As I was reading this article describing examples of certain healthcare practitioners using data mining and analytics of patients’ lifestyles (e.g. foods they eat, activity levels, where they live, etc.) to help predict their risk factor for ailments, I started to draw a parallel to the state of the network. I was thinking about how security analytics of a network may help predict the onset of a data breach. The common goal in both cases, human and network, is to maintain a certain level of health – call it an “equilibrium” state, one that doesn’t require immediate intervention or repair.
Inspired by the table shared in the article describing what certain collected data about a patient could indicate about his/her health habits, I came up with a table containing types of network state related which could be indicators for a potential data exploit/breach.
State of Network
Weak password for an online account
This could allow a hacker to uncover the password (by using automated tools), gain access to user data (name, address, phone #, bank account/credit card data) and perform unauthorized transaction (e.g., purchase of product/service or withdrawal of money from bank account) on the user’s behalf.
Multiple unsuccessful attempts to search for usernames and passwords via Web browser exploitation techniques
This could result in a data breach.
Improper isolation of HR records, financial, medical, credit/debit card, or other PII data within Enterprise data center/private cloud network
This could inadvertently allow an insider (e.g. employee) access to the network for obtaining and selling data on black market for profit.
Excessive communication requests to a Web server or other resource, slowing it down considerably or rendering it unavailable
This could indicate someone is trying to gain access to the server for malicious intent.
No application layer protection at Enterprise edge
This could allow a hacker to launch an application-layer attack and access data for further exploitation.
Enterprise and service providers would benefit greatly from self-monitoring and constantly improving the health of networks, to minimize the possibility of a data breach.
One of the ways to do this is via technology, including application-aware, next generation firewalls, and strong SIEM solutions and network security management solutions (for firewall management), which provide visibility, analyze network security posture, and alert administrators about unusual network activity.
In addition, humans themselves should be held accountable for security. For one, it is imperative that the IT security team is proactively monitoring the network security posture, carefully balancing access to certain network resources, applications and data with control over the same. In addition, trust plays a big role in maintaining security and privacy, so it is ultimately the responsibility of individuals (business owners and employees) to not exploit data for personal gain.Read more...
As a three year “veteran” at Juniper, I have seen the evolution and uptake of Juniper security solutions by customers to solve their key business challenges. Security is CORE for Juniper and our customers.
Juniper’s security solutions solve customers’ most important challenges, as they demand hybrid cloud environments and build high IQ networks. Juniper’s security solutions don’t hinder cloud adoption. Rather, they enable secure, reliable clouds. Our newest security offerings (DDoS Secure, WebApp Secure, and Spotlight Secure) employ advanced techniques to detect and mitigate advanced threats with greater efficacy than traditional security solutions, helping customers achieve faster ROI, increase operational efficiency, maintain brand reputation and drive customer loyalty.
The Junos platform, on which many of our security offerings, including SRX firewalls, are based, offers a revolutionary software platform that allows customers to directly program their networks and run applications developed by an ecosystem of partners for rich user experiences, smart economics, and fast time to market. We don’t restrict customers in terms of how they want to build, optimize and scale their networks and associated security. In fact, recently, we even extended the ability for customers to leverage the proven Junos-based SRX firewall in virtualized environments by launching Firefly Perimeter in January 2014. Firefly Perimeter addresses the new security challenges required to protect virtualized and cloud environments for enterprises and service providers by leveraging the same advanced security and networking features of the Branch SRX Services Series Gateway in a virtual machine format.
In terms of market share, Juniper continues to lead in the high-end firewall and SSL VPN markets* and strengthen its offerings in these categories. For example, in anticipation of growth in the adoption of next generation firewalls, Juniper just released new enhancements to its SRX Series Services Gateways. These next-generation security products help customers protect against threats and control what’s on their network without adding a heavy administrative burden.
Also, Juniper’s high-end SRX5400 Services Gateway was recently awarded at the Interop Tokyo 2014 event. It received the Best of Show Award Grand Prix in the ShowNet Product category and the Best of Show Award Special Prize in the Security category. The SRX5400 is the latest offering in our SRX Series portfolio, based on a revolutionary new architecture, and uses new line cards to provide market-leading connectivity, performance and service integration.
Evolution through Innovation
Every day, Juniper Networks is helping our customers build the best networks on the planet. Every innovation we envision and every technology we create is informed by our desire to help solve our customers’ toughest challenges so they can compete and thrive today and into the future. Our solutions really make a difference by helping to “connect everything” and “empower everyone”.
And, just to underscore Juniper’s resolve to deliver what customers need, we’ve embarked on a journey where we ask our customers to partner with us -- to co-create and deliver secure hybrid cloud ecosystems and highly intelligent networks of the future. Gone are the days when customers would be at the receiving end of “marketing” speak, sold a product, and then just left to their own devices. Now, you can be part of the action early on. So, are you ready to join Juniper and together embark on the “Bridge to the Future”, as our CEO, Shaygan Kheradpir, so eloquently puts it?
*Source: Report: Infonetics Network Security Appliances and Software, Jeff Wilson, May 30, 2014Read more...
Microsoft has published a security advisory 2963983 which confirms new zero-day vulnerability in Internet explorer. The Vulnerability essentially affects all versions of Internet Explorer running on Windows. This vulnerability is being actively exploited in the Wild.Read more...
Bill Gates recently gave a talk at the American Enterprise Institute think tank in Washington, DC, saying:
“Software substitution, whether it’s for drivers or waiters or nurses… it’s progressing. Technology over time will reduce demand for jobs, particularly at the lower end of skill set… Twenty years from now, labor demand for lots of skill sets will be substantially lower. I don’t think people have that in their mental model.”
I have to agree, and have personally seen automation on the rise.
