huawei-safe-city-article-header

Making Manila’s ‘Crown Jewel’ a Safe City

Background

In 2003, plans were made to upgrade Bonifacio Global City (BGC), part of a former Philippine Army base near Manila, into a world-class business and residential center. The Bonifacio Global City Estate Association (BGCEA), which provides integrated property management services, began working to transform BGC into Manila’s ‘crown jewel’ and a model for other cities. Today, BGC is a thriving financial and residential district.

“With the rapid growth of BGC as a successful world-class commercial and residential development, we continuously look for ways to improve services for Bonifacio citizens,” said Rodney M. Medrano, Executive Director, BGCEA.

A major goal was to make BGC a safer city.

Challenges

Medrano said one of BGCEA’s first tasks was to ensure that the city had the right infrastructure to manage and maintain security.

Previously, city surveillance consisted primarily of low-definition analog cameras that did not meet safety requirements. Low-resolution surveillance footage lacked the kind of detail needed by law enforcement to carry out successful investigations. For example, car license plates were unreadable. In addition, manual conversion of all videos from analog to digital, coupled with serious storage constraints, meant that the videos could not be kept for very long after conversion.

What’s more, decentralized camera surveillance made it difficult to analyze footage. Poor legacy network infrastructure included limited, but expensive, fiber networks for transferring images.

All these issues severely hampered law enforcement and crime prevention efforts. Giving the city a larger view of public security meant that changes were needed: A new, high-definition surveillance solution had to be centrally connected and managed. Also monitoring points for installed networked cameras needed to be evenly distributed to ensure comprehensive coverage of the city. Finally, these images must be transmitted across varying distances, unblocked by high-rise buildings.

“We wanted to ensure that public safety remained a top priority, and that meant overcoming any issues with the underlying security and network infrastructure,” Medrano said.

Solution

BCG first contacted Huawei in 2014. While competing vendors were considered, none were able to offer Huawei’s comprehensive solution that addressed all the city’s public security concerns.

“We were thoroughly impressed, even at the proof-of-concept stage, “said Bernard Beltran, IT manager, Fort Bonifacio Development Corporation. “Huawei looked into every possible aspect of the issues we presented, and arrived at a set of solutions that left no stone unturned. “

Huawei’s Safe City solution consists of High-Definition (HD) Intelligent IP Cameras strategically located to ensure comprehensive coverage. Huawei’s network design ensured that images could be transmitted across varying distances to the command center without being blocked by high-rise buildings.

Cameras are connected to a central command center by means of a Wi-Fi backhaul network across the city’s major grids. This makes an expensive fiber network unnecessary. Personnel at the command center use video analytics to coordinate camera visuals. Although BCG now uses a microwave backhaul network, it plans to soon change to a more cost-efficient mesh network.

Benefits

  •  24/7 intelligent security surveillance with data analytics detect crime and help manage traffic.
  • Local law enforcement now has an effective platform to help them deter crime in BGC.
  • BGC is considered the safest business and residential township in the Philippines and has set the benchmark for other cities to emulate

BGC was the first Huawei Safe City project in the Philippines. The success of the project led the city to expand the scope (Phase 2) and increase coverage from 70 percent to 100 percent. Phase 3 is now underway, and includes closed parking areas, office space, major shopping areas, and traffic management with video analytics.

key-management-policy-1

Understanding Key Management Policy – Part 1

With rising incidents of data breaches, organisations across the globe are realising that merely implementing perimeter defense systems no longer suffice to thwart cyber attacks.

While front line defense mechanisms like firewalls, anti-theft, anti-spyware, etc. definitely act as a strong deterrent against cyber attacks, they are rendered useless when a hacker gains inside entry by exploiting their vulnerabilities to bypass them.

Alarmed by a spike in data breaches, many regulations like the Payment Card Industry Data Security Standard (PCI DSS), UIDAI’s Aadhaar circulars, RBI’s Gopal Krishna Committee Report and the upcoming Personal Data Protection Bill in India now urge organisations to encrypt their customers’ personal data.

This has resulted in an increasing number of organisations adopting data encryption as their last line of defense in the eventuality of a cyber attack. Unfortunately, with cybercriminals getting smarter and more sophisticated with every passing day, merely encrypting data is no longer the proverbial silver bullet to prevent data breaches.

In this two-part blog series, we will deep dive into the concept of (encryption) key management and cover the pivotal role a well-defined Key Management Policy (KMP) plays in data protection.

Let’s first begin with the basics!

Types of Encryption (Crypto) Keys

Crypto keys can be broadly categorised in two types – ‘symmetric keys’ and ‘asymmetric keys’.

