Shutdown a threat to IT security recruitment
The biggest concern of the government shutdown is that this type of instability would hamper the federal government’s ability to attract and retain good cybersecurity talent, according to Chris Morales, head of security analytics at Vectra.
Government shutdown: Experts fear deep cybersecurity impact
Chris Morales, head of security analytics at Vectra, says NIST would be subject to closure because it's primarily a research and publication institute. He says it might be concerning that some individuals couldn't reach the organization's Cybersecurity Framework, but that document is still available via a direct link.
Schwerwiegende Cyberattacke in Deutschland
Der Cyberangriff auf Politiker, Journalisten und Prominente in Deutschland hat international für Aufsehen gesorgt. Gérard Bauer, Vizepräsident von EMEA bei Vectra, einer auf KI basierenden Cybersecurity-Firma, gibt Einblick in den Angriff.
Dems use fake news propaganda in Alabama campaign
"Since we have been successful using AI to detect attacker behaviors in real time, someone should ask a team of data scientists to find a way to use AI to detect political misinformation, since there seems to be more than an average person can sort through,” says Chris Morales, head of security analytics at Vectra.
Vaste vol de données personnelles de figures politiques outre-Rhin
Matt Walmsley, chez Vectra, penche également, à ce stade, pour la motivation politique. Et Daved Emme, de Kaspersky, estime que l’appât du gain apparaît peu probable « comme première motivation ». Pour lui, « il s’agit probablement d’un hacker activiste ».
Spectre, Meltdown vulnerabilities will haunt industry for years
"While these are scary threats, the ability to execute an attack using these flaws is hard," says Chris Morales, head of security analytics at Vectra. "The speed to extract data from system memory is very low and stealing anything more than a simple password could take days or much longer."
Industry reactions to massive data leak in Germany
"Erosion of confidence in the government could benefit nation states wishing to promote political instability in Germany and it was interesting to see that the members of the right wing AfD party were not reportedly affected," says Matt Walmsley, EMEA director at Vectra.
Industrie 4.0: 2019 muss das Jahr der IIoT-Sicherheit werden
Der Bericht von Vectra kam zu dem Schluss, dass "IIoT-Geräte zusammen eine riesige, leicht zu durchdringende Angriffsfläche bieten, die es Cyber-Kriminellen ermöglicht, im Inneren zu suchen, um kritische Assets zu stehlen und die Infrastruktur zu stören."
KI und Cyber Security in 2019
„Während viele Unternehmen bereits in Tools zur Cybersicherheit investiert haben, die grundlegende Techniken des maschinellen Lernens verwenden (wie Random Forest), wird Deep Learning im Jahr 2019 zur besten Methode für die Erkennung von Cyberangriffen werden“, sagt Gerard Bauer, Vizepräsident von EMEA bei Vectra.
Datensicherheit ? Hacker attackieren Politiker, Künstler und Journalisten
„Dies ist nur der erste von vielen schwerwiegenden Zwischenfällen, die wir in diesem Jahr erleben werden, und es erinnert uns daran, dass gut ausgerüstete, motivierte und ausdauernde Angreifer fast immer Erfolg haben werden und in Netze eindringen werden“, sagt Gerard Bauer, Vizepräsident der EMEA bei Vectra.
AI und Cyber Security im kommenden Jahr
"Geopolitische Spannungen und Handelskriege werden das Wachstum der kommerziellen Cyberspionage vorantreiben," sagt Gerard Bauer, Vizepräsident der EMEA-Region von Vectra. "Diese Angriffe werden von vielen Opferunternehmen nicht erkannt, da sie keine versteckten Bedrohungen in Netzwerken erkennen können."
Back to the future for 2019
"We will see an increase in the use of deep learning, such as recursive neural nets, that enable algorithms to continuously learn and evolve," says Chris Morales, head of security analytics at Vectra. "2019 will see deep learning become the best practice for detecting cyberattacks."
Security holes at U.S. missile defense systems data centers shocks experts
The problem wasn't that the data centers lacked the authentication or encryption tools. "The controls existed but were not implemented and used equally and regularly," Chris Morales, head of security analytics at Vectra, says.
Emotet-Malware: Hohe Schäden in Unternehmensnetzen
Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg alter Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cybersecurity-Konzepten beruhen.
