New Study: How to Detect and Mitigate Threats from Malicious Insiders

From: NATO Cooperative Cyber Defence Centre of Excellence

Liisa Past

A new NATO Cooperative Cyber Defence Centre of Excellence study focuses on the threat insiders pose to information security.

While most security frameworks focus on the threats from outsiders, several recent cases have demonstrated the harm trusted individuals can do. Examples of Edward Snowden and Chelsea Manning highlight that in addition to perimeter defence, organisations must scrutinize possibilities of their systems being hampered by authorised users employing internal channels.


Cisco Opens Up Vulnerability Disclosure With OpenVuln API

From: eWeek

By Sean Michael Kerner

Cisco’s Product Security Incident Response Team pushes a new approach that makes security advisories easier to consume and act upon.

IT professionals are inundated on a daily basis with security advisories, but making sense of it all and understanding the impact is a challenge—a challenge that Cisco’s Product Security Incident Response Team is aiming to help solve with the official launch Dec. 14 of the openVuln API.



When it comes to cloud security which is better? Heavy hand or gentle policing?

From: CSO


When it comes to successfully managing cloud use within the enterprise, some security organizations try to establish and enforce firm lines between what is permissible and what is banned, while others try to learn what their employees are trying to achieve and help them do so more securely.

To get a sense of what enterprises think about cloud deployments and cloud security, we recently reached out to Jim Reavis, cofounder and chief executive officer at the Cloud Security Alliance. As a nonprofit, the Cloud Security Alliance promotes the use of security assurance best practices in cloud computing, as well as cloud computing education.


GSA, DHS begin march toward cyber shared services

From: 1500AM

By Jason Miller | @jmillerWFED

The Homeland Security Department is taking a different, and maybe somewhat surprising path, for its latest task order under the continuous diagnostic and mitigation (CDM) program.

The General Services Administration, which is acting as the procurement arm for the CDM program, and DHS released task order 2F under the Alliant governmentwide acquisition contract instead of through the program’s $6 billion blanket purchase agreement (BPA) awarded in August 2013 to 17 vendors. The previous five task orders have come under the BPA. GSA awarded contracts to Knowledge Consulting Group, Booz Allen Hamilton, HP Enterprise Services and Northrop Grumman.


The Need for Continuous Asset Monitoring

From: RSA

Asset monitoring is an essential activity for managing vulnerabilities in a network. It lets organizations discover which assets are on the network and maintain an up-to-date inventory of their status, along with details such as which software is running and its patch levels. According to the SANS Institute, frequent monitoring of critical assets is becoming more essential given the constant rate at which threats evolve. This allows organizations to quickly detect whether anything nefarious has occurred so that damage can be minimized. Continuous asset monitoring is also key to enabling mobility in the enterprise because it can discover all new devices as they connect to the network, even if it’s just for a short period. The most important assets that should be continuously monitored are those that are the most volatile, such as new versions of software or new machines, because they are what attackers look to take advantage of.


Predictive Analytics Tools Confront Insider Threats


By Sandra Jontz

Defeating the new normal is the mission of advanced software.

Since the 2009 fatal shootings of 13 people at Fort Hood by a U.S. Army major and psychiatrist and the leaks of some 750,000 classified and sensitive military documents to WikiLeaks by another soldier, the U.S. Defense Department has sought technology to give analysts an advantage in finding insider threats.

The need spread, and now federal agencies employ advanced analytics and cybersecurity solutions to protect against an ever-morphing landscape of breaches, from those outside firewalls to rogue or careless employees. One of those solutions is a product called Carbon.