This just in: The U.S. Department of Homeland Security has advised against using the Internet Explorer (IE) Web browser due to a serious security flaw discovered by FireEye Research Labs this past weekend. The security company said, “Disabling the Flash plugin within IE will prevent the exploit from functioning."
As a security conscious individual, I was drawn to this news, especially as I was looking at the LinkedIn Pulse app on my Smartphone. Because I rely on the IE browser for certain software for work, I will do whatever I can to ensure the highest level of security. Hence, I have since followed the advice from FireEye.
The U.S. Federal Trade Commission (FTC) recently scored a “win” in its quest to make companies more accountable for cyber security. According to a WSJ article, a federal judge supported the FTC in its lawsuit against Wyndham Worldwide Corporation (and three of its subsidiaries) for failing to make reasonable efforts to protect consumer information.
The FTC Act of 1914 gave the FTC broad powers to protect consumers from companies that engage in unfair or deceptive trade practices. It has also allowed the FTC to bring a series of enforcement actions targeting companies' cyber security efforts. Though the judge’s recent Wyndham ruling has not authorized the FTC to "sustain a lawsuit against every business that has been hacked," it could have broad ramifications for the liability of companies whose security systems are breached. Think Target, Neiman Marcus, and others.Read more...
When I first graduated college and lived as a professional in the big city, I worked in technical support at Bay Networks. I will never forget my experience there and subsequently, Nortel. It was an amazing place with incredible people and I was happy there. Truly happy. But Nortel was going under and I needed to find a new opportunity. As I was driving home I saw an "Open House" sign at RSA Security and I applied for some jobs and ... I got one!!! Yay Me!
Six months later I moved to EMC and then VMware. I have had an amazing career and ironically, now I am back where it all started... a networking company. I work out of the office in Westford and the amount of people that I run in to from Bay and Nortel is amazing. It is almost like going back home, but better. The energy, the passion, the excitement, the drive to create and do amazing things is so alive at Juniper, I can't even explain it. What I love the best besides all those amazing things is the technology. I know without a doubt that I made the right decision to come to Juniper not only for the people but the technology... and I am just talking about the security products that have been virtualized... I haven't even touched all the other cool stuff.
Now that I have been here 60 days I figured that now would be a good time to take a quick glimpse at these products. Yes, I promise to go into more detail into these products in the future but #KnowledgeIsPower and the more you know, the better we all are.
Let's see, there is the popular and often talked about Firefly Perimeter and Firefly Host but what about
Junos Space with
It is important to understand the "listing" of the security products that have been virtualized because at this time there has been no categorization... yet... but there certainly are products available.
This has truly been an amazing 60 days at Juniper and I am happy that I made the move. There is so much to do and company is on a path I believe in and honestly, look forward to the next 60 months #PewPew
Is it the Internet Armageddon? NO! Thanks to an Emergency Signature Release, IDP saves the day!Read more...
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Read the full article at SecurityWeek.Read more...
As the Target and Neiman Marcus data breach stories continue to evolve, so too does the story of how to combat malware. Today, the industry is spending billions of dollars a year using signatures to try to stop attacks or post-mortem forensic analyses to try to learn how to prevent future attacks. Problem is, neither of these methods is really cutting it.
In order to stop malware, you need first to understand how many attacks work. Though not always, but certainly often enough, malware follows this path: It looks for vulnerabilities, infects a system, propagates to other network devices, finds wanted data, and, finally, executes and brings home that sensitive data. If malware can't complete this process, attackers won't be successful.
Right now, the industry's attention sits squarely in the wrong place. Instead of solely thinking about how to prevent the initial infection or spending countless dollars autopsying an exploit after the fact, there's an opportunity to rethink the problem—or process—and a solution that lies smack-dab in the middle. The key is focusing on ways to stop malware after the infection, but prior to a damaging data breach.
It won’t be long before the number of connected devices outnumbers the number of connected people by a vast margin. With every additional connection, the opportunity for network-based business and economic growth increases. Unfortunately, so does the risk of cybercrime. The new, connected world is a magnet for criminals and driving a boom in cybercrime tools and stolen data.
Learn more on Net Matters, and find out what you can do to buck this trend.
Introducing another new Security & Mobility Now blogger!
Please meet Erin K. Banks, senior technical marketing manager for virtualization security at Juniper Networks.Read more...
Allow me to introduce another of our new Security & Mobility Now bloggers.
Please meet Ajay Bharadwaj, product manager for mobile security at Juniper Networks.Read more...
In the world of information technology, there are many kinds of markets. Black markets, where illicit products are sold. Commercial markets, which we might call white markets. And grey markets, defined as:
…the trade of a commodity through distribution channels which, while legal, are unofficial, unauthorized, or unintended by the original manufacturer.
The recent RAND Corporation report, “Markets for Cybercrime Tools and Stolen Data; Hackers’ Bazaar,” talks about the maturing cybercrime black market, which is both fascinating and disturbing, especially given the size, scope, and aggressive nature of its participants. The report also calls out the notion of a grey market, particularly for zero-days, in which a “legitimate vulnerability market” supports the buying and selling of vulnerabilities. (Spoiler alert: This is already happening and it will create a new class of millionaires.)Read more...
We (the business world) have been too slow to associate a monitory value on digital assets in such a way that warrants protecting them. Think about it: Digital assets, or information of any sort, are not explicitly treated as assets on a balance sheet. They have no real value in the eyes of the owner. If we don’t treat information with the same care that we treat other corporate assets (buildings, equipment, cash and investments), and we can’t even articulate the value of a customer record, then naturally the cost of protecting that record will not become a point for discussion.Read more...
Discussing a wide range of topics impacting enterprises and
data center security.