he served as a U.S. Border Patrol Agent. Flynn is retired from the U.S. Naval Reserve, Office of Naval Intelligence, and was awarded a Bronze Star for his service in Operation Enduring Freedom in Afghanistan. He serves on the President’s National Security Telecommunications Advisory Council, most recently co-chairing the production of the Information and Communications Technology Management Service Mobilization Report. Flynn holds a B.S. in the Administration of Criminal Justice.

Disclaimer: The article has been edited in accordance with the guidelines of CISO MAG. CISO MAG does not endorse any of the claims made by the writer. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. Views expressed in this article are personal.

The post Intelligence in the Enterprise appeared first on CISO MAG | Cyber Security Magazine.