In symmetric key encryption, the cryptographic algorithm uses a single (i.e. same) key for both encryption and decryption. Contrastingly, in asymmetric key encryption, the algorithm uses two different (but related) keys for encryption and decryption. These keys are known as ‘public keys’ and ‘private keys’.

While the public key is used for data encryption, the private key is used for data decryption. Since any data encrypted with the public key cannot be decrypted without using the corresponding private key, ensuring optimal security of the private keys is crucial for foolproof data protection.

Key Management

Since crypto keys pass through multiple phases during their lifetime – like generation, registration, distribution, rotation, archival, backup, revocation and destruction, securely managing these keys at each phase is very important.

Effective key management means protecting the crypto keys from loss, corruption and unauthorised access.

Challenges to Key Management

As more and more organisations generate thousands of crypto keys today for a diverse and disparate set of encryption-dependent systems spread across multiple businesses and geographical locations, key management becomes a big challenge.

To ensure that crypto keys do not fall in the wrong hands, a common practice followed by many organisations is to store these keys separately in FIPS-certified Hardware Security Modules (HSMs) that are in-built with stringent access controls and robust audit trail mechanisms.

However, with organisations using a diverse set of HSM devices like Payment HSMs for processing financial transactions, General Purpose HSMs for common cryptographic operations, etc., key management woes intensify. Further, merely storing the keys separately in HSM devices is not sufficient, as apart from secure storage, efficient management of the crypto keys at every phase of their lifecycle is very important.

Some of the other key management challenges that organisations face include using the correct methodologies to update system certificates and keys before they expire and dealing with proprietary issues when keeping a track of crypto updates on legacy systems.

Hence, cybersecurity experts recommend that organisations centralise the management of their crypto keys, consolidate their disparate HSM systems and chalk out a comprehensive KMP that provides clear guidelines for effective key management.

Key Management Policy (KMP)

While most organisations have comprehensive Information Security and Cybersecurity policies, very few have a documented Key Management Policy.

A well-defined KMP firmly establishes a set of rules that cover the goals, responsibilities, and overall requirements for securing and managing crypto keys at an organisational level.

Designed to cohesively cover each stage of a key’s lifecycle, a robust KMP should protect the key’s:

1. Confidentiality
2. Integrity
3. Availability, and
4. Source Authentication.

The KMP should also cover all the cryptographic mechanisms and protocols that can be utilised by the organisation’s key management system.

Last, but not least, a good KMP should remain consistent and must align with the organisation’s other macro-level policies. For example, if an organisation’s information security policy mandates that electronically transmitted information should be securely stored for a period of 7-10 years, the KMP should be able to easily align to such a mandate.

To Sum It Up

Data encryption is no longer sufficient to prevent data breaches and merely storing the crypto keys separately no longer guarantees foolproof protection against sophisticated cyber attacks.

The need of the hour is to safeguard the keys at each phase of their lifecycle, manage them centrally and implement a robust KMP to ensure optimal data protection.

In the next part, we will discuss how organisations can leverage Key Management Interoperability Protocol (KMIP) to manage their encryption keys and how Gemalto’s Key Management Platform can help to streamline their key management centrally.

In the meantime, familiarize yourself with our Key Management Platform, and learn how security teams can uniformly view, control, and administer cryptographic policies and keys for all their sensitive data—whether it resides in the cloud, in storage, in databases, or virtually anywhere else.

mcafee cloud workload security

McAfee Cloud Workload Security

As corporate data centers evolve, more workloads are migrated to cloud environments every day. Most organizations have a hybrid environment with a mixture of on-premises and cloud workloads, including containers, which are constantly in flux. This introduces a security challenge as cloud environments (private and public) require new approaches and tools for protection. Organizations need central visibility of all cloud workloads with complete defense against the risk of misconfiguration, malware, and data breaches.

McAfee® Cloud Workload Security (McAfee® CWS) automates the discovery and defense of elastic workloads and containers to eliminate blind spots, deliver advanced threat defense, and simplify multicloud management. McAfee provides protection that makes it possible for a single, automated policy to effectively secure your workloads as they transition through your virtual private, public, and multicloud environments, enabling operational excellence for your cybersecurity teams.

Modern Workload Security: Use Cases

Automated discovery

Unmanaged workload instances and Docker containers create gaps in security management and can give attackers the foothold they need to infiltrate your organization. McAfee CWS discovers elastic workload instances and Docker containers across Amazon Web Services (AWS), Microsoft Azure, OpenStack, and VMware environments. It also continuously monitors for new instances. You gain a centralized and complete view across environments and eliminate operational and security blind spots that lead to risk exposure.

