The Sys Admin Did It!
Like the butler in classic murder mysteries, we’re quick to suspect the person with unfettered access, and that’s often the proverbial “red herring”. The 2011 Verizon Data Breach Investigations Report (DBIR) provides system administrators with a statistical alibi. Apparently, the System/Network Administrator was the culprit in only 3% of their ... Read More
From Point of Entry to Compromise
The leather-clad Trinity, of Matrix fame, runs an Nmap port scan against a target IP address, detects a vulnerable SSH service and, a few keystrokes later, has root access to the power grid. This is the view many hold of the cyber threats we face, but the 2011 Verizon Data ... Read More
Log Management: Bad News, Good News
The “bad news” is that log management has failed miserably. The “good news” is that it can’t get any worse. That’s the obvious conclusion from the 2011 Verizon Data Breach Investigation Report (DBIR) where they report that NONE of the breaches they investigated were detected via log analysis. In a ... Read More
Secret Service – Guarding Presidents and Payments
The Secret Service may be best known for their role as the President’s guardians, but it’s their role protecting the U.S. currency that has them guarding all forms of payment and financial systems, and actively pursuing cybercriminals. While this group may not need to “take a bullet” for us, we ... Read More
2011 Verizon DBIR: Insights and Opportunities
The annual Verizon Data Breach Investigations Report (DBIR) is making headlines, generating tweets and motivating blog posts – like this one. Weighing in at 74 pages, it’s a significant report, and if you’re serious about getting a “state of the union” handle on network security, I encourage you to read ... Read More
Barracuda: Got SIEM?
The announcement of a breach at Barracuda Networks is only the most recent among several high profile network security companies. We applaud Barracuda’s announcement and the description of what happened. It’s important that the industry share this information and accept that breaches happen – even among some of the most ... Read More