Security Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Showing results for 
Search instead for 
Do you mean 

team-collaboration-256x256.png

 

 

Our people are our greatest asset; this is the universal mantra amongst organizations who value their staff and reputation, and never has this been truer than in the fight against cyber-crime. If any team has ever been asked to up its game and be one step ahead of an ingenious and cunning enemy, it’s the network and IT security team tasked with overcoming cyber-criminals.

 

 

At the same time we also know that there are simply not enough cyber-security experts to fill all the jobs available, and this is a huge issue. A recent article from Harvard Business Review highlights this challenge – stating that there will be more than 1.5 million unfilled positions globally by 2020!

 

This represents the largest single shortfall in human resource. Quite simply there are not enough people in cyber-security today, and even with the new-hires currently graduating university and college globally the gap is not going to shrink any time soon.

 

Security teams already suffer from ‘alert fatigue’ and that can lead them to become ambivalent, ultimately introducing risk as they may miss the single critical alert hidden inside thousands of other purely informational alerts.

 

To meet the challenge we need to think differently, invest differently and adopt new technology, but what does this mean? We hear buzz words like virtualization, machine learning, artificial intelligence. But are they really just buzz words, or can they actually help you to be better prepared for the cyber-threat challenge?

 

On August 24th at 14:00 BST we are running the next in Juniper Networks’ series of  security webinars. If you are interested to hear and discuss this challenge then please join myself and Lee Fisher to hear our thoughts, recommendations and ideas. You can register here.

The Automat(i)ons are coming!

by Juniper Employee on ‎06-22-2017 01:00 AM

artificial-intelligence-2167835_1280.jpg

Automation is an area where IT has always been somewhat nervous, and historically this is with good reason. In the past, I worked for two antivirus vendors where a weekly signature update was released that caused clients to overwrite legitimate files with zero-byte replacements.

 

Read more...

Lately, it seems that every time we turn around, there’s a cyber-assault, potentially more dangerous and more devious than the last. There’s the real threats and attacks like WannaCry. And there’s the apparently fabricated news you see on television and in theaters. We appear to be surrounded by virtually any sort of potential cybercrime. But we shouldn’t have to accept this as normal.

 

On top of this very active threat climate, organizations are drowning in the complexity of dozens of “best-of-breed” security solutions that get pulled together in an effort to build a proper defense solution. On top of this, organizations face a flood of alerts on many different consoles, and need to try and keep numerous security policies up-to-date. Did you know that most policies are written once and rarely updated? These go mostly unnoticed until there’s a security incident and the root cause analysis points to an ancient policy that was left unattended.

Read more...

Could Smart-City malware be spread via motorways and highways?

by Juniper Employee ‎03-24-2017 02:00 AM - edited ‎08-03-2017 03:38 AM

Scurvygrass(Danish)_2011_03_29_WestKirby_HilbreIsland_Hoylake_027p50.jpg

 

 In recent years we have seen news reports of wildflowers and weeds being 'spread' by the wind-tunnel effect of cars on our motorways and highways, is there a potential for malware to spread between smart cities in the same way?

 

If you enjoyed reading this blog and would like to read related security blogs please visit here

Read more...

The first connected car could be taken for ransom

by Juniper Employee ‎03-20-2017 02:00 AM - edited ‎08-03-2017 03:37 AM

here 

sedan3.png

 

 In my last blog, I discussed how a supply chain attack could affect the business – and brand –of a global company. This week, we’re going to take this a level down and consider something else which I believe could be a threat - the intelligence that is being built into our cars.

 

If you enjoyed reading this blog and would like to read related security blogs please visit here

Read more...

Juniper Networks consistently strives to be a thought leader and challenger in the networking industry, which is why we’ve shifted our vision from “digital disruption” to “digital cohesion.” Disruption implies a disturbance or a problem to the norm, and being reactive to things already happening.

Read more...

