Page 3 - Cyber Warnings
P. 3
Unwinding from a Spectacular RSA Conference 2016
Friends,
This year’s RSA Conference broke all the records by way of number
of new ventures and total attendees (we hear there were over 40,000)
and we ran completely out of print editions for the first time ever,
handing out thousands of copies.
As we reflect on a spectacular conference, I admit our staff felt a bit
overwhelmed with so many vendors claiming to have the best Endpoint Detect and Respond
(EDR) solutions. The problem we have with these solutions is that they continue down the
slippery slope of reactivity to being exploited. While it’s nice to quarantine an infected endpoint
after the fact and try to remediate, it brings me back to our quest here at Cyber Defense
Magazine – to help uncover new ways to be PROACTIVE and one step AHEAD of the NEXT
THREAT. While this seems a daunting and challenging task, won’t it be better to not get
infected with the next piece of ransomware, than to follow the FBI’s current instructions – which
is to pay the ranson?
Here are some simple things most organizations are not doing, which is why the EDR market
has been sparked with hundreds of millions in new investment dollars: most organizations don’t
ever test their backup systems; most backup systems are not run frequently enough; most
systems are not protected against exploitation of CVEs (common vulnerabilities and exposures);
most data is not protected by STRONG ENCRYPTION and most employees don’t understand
why clicking a link is such a big deal.
If we can just hone our organizations in on simple, logical procedures like better backups,
testing them frequently, having a re-image system in place, ready to pounce an infected
endpoint that has RANSOMWARE with a wipe, re-image, restore, we won’t be paying ransom to
anyone. If we have STRONG ENCRYPTION running so that our systems are already protected
against data theft, then those who steal data but can’t view it, won’t be selling it on the black
market. Yet, we continue to read about Medical organization breaches, retailer breaches,
hospitality breaches, bank and credit union breaches and even US Gov breaches on a regular
basis. It’s time to look forward and focus on simple things to get ahead of the next threat. This
won’t require spending a lot of money, just finding the most innovative BREACH PREVENTION
solutions on the market, BETTER INFOSEC TRAINING and TESTING our BACKUP/RESTORE
process. With that said, I hope you find some additional new ideas that will help you not be the
next victim, in this edition of Cyber Warnings.
To our faithful readers, Enjoy
Pierluigi Paganini
Pierluigi Paganini, Editor-in-Chief, [email protected]
3 Cyber Warnings E-Magazine – March 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