Smartphones and the new cybersecurity threat
Chris Morales, head of security analytics at Vectra, says the biggest risk posed by mobile devices in a corporate network is malicious apps gaining access to enterprise data. Make sure mobile devices do not share network connectivity with critical infrastructure or systems with sensitive information.
Best security software: How 25 cutting-edge tools tackle today's threats
The Vectra Cognito platform incorporates artificial intelligence (AI), deep machine learning and traffic monitoring into a tool that is able to detect threats that other programs miss, even if they are already entrenched inside a protected network.
Alphabet's VirusTotal: A security solution for your small business?
"VirusTotal provides value only if you have the necessary staff to extract value from it," says Oliver Tavakoli, chief technology officer at Vectra. "This is reflective of the fact that the VirusTotal data repository is of most value to large and expert IT security teams."
Cyberattacke auf Marriott-Hotelkette politisch motiviert?
"Dieser Cyberangriff ist eine Form der Spionage von Nationalstaaten", sagt Gerard Bauer, Vizepräsident von EMEA bei Vectra. "Der einzige Unterschied ist jetzt, dass es im Cyberspace passiert, anstatt in ein Gebäude einzubrechen und physische Dokumente zu stehlen."
As manufacturing moves into cyberspace, so do security threats
Vectra’s artificial intelligence-based platforms detected “a higher-than-normal rate of malicious internal reconnaissance behaviors” from attackers inside of manufacturers’ systems and that this “indicates that attackers are mapping-out manufacturing networks in search of critical assets to steal or damage.”
China suspected of massive Marriott data breach
"Hacks are getting bigger because the volume of data generated on the Internet every single day is so large," says Chris Morales, head of security analytics at Vectra. "Just like a user employs a search engine to get information, a cyber spy will search massive online databases for information."
Podcast: An all-out AI war is imminent in 2018
Vectra CEO Hitesh Sheth talks with Bloomberg Markets about the crucial role that artificial intelligence will play in detecting and responding to cyberattackers in 2018. It will be an AI war, with nation-state hackers and organized cybercriminals using their AI threat arsenal to attack organizations who use AI as a defensive weapon.
Security burnout: Avoidable or inevitable?
AI is the inevitable next phase in cybersecurity. What is avoidable, however, is security burnout. By implementing key business and professional-growth programs – and augmenting the work of security analysts with AI – organizations can greatly reduce the security burnout rate while nurturing and developing future security analysts.
Industry reactions to U.S. blaming North Korea for WannaCry
When WannaCry was first detected, we saw similarities in the code used for that ransomware attack with previous attacks attributed to North Korea, like the Sony hack. North Korea has been targeting banks directly with banking malware while using ransomware against other organizations to acquire a large volume of Bitcoin.
Emerging Tech Hub: Vectra hunts partners for threat detection platform
Vectra is hunting for channel partners in the UK after trebling its revenue in Q3, says Matt Walmsley, head of EMEA marketing. Vectra revenue jumped 294 percent in the third quarter this year, which Walmsley said was driven by a need for enterprises to address the detection gap that allows cybercriminals to easily breach networks.
How ready are you to stop an advanced attack?
In his latest installment in the CSO “Thinking Security” column, Vectra CTO Oliver Tavakoli explores the benefits of running red team exercises. Red team exercises enable organizations to understand how to respond when dealing with real-world advanced attacks and adapt to respond quickly to these threats.
AI is changing security ops: What security analysts need to know
The security operations center at Texas A&M serves 11 universities and seven state agencies. But with just seven full-time analysts and a risk-rich environment of 174,000 students and faculty, triaging security events was overwhelming, but with the help of Vectra Cognito, and it now takes 10-20 minutes to resolve an incident, on average.
Savoir ce qui se passe vraiment sur SI: casse-tête du RSSI
AI propose désormais de plus en plus de fonctionnalités de sécurité, en commençant par la possibilité d'automatiser le traitement de ces volumes de données, alertes, gérables et intégrant des algorithmes d'apprentissage automatique détectant le comportement agresseur, explique Christophe Jolly, directeur France chez Vectra.
Triton framework used in industrial control attacks
"To gain access to the industrial control systems, the threat actor infected an SIS engineering workstation on what is supposed to be an isolated network," says Chris Morales, Vectra head of security analytics. "An infected laptop can be brought in by a contractor, connect to the network and spread to the controlled ICS environment."