Gaining insights into network traffic

By utilizing native network traffic provided from the cloud workloads, McAfee CWS is able to augment and apply intelligence from McAfee® Global Threat Intelligence (McAfee® GTI) data feeds. The enriched information is able to display properties such as risk score, geo-location, and other important network information. This information can be used to create automated remediation actions to protect workloads.

Integration into deployment frameworks

McAfee CWS creates deployment scripts to allow the automatic deployment and management of the McAfee® agent to cloud workloads. These scripts allow integration into tools such as Chef, Puppet, and other DevOps frameworks for deployment of the McAfee agent to workloads running by cloud providers, such as AWS and Microsoft Azure.

Consolidate events

McAfee CWS allows organizations to use a single interface to manage numerous countermeasure technologies for both on-premises and cloud environments. This also includes integration into additional technologies, like AWS GuardDuty, McAfee® Policy Auditor, and McAfee® Network Security Platform.

  • Administrators can leverage the continuous monitoring and unauthorized behaviors identified by AWS GuardDuty, providing yet another level of threat visibility. This integration allows McAfee CWS customers to view GuardDuty events, which include network connections, port probes, and DNS requests for EC2 instances, directly within the McAfee CWS console.
  • McAfee Policy Auditor performs agent-based checks against known or user-defined configuration audits for compliance such as Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI-DSS), Center for Internet Security Benchmark (CIS Benchmark), or other industry standards. McAfee CWS reports any failed audits for instant visibility into misconfiguration for workloads in the cloud.
  • McAfee Network Security Platform is another cloud security platform that performs network inspection for traffic in hybrid as well as AWS and Microsoft Azure environments. It performs deeper packet-level inspections against network traffic, and it reports any discrepancies or alerts through McAfee CWS. This provides single-pane visibility against multicloud environments for remediation.

Enforcement of network security group policies

McAfee CWS permits users and administrators to create baseline security group policies and audit the policies that are running on the workloads against these baselines. Any deviations or changes from the baseline can create an alert in the McAfee CWS console for remediation. Administrators also can manually configure native network security groups from McAfee CWS, which enables them to directly control cloud-native security group policies.

What Sets McAfee Cloud Workload Security Apart: Key Features
and Technologies

Cloud-native build support

Using McAfee CWS, customers can consolidate management of multiple public and private clouds in a single management console, including AWS EC2, Microsoft Azure Virtual Machines, OpenStack, and VMware Vcenter. McAfee CWS can import and allow customers to run in the cloud with new cloud-native build support for Amazon Elastic Container Service for Kubernetes (Amazon EKS) and Microsoft Azure Kubernetes Service (AKS).

Simple, centralized management

A single console provides consistent security policy and centralized management in multicloud environments across servers, virtual servers, and cloud workloads. Administrators can also create multiple role-based permissions in McAfee® ePolicy Orchestrator® (McAfee ePO™) software, enabling them to define user roles more specifically and appropriately.

Network visualization with microsegmentation

Cloud-native network visualization, prioritized risk alerting, and micro-segmentation capabilities deliver awareness and control to prevent lateral attack progression within virtualized environments and from external malicious sources. Single-click shutdown or quarantine capability help alleviate the potential for configuration errors and increases the efficiency of remediation.

Superior virtualization security

McAfee CWS suite protects your private cloud virtual machines from malware using McAfee® Management for Optimized Virtual Environments AntiVirus (McAfee® MOVE AntiVirus). And it does this without straining underlying resources or requiring additional operating costs. McAfee MOVE AntiVirus allows organizations to offload security to dedicated virtual machines for optimized scanning of their virtualized environment.

Users gain anti-malware protection via McAfee® Endpoint Security for Servers. This solution can intelligently schedule resource-intensive tasks, such as on-demand scanning, to avoid impact to critical business processes.

Tag and automate workload security

Assign the right policies to all workloads automatically with the ability to import AWS and Microsoft Azure tag information into McAfee ePO software and assign policies based on those tags. Existing AWS and Microsoft
Azure tags synchronize with McAfee ePO software tags so they’re automatically managed.

Auto-remediation

The user defines McAfee ePO software policies. If McAfee CWS finds a system that is not protected by the McAfee ePO software security policies, and it is found to contain a malware or virus, this system will automatically be quarantined.

Adaptive threat protection

McAfee CWS integrates comprehensive countermeasures, including machine learning, application containment, virtual machine-optimized anti-malware, whitelisting, file integrity monitoring, and micro-segmentation that protect your workloads from threats like ransomware and targeted attacks. McAfee® Advanced Threat Protection defeats sophisticated attacks that have never been encountered before
by applying machine learning techniques to convict malicious payloads based on their code attributes and behavior.

Application control

Application whitelisting prevents both known and unknown attacks by allowing only trusted applications to run while blocking any unauthorized payloads. McAfee® Application Control provides dynamic protection based on local and global threat intelligence, as well as the ability to keep systems up to date, without disabling security features.

