Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Five products in the National Cyber Awareness System offer a variety of information for
users with varied technical expertise. Those with more technical interest can read the
Alerts, Analysis Reports, Current Activity, or Bulletins. Users looking for more general-
interest pieces can read the Tips.
Current Activity
Provides up-to-date information about high-impact types of security activity affecting
the community at large.
Alerts
Provide timely information about current security issues, vulnerabilities, and
exploits.
Bulletins
Provide weekly summaries of new vulnerabilities. Patch information is provided
when available.
Tips
Provide advice about common security issues for the general public.
Analysis Reports
Provide in-depth analysis on a new or evolving cyber threat.
=============================================================
=============================================================
2.
Internet Fraud
Internet fraud is the use of Internet services or software with Internet access to defraud
victims or to otherwise take advantage of them. Internet crime schemes steal millions of
dollars each year from victims and continue to plague the Internet through various methods.
Several high-profile methods include the following:
3.
Cyber security has always been a horizontal technology practice that’s roughly the same
across all industry sectors. Yes, some industries have different regulations, use cases or
business processes that demand specific security controls, but overall every company needs
things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.
Generic security requirements will remain forever, but I see a burgeoning trend transforming
cybersecurity from a set of horizontal technologies to a vertical industry application. These
drivers include:
CISO progression. The present generation of CISOs grew up through the ranks of IT and
security with career development responsibilities such as network operations and firewall
administration. Yes, the next generation of CISOs will still need some technology chops, but
this role is moving closer and closer to business management. In fact, the best CISOs
understand industry business processes, regulations and risk above and beyond technology.
Business-centric CISO resumes are a “nice-to-have” today but will evolve into a true
requirement over the next few years. In the near future, cybersecurity executives will build
their careers as financial services CISO, healthcare CISO or public sector CISO rather than
vanilla CISO.
Advancing regulations. While there are already a lot of industry regulations, such as
FISMA, HIPAA/HITECH and NERC, additional industry regulations are bound to occur.
This will happen quite quickly if a major data breach disrupts operations in a particular
industry.
Industry-focused threats. Targeted threats can generally be traced back to cyber adversaries
that specialize on a particular industry in a particular geography. This makes sense: Attacking
a U.S. bank demands language skills and business process and regulatory knowledge that
isn’t applicable for attacking banks in France or Germany.
These industry-centric threats are precisely why we have specific industry Information
Sharing and Analysis Centers (ISACs). Cybersecurity professionals are often encouraged to
“think like the enemy.” Increasingly, this demands industry-specific business and IT
knowledge—not just a broad understanding of cyber adversary tactics, techniques and
procedures (TTPs).
IoT. This is the big Papi of change agents for cybersecurity, as industry IoT applications will
radically alter business processes, technology elements and threats. And while we’ve created
an uber technology category called IoT, the fact remains that IoT healthcare applications will
be vastly different than those designed for energy, manufacturing, retail or transportation. As
an example, think about the specific industry, business process and technology knowledge
you would need to prevent, detect or remediate a Stuxnet-like attack.
As I previously mentioned, there will always be a need for horizontal security technologies,
but CISOs will increasingly judge these technologies based upon two criteria: 1) best-of-
breed security efficacy and 2) how well these point tools can be integrated into enterprise
solutions that encompass vertical industry-specific requirements.
I anticipate a transition to vertical industry-specific cybersecurity over the next few years.
Cybersecurity professionals should prepare for this evolution by developing their business process
and technology skills, while vendors should pick focus industries and partner accordingly.
=====================================================
==================================================
4.
Information security (IS) is designed to protect the confidentiality, integrity and availability
of computer system data from those with malicious intentions.Confidentiality, integrity and
availability are sometimes referred to as the CIA Triad of information security.
NETWORK SECURITY TOOLS. Add application testing to your network security tools.
As companies strive to protect their computer systems, data and people from cyber attack,
many have invested heavily in network security tools designed to protect the network
perimeter from viruses, worms, DDoS attacks and other threats.
==================================================================
=================================================================
5.
According to the most recent Verizon Data Breach Investigations Report [PDF], an estimated
"285 million records were compromised in 2008." And 74 percent of those incidents were
from outside sources.
The key security measures that every small business should be taking.
Cloutier shares his tip for crafting a hard-to-crack password: use a combination of capital and
lower-case letters, numbers and symbols and make it 8 to 12 characters long.
According to Microsoft, you should definitely avoid using: any personal data (such as your
birthdate), common words spelled backwards and sequences of characters or numbers, or
those that are close together on the keyboard.
As for how often you should change your password, Cloutier says that the industry standard
is "every 90 days," but don't hesitate to do it more frequently if your data is highly-sensitive.
Another key: make sure every individual has their own username and password for any login
system, from desktops to your CMS. "Never just use one shared password," says Cloutier.
A firewall protects your network by controlling internet traffic coming into and flowing out
of your business. They're pretty standard across the board -- Cloutier recommends any of the
major brands.
"They're the last line of defense" should an unwanted attack get through to your network,
Cloutier explains.
"Your security applications are only as good as their most recent update," Watchinski
explains. "While applications are not 100 percent fool-proof, it is important to regularly
update these tools to help keep your users safe."
Frequently updating your programs keeps you up-to-date on any recent issues or holes that
programmers have fixed.
Cloutier mandates "absolutely: encrypt your laptop. It's the easiest thing to do."
Encryption software changes the way information looks on the harddrive so that, without the
correct password, it can't be read.
Cloutier also stresses the importance of never, ever leaving your laptop in your car, where it's
an easy target for thieves. If you must, lock it in your trunk.
Encryption software
Password-protection (Cloutier also suggests enabling a specific "lock-out" period,
wherein after a short amount of time not being used, the phone locks itself)
Remote wiping enabled
Remote wiping is "extremely effective," Cloutier says, recounting the story of one executive
who lost his Blackberry in an airport, after he had been looking at the company's quarter
financials. The exec called IT in a panic, and within 15 minutes they were able to completely
wipe the phone.
7. Backup regularly
Scheduling regular backups to an external hard drive, or in the cloud, is a painless way to
ensure that all your data is stored safely.
The general rule of thumb for backups: servers should have a complete backup weekly, and
incremental backups every night; personal computers should also be backed up completely
every week, but you can do incremental backups every few days if you like ("however long
you could live without your data," Cloutier explains).
Getting your data compromised is a painful experience -- having it all backed up so you don't
completely lose it will make it much less so.
8. Monitor diligently
"All this great technology […] is no good unless you actually use it. You have to have
someone be accountable for it," says Cloutier.
One good monitoring tool Cloutier suggests is data-leakage prevention software, which is set
up at key network touchpoints to look for specific information coming out of your internal
network. It can be configured to look for credit card numbers, pieces of code, or any bits of
information relevant to your business that would indicate a breach.
If you don't monitor things, warns Cloutier, "it's a waste of time and a waste of resources."
And you won't know that you've been compromised until it's far too late.
"Links are the numbers one way that malware ends up on computers," says Cloutier. "Links
are bad!"
As such, never click on a link that you weren't expecting or you don't know the origination of
in an e-mail or IM.
You have to "be smart when surfing the Web," Watchinski warns. "[You] should take every
"warning box" that appears on [your] screen seriously and understand that every new piece of
software comes with its own set of security vulnerabilities."
"Educating them about what they are doing and why it is dangerous is a more effective
strategy than expecting your IT security staff to constantly react to end users’ bad decisions,"
Watchinski says.
==================================================================
==================================================================