Automating Cyber Threat Intelligence with SkyATP: Part One

by Juniper Employee ‎10-17-2016 09:55 AM - edited ‎11-23-2016 08:39 AM

Each year, the economics of "fighting back" against Hacktivism, CyberCrime, and the occasional State-Sponsored attack become more and more untenable for the typical Enterprise. It's nearly impossible for the average Security Team to stay up to date with the latest emerging threats while also being tasked with their regular duties. Given the current economic climate, the luxury of having a dedicated team to perform Cyber Threat Intelligence (CTI) is generally out of reach for all but the largest of Enterprises. While automated identification, curation, and enforcement of CTI cannot truly replace human Security Analysts (yet), it has been shown to go a long way towards increasing the effectiveness and agility of your Security infrastructure. 

Read more...

Eight Ways to Heighten Cybersecurity

by Juniper Employee on ‎10-01-2015 06:00 AM

As our world has become ever more connected, we’ve all learned common online safety tips. It’s now second nature to use strong passwords and antivirus software; take care when connecting to public Wi-Fi; and remain alert to social engineering scams (e.g., phishing).

Read more...

The SRX makes tunnel control better and easier

by Juniper Employee ‎04-09-2015 02:03 PM - edited ‎04-09-2015 03:13 PM

Juniper SRX Makes Tunnel Control BetterAre you doing everything you can to control unauthorized traffic entering and leaving your network?

Read more...

Security ain't easy, but it can be fast.

by Juniper Employee ‎03-12-2015 09:00 AM - edited ‎03-18-2015 12:17 PM

No way around it -- network security is hard work.

Read more...

NCSAM2014.png

Serious concerns have emerged in the past several years about the integrity and trustworthiness of IT products and the ability of an adversary to compromise or insert vulnerabilities into IT products through infiltration of the supply chain. In particular, federal and critical IT customers have expressed concerns about adversaries intercepting products while in transit and reselling or hacking them. 

Read more...

A Hale and Hearty Network

by skathuria on ‎07-15-2014 11:48 AM

                                                        healthy_heart_image.jpg

As I was reading this article describing examples of certain healthcare practitioners using data mining and analytics of patients’ lifestyles (e.g. foods they eat, activity levels, where they live, etc.) to help predict their risk factor for ailments, I started to draw a parallel to the state of the network. I was thinking about how security analytics of a network may help predict the onset of a data breach. The common goal in both cases, human and network, is to maintain a certain level of health – call it an “equilibrium” state, one that doesn’t require immediate intervention or repair.

 

Inspired by the table shared in the article describing what certain collected data about a patient could indicate about his/her health habits, I came up with a table containing types of network state related which could be indicators for a potential data exploit/breach.

 

State of Network

Analysis

Weak password for an online account

This could allow a hacker to uncover the password (by using automated tools), gain access to user data (name, address, phone #, bank account/credit card data) and perform unauthorized transaction (e.g., purchase of product/service or withdrawal of money from bank account) on the user’s behalf.

Multiple unsuccessful attempts to search for usernames and passwords via Web browser exploitation techniques

This could result in a data breach.

Improper isolation of HR records, financial, medical, credit/debit card, or other PII data within Enterprise data center/private cloud network

This could inadvertently allow an insider (e.g. employee) access to the network for obtaining and selling data on black market for profit.

Excessive communication requests to a Web server or other resource, slowing it down considerably or rendering it unavailable

This could indicate someone is trying to gain access to the server for malicious intent.

No application layer protection at Enterprise edge

This could allow a hacker to launch an application-layer attack and access data for further exploitation.

 

Enterprise and service providers would benefit greatly from self-monitoring and constantly improving the health of networks, to minimize the possibility of a data breach.

 

One of the ways to do this is via technology, including application-aware, next generation firewalls, and strong SIEM solutions and network security management solutions (for firewall management), which provide visibility, analyze network security posture, and alert administrators about unusual network activity.

 

In addition, humans themselves should be held accountable for security. For one, it is imperative that the IT security team is proactively monitoring the network security posture, carefully balancing access to certain network resources, applications and data with control over the same. In addition, trust plays a big role in maintaining security and privacy, so it is ultimately the responsibility of individuals (business owners and employees) to not exploit data for personal gain.

Read more...

About Security Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon


Our Bloggers

Kevin Walker
Vice President
Security CTSO, Engineering

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Announcements
Juniper Networks Technical Books
Labels