Nation-state attackers shut down industrial plant with new ICS malware
"The IoT and IT/OT convergence is accelerated by the speed of business and the implementation of AI to drive decisions in ICS environments," says Chris Morales, Vectra head of security analytics. "In addition, more ICS devices are running commercial operating systems, exposing ICS systems to a wider swath of known vulnerabilities."
Traffic to major tech firms rerouted to Russia
People who use Google, Apple, Facebook and Microsoft trust that their communication is secure because of the use of HTTPS, says Chris Morales, Vectra head of security analytics. But entities can manipulate the border gateway protocol to perform man-in-the-middle attacks and manipulate TLS/SSL encryption to eavesdrop on users.
Was CFOs aus Hackerangriffen lernen können
Erfolgreiche Cyberattacken auf Konzerne häufen sich. CFOs sollten daher genau überlegen, ob sie bei Investitionen in die IT-Sicherheit auf die Bremse treten. Denn Einsparungen an der falschen Stelle können den wirtschaftlichen Erfolg eines Unternehmens schnell gefährden. Hitesh Sheth, CEO bei Vectra Networks erklärt in FINANCE, warum vor allem immer öfter firmeneigene Rechenzentren Ziel von Hackerangriffen werden.
How artificial intelligence will solve the security skills shortage
The infosec world is embracing artificial intelligence and the seismic changes it will bring to threat detection and mitigation, Vectra CSO Günter Ollmann writes in Dark Reading. As networks become more sophisticated, generate more data, and are exposed to advanced threats, AI and the automation it empowers are the cure.
The truth is, the Yahoo! data breach is not the exception
The magnitude of the Yahoo! data breach – more than 1 billion user accounts compromised – is by far the largest that has ever occurred. But Yahoo! is not the exception. Routers, switches and servers in the vast majority of data centers where customer account information is kept are largely unprotected and highly vulnerable to cyber attacks.
Video: Cybersecurity woes in the U.S.
The incoming U.S. administration would be well advised to take the recent Democratic and Republican National Committee hacks seriously, Vectra CEO Hitesh Sheth tells CNBC. "We can safely assume that nation-state actors will continue their efforts to affect U.S. economic interests as well as our democratic and political processes."
What the infosec jobs sector will look like in 2017
Vectra CSO Gunter Ollmann says that experienced infosec employees are twice as valuable to the global market, demanding higher pay and improved roles. To retain them, organizations are offering “senior” titles and accompanying pay hikes. Meanwhile, the skills and job tasks between “junior” and “senior” remain unfulfilled.
Insurance claims for data breaches are on the rise
On news that data breach insurance claims are being made at a rate of over one a day, Matt Walmsley, Vectra EMEA director, says “By automating detection using the very latest self-learning security tools, and with it the response to an incident based on early indicators, many attacks can be nipped in the bud before they become costly incidents.”
Remain paranoid, err vigilant, with online security in 2017
There are a lot more tools necessary and available to combat the cyber threat, at the edge, at the endpoint and in between. “It is important to identify, develop and train associates who are motivated cyber warriors, and it is an ongoing process, due to the velocity of change," says Joe Duffey, CISO at Natixis Global Asset Management.
Encrypt everthing. Don't let security be the reason you don't (and attackers do)
Chris Morales, head of security analytics at Vectra, says encrypted network traffic is having an impact on security that relies on deep packet inspection, whose efficacy degrades as more traffic is encrypted. Even worse, traditional security responses to handling encrypted traffic will suffer due to certificate and public key pinning built into applications.
Data breach claims are made at a rate of more than one a day
Matt Walmsley, EMEA director at Vectra , says that a rise in claims for digital theft and intrusions was taking place amid growing nation state-driven cyber crimes and the looming risk posed by GDPR compliance requirements and punitive fines. There is also growth in corporate cyber extortion using ransomware and malware.
What 2017 has in store for cybersecurity
Chris Morales, head of security analytics at Vectra, tells CSO that critical firewall vulnerabilities will continue to be ignored in 2017. According to the Shadow Server website, there are still more than 816,000 Cisco firewalls connected to the Internet that are vulnerable, undermining the inherent trust placed in firewalls.
Forbes hottest cybersecurity startups of 2015
In 2015, there were few hotter areas in Silicon Valley than cybersecurity, and Vectra ranked in the top 10 of that competitive group.