File integrity monitoring (FIM)

McAfee® File Integrity Monitoring continuously monitors to ensure your system files and directories have not been compromised by malware, hackers, or malicious insiders. Comprehensive audit details provide information about how files on server workloads are changing and alert you to the presence of an active attack.

What Sets McAfee Cloud Workload Security Apart: Key Features
and Technologies

McAfee CWS ensures that you maintain the highest quality of security while taking advantage of the cloud. It covers multiple protection technologies, simplifies security management, and prevents cyberthreats from impacting your business—so you can focus on growing it. Below is a feature comparison of the available package options.

mcafee five ways to rethink your endpoint protection strategy

Five Ways to Rethink Your Endpoint Protection Strategy

Device security is no longer about traditional antivirus versus next-generation endpoint protection. The truth is you need a layered and integrated defense that protects your entire digital terrain and all types of devices—traditional and nontraditional. ESG Senior Principal Analyst Jon Oltsik frames it this way: “… endpoint security should no longer be defined as antivirus software. No disrespect to tried-and-true AV, but endpoint security now spans a continuum that includes advanced prevention technologies, endpoint security controls, and advanced detection/response tools.”

In today’s survival of the fitte st landscape , he re are five ways to not just survive , but thrive:

1. More tools do not make for a better defense.

Scrambling to adapt to the evolving landscape, many security teams have resorted to bolting on the latest “best-of-breed” point solutions. While each solution may bring a new capability to the table, it’s important to look at your overall ecosystem and how these different defenses work together.

There are serious shortfalls in deploying disparate, multivendor endpoint security technologies that don’t collaborate with each other. Because point solutions have limited visibility and see only what they can see, the burden of connecting the dots falls on you. Adversaries are quick to take advantage of the windows of opportunity these manual processes create, evading defenses or slipping through the cracks unnoticed.

2. It’s not about any one type of countermeasure.

As a never-ending array of “next-generation” solutions started to emerge and flood the marketplace, you were likely told more than once that antivirus isn’t enough and what you need to do is switch to next-gen. In reality, it’s not about achieving a next-generation approach or finding the best use for antivirus. It’s really about implementing a holistic device security strategy that connects and coordinates an array of defenses. This includes signature-based defense (which eliminates 50% of the attack noise—allowing algorithmic approaches to run more aggressively with less false alarms), plus exploit protection, reputations, machine learning, ongoing behavioral analytics, and roll-back remediation to reverse the effects of ransomware and other threats.

Each device type has its own security needs and capabilities. You need to be able to augment built-in device security with the right combination of advanced protection technologies. The key to being resilient is to deliver inclusive, intelligently layered countermeasures— and antivirus is a tool that has its place in with benefits and limitations just like all countermeasures do in this unified, layered approach to device security.

3. All devices are not created equal.

Today, “endpoint” has taken on a whole new meaning. The term now encompasses traditional servers, PCs, laptops mobile devices (both BYOD and corporate- issued), cloud environments, and IoT devices like printers, scanners, point-of-sale handhelds, and even wearables.

Adversaries don’t just target one type of device—they launch organized campaigns across your entire environment to establish a foothold and then move laterally. It’s important to harness the defenses built into modern devices while extending their overall posture with advanced capabilities. Some endpoints, like Internet of Things (IoT) devices, lack built-in protection and will need a full-stack defense. Ultimately, the goal is to not duplicate anything and not leave anything exposed.

4. All you need is a single management console.

If you’ve been deploying bolted-on endpoint security technologies or several new, next-generation solutions, you may be seeing that each solution typically comes with its own management console. Learning and juggling multiple consoles can overtax your already stretched- thin security team and make them less effective, as they are unable to see your entire environment and the security posture of all your devices in one place. But it doesn’t have to be this way. Practitioners can more quickly glean the insights they need to act when they can view all the policies, alerts, and raw data from a centralized, single-pane-of-glass console.

5. Mobile devices are among the most vulnerable.

Mobile devices are an easy target for attackers and provide a doorway to corporate networks. We’re seeing more app-based attacks, targeted network-based attacks, and direct device attacks that take advantage of low-level footholds. For this reason, it’s essential to include mobile devices in your security strategy and protect them as you would any other endpoint.

 

veeam-data-protection-for-sharepoint-2

Veeam Data Protection for Sharepoint

Microsoft Office 365 adoption is bigger than ever. When Veeam introduced Veeam Backup for Microsoft Office 365 in November 2016, it became an immense success and Veeam has continued building on top of that. When we released version 1.5 in 2017, we added automation and scalability improvements which became a tremendous success for service providers and larger deployments. Today, Veeam is announcing v2 which takes our solution to a completely new level by adding support for Microsoft SharePoint and Microsoft OneDrive for Business. Download it right now!

Data protection for SharePoint

By adding support for SharePoint, Veeam extends its granular restore capabilities known from the Veeam Explorer for Microsoft SharePoint into Office 365. This allows you to restore individual items – documents, calendars, libraries and lists – as well as a complete SharePoint site when needed. With the new release, Veeam can also help you back up your data if you are still in the migration process and are still using Microsoft SharePoint on premises or running in a hybrid scenario.

Data protection for OneDrive for Business

The most requested feature was support for OneDrive for Business as more and more companies are using it to share files, folders and OneNote books internally. With Veeam Explorer for Microsoft OneDrive for Business, you can granularly restore any item available in your OneDrive folder (including Microsoft OneNote notebooks). You have the option to perform an in-place restore, restore to another OneDrive user or another folder in OneDrive, export files as an original or zip file, and if you get hit by a ransomware attack and your complete OneDrive folder gets encrypted Veeam can perform a full restore as well.

Enhancements

Besides the introduction of new platform support, there are also several enhancements added.

Major ease-of-use and backup flexibility improvements with a newly redesigned job wizard for easier and more flexible selection of Exchange Online, OneDrive for Business and SharePoint Online objects. Making it easier than ever to set-up, search and maintain visibility into your Office 365 data. Granularly search, scale and perform management of backup jobs for tens-of-thousands of Office 365 users!

Restore data located in Microsoft Teams! You can protect Microsoft Teams when the underlying storage of the Teams data is within SharePoint Online, Exchange Online or OneDrive for Business. While data can be protected and restored, the Teams tabs and channels cannot. After restoring the item, it can however be reattached manually.

Compare items with Veeam Explorer for Microsoft Exchange. It is now possible to perform a comparison on items with your production mailbox to see which properties are missing and only restore those without restoring the full file.

As with the 1.5 release, everything is also available for automation by either leveraging PowerShell or the Restful API which now fully supports OneDrive for Business and SharePoint.

Another enhancement is the possibility to change the GUI color as you like. This option made its way into Veeam Backup for Microsoft Office 365 after being introduced in Veeam Backup & Replication.

Starting with version 2, Veeam Backup for Microsoft Office 365 is now able to automatically check for updates, so you can rest assured you are always up to date.

And finally, the log collection wizard has been updated as it now allows you to collect logs for support in case you run into an issue, as well as configure extended logging for all components.

Source: https://www.veeam.com/blog/onedrive-sharepoint-backup.html

mcafee-blog1

Embedded Whitelisting Meets Demand for Cost Effective, Low-Maintenance, and Secure Solutions

McAfee® Embedded Control frees Hitachi KE Systems’ customers to focus on production, not security
Hitachi KE Systems, a subsidiary of Hitachi Industrial Equipment Systems, part of the global Hitachi Group, develops and markets network systems, computers, consumer products, and industrial equipment for a wide variety of industries. Hitachi KE meets the needs of customers who seek high quality yet cost-effective, low-maintenance systems for their operational technology (OT) environments—they don’t want to have to think about security at all.

In addition to the custom tablet and touch panel terminals and other hardware and software Hitachi KE sells, the Narashino, Japan-based company, also offers a one-stop shop for its solutions—from solution construction (hardware and software development) to operation and integration to maintenance and replacement. To provide the best solutions across this wide spectrum of offerings, the company often turns to partners to augment its technology.

“To expand our Internet of Things [IoT] solutions and operational features and functionality, we enhance our own products and systems with the latest digital and network technologies,” says Takahide Kume, an engineer in the Terminal Group at Hitachi KE. “We strive to provide the technologically optimal as well as most cost-effective solution for our customers.”

Highest Customer Concern: Production

Although the risk of a zero-day attack in their OT environments has increased dramatically as IoT has become commonplace, most of Hitachi KE’s customers do not have information security personnel on staff. For them, the only thing that counts is production. Does the technology solution enable faster, higher-quality, or more cost-effective production?

“Despite many malware-related incidents in the news, many of our customers honestly don’t care as much as they should about cybersecurity,” acknowledges Kume. “We have to educate their management that lack of security, if malware strikes, could seriously hurt production and business in general. Thankfully, making that point is becoming easier and easier with malware incidents on the rise.”