Uncovering covert attack communications inside your network
Cyber attackers are slipping through perimeter defenses and hiding in the shadows and dark corners of networks.
Hello Kitty fixes website security flaw
Sanrio says the loophole that provided an attack entry method potentially allowing cyber criminals to bypass traditional security defences in order to enter and exploit internal systems with the appearance of a legitimate user, has been closed and data is now safe.
Algorithms are the key to detecting and mitigating cyber attacks
Gerard Bauer, vice president of EMEA sales at Vectra, shares his security predictions for 2016.
Automated threat detection helps fulfill protection goals of critical security controls
New technologies, such as machine learning, have evolved to help organizations improve their response to modern attacks. Although the financial industry has been using machine learning since the 1970s to detect fraudulent behavior, use of machine learning in the information security sector is a recent phenomenon.
Cybersecurity in virtual networks
In this eighth annual VMblog.com series exclusive, virtualization and cloud executives share their predictions for 2016.
Protecting the university network and flagging attacks — in real time
Higher education is a key target for cyber attacks because of the open networks common on college and university campuses. Thousands of students and faculty wander on and off the network with their own devices, bringing viruses and malware to the wider community and creating nightmares for security teams.
SANS Institute shows true power of automated threat detection
A SANS Institute report, backed with findings from Vectra, explains how an automated threat detection system that combines behavioral analysis, data science and machine learning can help organizations meet Critical Security Control (CSC) mandates.
The state of cybersecurity: What 2016 will bring
In 2016, what organisations need are tools that identify the activities of the attacker inside a network before a data breach occurs, with a focus on how to quickly intervene, minimise the time they are exposed and reduce the impact of cyberthreats.
How one university addresses targeted attacks in progress
Hernan Londono, associate CIO at Barry University in Miami, talks about embracing campus mobility and BYOD, and explains why a strong Advanced Persistent Threat (APT) defense is vital to protecting the university's network from mobile devices that it doesn't own or manage.
Data science and machine learning will fight cyber-attacks, says Vectra Networks: 2015 Tech Predictions
Vectra VP of Marketing Mike Banic predicts data science and machine learning will become the focus of the fight on cyber-attacks, cyber security will get social, and new entrants will continue to disrupt the cyber security market.
Vectra X-series platform identifies threats in real-time
Real-time cyber-attack detector Vectra Networks has introduced a real-time detection platform for insider and targeted threats.
New products of the week 12.22.2014
Our roundup of intriguing new products from companies such as Dell, CloudBerry and Vectra (See Slide 16).
Breach detection, Sony Entertainment and Vectra Networks
Working in information security for the past 20 years, I have seen a lot. Though there have been many multi-million dollar impact breaches, the recent Sony Pictures hack and subsequent data exposure and extortion is probably the most impactful to a company out of the previous breaches this year.
Vectra releases real-time threat detection platform to protect against targeted attacks
Vectra Networks has released an updated real-time detection platform – X-series platform – aimed for insider and targeted threats detection.
Put the insider threat in your sights
Regardless of how well we secure our assets from outside parties, we ultimately need to give access to our employees, contractors and partners in order for them to do their jobs. Misuse of this privileged access, whether through data theft or damage, is an unfortunate, yet inherent risk of doing business for most organizations.
Vectra launches real-time detection platform to curb insider threats
Vectra Networks announced release of a real-time detection platform to protect organizations and government agencies from insider and target threats.
Vectra updates threat detection platform
The Vectra X-series platform is designed to detect sophisticated threats by using a combination of security research, data science and machine learning. According to the company, the product is capable of detecting attacks on all operating systems, applications and devices regardless of the method and location of the initial delivery.
Vectra launches real-time threat detection
Vectra Networks has released its updated X-series platform, the first real-time detection solution designed to discover insider and targeted threats. The new platform promises to help organizations gain instant visibility into potential threats by leveraging a combination of dynamic community threat analysis and real-time detection of cyberattacks.
Video: Tracking cyber threats from inside a company
CEO Hitesh Sheth tells Bloomberg TV's Pimm Fox how Community Threat Analysis dynamically creates a clear picture of typical network access through the entire corporate network, identifying anomalies and flagging unauthorized access to documents, data and intellectual property, making it an effective way of recognizing insider attacks.