“We decided that embedded whitelisting was the best solution for reduced operating cost and high security in an OT environment… We felt McAfee offered the best long-term support and the highest quality technical support.”
—Takahide Kume, Engineer, Hitachi KE Systems

Best Solution for Minimal Overhead Yet High Security

Even before its customers began to catch on to the need for secure solutions, Hitachi KE began looking for a way to build security into its systems that have Microsoft Windows, Linux, and Google Android operating systems and often multiple versions within the customer’s environment. “Because our customers often lack security personnel, security must be extremely easy and basically run itself,” explains Kume “When a system is infected in the field, the person on the front line usually can’t do anything about it.”

“We decided that embedded whitelisting was the best solution for reduced operating cost and high security in an OT environment,” adds Kume. After examining leading whitelisting solutions, Hitachi KE chose McAfee® Embedded Control software.

“We felt McAfee offered the best long-term support and the highest quality technical support along with robust security,” he continues. “With McAfee Embedded Control installed, no one has to take care of the system in the field… Industrial systems are often set and left alone for a long time—they can be overtaken by malware without anyone realizing it. For such systems, McAfee Embedded Control is the best solution.”

McAfee Embedded Control maintains the integrity of Hitachi KE systems by only allowing authorized code to run and only authorized changes to be made. It automatically creates a dynamic whitelist of the authorized code on the system on which it resides. Once the whitelist is created and enabled, the system is locked down to the “known good” baseline, thereby blocking execution of any unauthorized applications or zero-day malware attacks.

“Almost Maintenance-Free” Solution Reduces TCO

Users of Hitachi KE Systems with McAfee Embedded Control can easily configure the machines, specifying exactly which applications and actions that will be allowed to run and who has authority to make modifications in the future. The minimal impact of the McAfee software on performance also means fewer problems to troubleshoot.

“McAfee Embedded Control is an almost maintenancefree solution,” says Kume. “It is extremely easy to update when needed and doesn’t require our customers to have a security expert on staff. Minimal maintenance lowers the total cost of ownership for our customers.”

Even if security hasn’t been their top priority, Hitachi KE customers have been very pleased with the addition of McAfee Embedded Control to their solutions. “Having McAfee security built in gives our customers and end users peace of mind that they can connect our systems to the Internet,” says Kume. “McAfee has had many success stories within the Hitachi Group, and this is just one of them.”

“Having McAfee security built in gives our customers and end users peace of mind that they can connect our systems to the Internet.”
—Takahide Kume, Engineer, Hitachi KE Systems

gemalto-blog5

The Future of Cybersecurity – A 2019 Outlook

From the record-breaking number of data breaches to the implementation of the General Data Protection Regulation (GDPR), 2018 will certainly go down as a memorable year for the cybersecurity industry. And there have been plenty of learnings for both the industry and organisations, too.

Despite having two years to prepare for its inception, some companies were still not ready when GDPR hit and have faced the consequences this year. According to the law firm EMW, the Information Commissioner’s Office received over 6,000 complaints in around six weeks between 25th May and 3rd July – a 160% increase over the same period in 2017. When GDPR came into force, there were questions raised about its true power to hold companies to account – with the regulation saying fines could be implemented up to £16.5 million or 4% of worldwide turnover. The latter half of this year has shown those concerns were unfounded, with big companies, including Uber as recently as this week, being fined for losing customer data. What 2018 has shown, is the authorities have the power and they’re prepared to use it.

In fact, the role of GDPR was to give more power back to the end user about who ultimately has their data, but it was also ensuring companies start taking the protection of the data they hold more seriously. Unfortunately, while the issue around protecting data has grown more prominent, the methods to achieving this are still misguided. Put simply, businesses are still not doing the basics when it comes to data protection. This means protecting the data at its core through encryption, key management and controlling access. In our latest Breach Level Index results for the first half of 2018, only 1% of data lost, stolen or compromised was protected through encryption. The use of encryption renders the data useless to any unauthorised person, effectively protecting it from being misused. Another reason to implement this is it is actually part of the regulation and will help businesses avoid fines as well. With such a large percentage still unprotected, businesses are clearly not learning their lessons.

So, moving on from last year, what might the next 12 months bring the security industry? Based on the way the industry is moving, 2019 is set to be an exciting year as AI gains more prominence and, quantum and crypto-agility start to make themselves known.

2019 Predictions
1. Quantum Computing Puts Pressure on Crypto-Agility

Next year will see the emergence of the future of security – crypto-agility. As computing power increases, so does the threat to current security protocols. But one notable example here is encryption, the static algorithms of which could be broken by the increased power. Crypto-agility will enable businesses to employ flexible algorithms that can be changed, without significantly changing the system infrastructure, should the original encryption fail. It means businesses can protect their data from future threats including quantum computing, which is still years away, without having to tear up their systems each year as computing power grows.

2. Hackers will launch the most sophisticated cyber-attack ever using AI in 2019

Up until now, the use of AI has been limited, but as the computing power grows, so too do the capabilities of AI itself. In turn this means that next year will see the first AI-orchestrated attack take down a FTSE100 company. Creating a new breed of AI powered malware, hackers will infect an organisations system using the malware and sit undetected gathering information about users’ behaviours, and organisations systems. Adapting to its surroundings, the malware will unleash a series of bespoke attacks targeted to take down a company from the inside out. The sophistication of this attack will be like none seen before, and organisations must prepare themselves by embracing the technology itself as a method of hitting back and fight fire with fire.

3. Growing importance of digital transformation will see the rise of Cloud Migration Security Specialists in 2019

As organisations embrace digital transformation, the process of migrating to the cloud has never been under more scrutiny; from business leaders looking to minimise any downtime and gain positive impact on the bottom line, to hackers looking to breach systems and wreak havoc. As such, 2019 will see the rise of a new role for the channel – the Cloud Migration Security Specialist. As companies move across, there is an assumption that they’re automatically protected as they transition workloads to the cloud. The channel has a role to play in educating companies that this isn’t necessarily the case and they’ll need help protecting themselves from threats. It’s these new roles that’ll ensure the channel continues to thrive.

4. A Boardroom Issue That Needs to Yield Results

With 2018 fast disappearing, the next year is going to be another big one no matter what happens, as companies still struggle to get to terms with regulations like GDPR. With growing anticipation around the impact of technologies like quantum and AI, it’s important that companies don’t forget that the basics are just as vital, if not more, to focus on. So, while 2018 has been the year where cybersecurity finally became a boardroom issue, 2019 needs to be the year where its importance filters down throughout the entire company. For an issue like cybersecurity, the company attitude towards it needs to be led from the top down, so everyone buys into it. If that happens, could next year see no breaches take place? Extremely unlikely. But maybe it could be the year the industry starts to turn the tide against the hacking community.

gemalto-blog4

The Cost of a Data Breach

How much does a data breach cost? So far, $242.7 million and counting if your company happens to be Equifax. That is how much the company has spent since its data breach that exposed sensitive personal and financial information for nearly 148 million consumers, according to its latest SEC filing. All because it left consumer information unencrypted and in the clear, which was highlighted in testimony before for the U.S. Senate Commerce Committee last year (watch the video below).

To put the size and scope of Equifax’s remediation efforts in comparison, in just seven months Equifax has spent nearly what Target spent ($252 million) in two years after its 2013 data breach. Equifax will likely continue to spend millions for the next several quarters on the cleanup.

For many years analysts and security professionals have tried to estimate what a data breach can cost a company. From the expense of having to upgrade IT infrastructure and security to paying legal fees and government fines – there are a lot of costs that are both tangible and intangible. In addition, there are the impacts to a company’s stock price and the erosion of customer trust (“Will they come back?”). For management teams it can also have a very real impact professionally. For example, the chairman and CEO of Target resigned months after the data breach, and the CEO resigned of Equifax resigned within weeks of its data breach.

Many studies have been done to calculate the cost of a data breach, including the annual Ponemon Institute’s Cost of a Data Breach report which calculates the cost down to the data record. According to the latest Ponemon annual report, the average cost of a data breach is currently $3.62 million globally, which comes to $141 a record. In the U.S., the cost is almost double that at $7.35 million. But do these research reports actually gauge what a data breach will cost a company? At the end of the day, equating data breach damages to a “per record” cost makes data breaches just an actuarial exercise of acceptable risk.

And this kind of goes with the prevailing sentiment that data breaches don’t cost companies that much. The thinking goes like this. For the breached company, the stock price will take a hit, customers will be enraged and money will be spent notifying customers and upgrading security. But, eventually the company recovers and it’s back to normal. After all, so the thinking goes, what is a couple million dollars in IT upgrades and fines to a company that worth $50 billion.

This type of thinking must change because we are at a tipping point on the implications of data breaches. The costs have become more real to companies and the boards who run them. CEOs and other members of the management team are now losing their jobs because data breaches now have more potential to be more life-threatening, if not killers, for companies. Take for example the TalkTalk data breach, which caused the company to lose more than 100,000 customers, and the fact that Yahoo! had to lower its purchase price by $350 million in its acquisition by Verizon. The last and most important factor is that governments are now taking notice and doing something about it. The European Union’s General Data Protection Regulation (GDPR) is a prime example of this, and countries around the world are looking at it as the model for their own regulations.

If costs and risks of data breaches are increasing (and they are), companies need a radical shift in their approach to data security if they are going to more successful in defending sensitive data they collect and store. With organizations extending their business to being cloud- and mobile-first, their attack surface and likelihood of accidental data exposure continues to grow. These trends all point to a consistent theme – security needs to be attached to the data itself and the users accessing the data. Only then can companies maintain control of their data in the cloud, manage user access to cloud apps, and keep it secure when it falls into the hands of adversaries. By implementing a three step approach – encrypting all sensitive data at rest and in motion, securely managing and storing all of your encryption keys, and managing and controlling user access – companies can effectively prepare for a breach. It’s being done by many companies today and is also a requirement for transitioning from a strategy optimized for breach prevention to a strategy optimized for a “Secure the Breach” strategy.

gemalto-blog3

Why Data Encryption and Tokenization Need to be on Your Company’s Agenda

As children we all enjoyed those puzzles where words had their letters scrambled and we had to figure out the secret to make the words or sentences legible. This simple example of encryption is deployed in vastly more complex forms across many of the services we use everyday, working to protect sensitive information. In recent years the financial services industry has added a new layer of encryption called tokenization. This concept works by taking your real information and generating a one-time code, or token, that is transmitted across networks. The benefit is that if the communication is intercepted your real details are not compromised.

According to our Breach Level Index there were 1,765 breaches in 2017. And these breaches are getting faster and larger in scope, over two billion records were lost last year. The fallout for companies is significant so it is in their interests to do whatever they can to protect their customer’s data.

Of course, encryption is a very complicated field of research, and one shouldn’t expect board level executives to understand how the cryptographic algorithms work. But they must understand just how vitally important it is that data is secure, whether at rest or in motion.

Those working on encryption face a challenge to ensure that access to applications, databases and files is unimpeded by the need to encrypt and decrypt data. There is a performance issue here, and so companies need to evaluate and test while decided what data, when, how and where should be encrypted.

The worrying thing is that despite the clear need for such work, there is a distinct lack of cyber security professionals worldwide—and especially in encryption. Indeed, you’ll often see job postings for security positions where experience of encryption isn’t even mentioned.

As the statistics show, this is having a huge effect on companies. In 2017, less than 3% of data breaches involved encrypted data. If we accept that companies are going to get hacked it is imperative that any data that is stolen is rendered useless through encryption.

Encryption would have mitigated the damage to brand image, reputation, company financial losses, government fines and falls in stock prices as well as damage to their executives image and reputation. It is also a major disincentive to criminals as the effort needed to crack the algorithms makes it entirely unprofitable while there are so many other available targets.

So if the problem is so clear, and the solution so obvious, why are companies delaying investing in encrypting data?

Well, many executives I speak to daily in Latin America tell me that the security of their Big Data is handled by their cloud service provider. And if there was a leak, it would be the supplier’s responsibility.

This completely overlooks that customers, authorities, investors and the wider public do not care about this distinction. They will all associate any breach with the company, never a supplier of services. So, while ultimately liability may fall at the feet of the cloud service provider, the immediate and potentially catastrophic impact will be felt by the breached company.

It is therefore crucial that companies start taking serious responsibility for the data of their customers. Whether internal staff or cloud provider, conversations need to be had about how data is encrypted. This includes:

• Checking that the cryptographic algorithms used are certified by international bodies 
• Checking to ensure that your cryptographic keys are stored in an environment fully segregated from where you store your encrypted information (whether held by third parties or in your own systems, files, or databases).

PwC suggests that one of the biggest concerns CEOs fear is a cyber-attack. Given the severity of the threat, we must recognize that we are all responsible for promoting data security. And that means adopting best practices for data protection, deploying encryption, and optimizing management of cryptographic keys.

avigin-blog2

The Demand for AI and Video Analytics in an Increasingly Connected World

Through advanced AI technology, video analytics and our cloud platform, Avigilon is changing the way our customers interact with their surveillance systems. Read our blog post, and the full article originally featured in SourceSecurity.com.

Today’s security industry has reached a critical mass in the volume of collected data and the limits of human attention to effectively search through that data. As such, the demand for video analytics is increasing globally and we believe that most video surveillance systems will eventually feature video analytics.

Artificial Intelligence Solutions

Through the power of artificial intelligence (AI), Avigilon is developing technologies and products that dramatically increase the effectiveness of security systems by focusing human attention on what matters most. As AI solutions become adopted, it provides scalable solutions that can be deployed across a range of verticals and applications to better address security challenges.

GPU Technology Increases in Value

As the world becomes increasingly connected, the way we think about and interact with our security systems will continue to evolve across various verticals and applications. The emergence of GPU technology, in particular, has led to a dramatic increase in performance and value. With the democratisation of video analytics, and increased use of AI and deep learning, we believe that video analytics will be inherent in digital surveillance and used in broader applications. Cybersecurity will become more important as we move toward a more connected approach to security—particularly as our collected data becomes more sophisticated and critical.