57% Believe a Cyber Arms Race is Currently Taking Place, Reveals McAfee-Sponsored Cyber Defense Report

Finland, Israel and Sweden Lead the Pack in First Global Report on Cyber Defense - Written by the Security & Defence Agenda (SDA), the Report Reveals Major Challenges in Cyber Readiness

Here are some noted findings:
• 57% of global experts believe that an arms race is taking place in cyber space.
• 36% believe cyber-security is more important than missile defense.
• 43% identified damage or disruption to critical infrastructure as the greatest single threat posed by cyber-attacks with wide economic consequences (up from 37% in McAfee’s 2010 Critical Infrastructure Report).
• 45% of respondents believe that cyber-security is as important as border security.
• The state of cyber-readiness of the United States, Australia, UK, China and Germany all ranked behind smaller countries such as Israel, Sweden and Finland (23 countries ranked in report).

McAfee asked the SDA, as an independent think-tank, to produce the most informed report on global cyber defense available. The SDA had in-depth interviews with some 80 world-leading policy-makers and cyber-security experts in government, business and academia in 27 countries and anonymously surveyed 250 world leaders in 35 countries. As the only specialist security and defense think-tank in Brussels, SDA has become one of the world’s leading forums for the discussion of international defense and security policies. The methodology used for rating various countries’ state of cyber-readiness is that developed by Robert Lentz, President of Cyber Security Strategies and former Deputy Assistant Secretary of Defense for Cyber, Identity and Information Assurance. [see here for infographic on rankings]

Top 6 Actions Cited in Report
• Real-time global information sharing required
• Financial incentives for critical improvements in security for both private and public sectors
• Give more power to law enforcement to combat cross-border cyber crime
• Best practice-led international security standards need to be developed
• Diplomatic challenges facing global cyber treaties need to be addressed
• Public awareness campaigns that go beyond current programs to help citizens

Real-time sharing of global intelligence was a core recommendation of the report, citing the building of trust between industry stakeholders by setting up bodies to share information and best practices, like the Common Assurance Maturity Model (CAMM) and the Cloud Security Alliance (CSA). “The core problem is that the cyber criminal has greater agility, given large funding streams and no legal boundaries to sharing information, and can thus choreograph well-orchestrated attacks into systems,” says Phyllis Schneck, Vice President and Chief Technology Officer, Global Public Sector, McAfee. “Until we can pool our data and equip our people and machines with intelligence, we are playing chess with only half the pieces.”

Experts interviewed also agreed that developments like smart phones and cloud computing mean we are seeing a whole new set of problems linked to inter-connectivity and sovereignty that require new regulations and new thinking. Last year, McAfee issued a Q3 threat report that stated that the total amount of malware targeted at Android devices jumped 76 percent from Q2 of 2010 to Q2 of last year, to become the most attacked mobile operating system. Other key report findings from the SDA report include the following:

• Need to address expected shortage of cyber workforce: More than half (56%) of the respondents highlight a coming skills shortage.
• Low level of preparedness for cyber attacks: China, Russia, Italy and Poland fall behind Finland, Israel, Sweden, Denmark, Estonia, France, Germany, Netherlands, UK, Spain and the United States.
• Cyber-security exercises are not receiving strong participation from industry: Although almost everyone believes that exercises are important, only 20% of those surveyed in the private sector have taken part in such exercises.
• Risk assessment: Prioritize information protection, knowing that no one size fits all. The three key goals that need to be achieved are confidentiality, integration and availability in different doses according to the situation.
• Balance between security and privacy: Improve attribution capability by selectively reducing anonymity without sacrificing the privacy rights.

While many respondents believed that global treaties were an essential factor in the development of sound policy, some also suggested the establishment of cyber-confidence building measures as alternatives to global treaties, or as a stopgap measure, since treaties are seen as unverifiable, unenforceable and impractical. Stewart Barker, the former Assistant Secretary of Homeland Security under President George W. Bush, stated that treaties “delude western countries into thinking they have some protection against tactics that have been unilaterally abandoned by other treaty signatories.”

About the report:

McAfee asked the Security & Defence Agenda (SDA) as an independent think-tank to produce the most extensive report on Cyber Defense. The report stack ranks the degree to which governments are prepared to withstand cyber attacks. This SDA report sets out to reflect the many different views on what cyber-security means, and how to move towards it. To build up a multi-faceted picture of opinion worldwide, SDA interviewed world leaders to highlight what they see as the key issues. To download “The Cyber Defense Report” report please visit www.mcafee.com/.

About McAfee

About SDA

The Security & Defence Agenda (SDA) is Brussels' only dedicated security and defence think-tank. The SDA raises awareness by anticipating the political agenda and focusing attention on European and transatlantic policy challenges related to security and defence. Its activities include roundtables, lunch and evening debates, policymakers’ dinners, international conferences and a range of publications. The SDA brings together experts and policymakers from the EU institutions, NATO, national governments, industry, the media, think-tanks, academia and NGOs. This diversity, and a reputation for thought-provoking debate, has kept the SDA at the heart of the defence and security community.

Cisco 4Q11 Global Threat Report

In the fourth quarter of 2011, the number of threats aimed at corporate customers increased by 205% in comparison to the year 2010.

Representatives of the Cisco report of threats in cyberspace for the fourth quarter of 2011. The report, prepared by a team of Cisco Intrusion Prevention System, contains data on cyberthreats for the period from 1 October to 31 December last year.

According to the data, in the fourth quarter of 2011, the corporate Internet users had experienced an average 339 malware per month. In comparison with the fourth quarter of 2010, this figure increased by 205%. The greatest discovery of malicious programs in corporate computer systems in September and October 2011, 697 and 698 – malicious programs respectively.

As noted in the report, the number of unique malicious hosts that were discovered in the year 2011, was equal to 20.1 thousand. per month. Compared with the figures for the 2010 year – 14.2-also on the rise.

For the fourth quarter of 2011, 33% on the Internet from any malware has been identified as "zero-day malware, which is not recognized by traditional anti-virus solutions.

The number of attacks that hackers use SQL injection, remained at the same level during the entire 4 quarters of 2011. The number of DoS attacks rose slightly during the reporting period, but the level of spam being sent has decreased worldwide for the 2011 year.

A full account of Cisco are available here.

2012 Security Trends

2011 is coming to an end, so now it’s time to try to see what we have to expect for the next 12 months:

• Social networks: Social engineering techniques exploiting users’ weaknesses have become the leading attack method in social networks. Trending topics such as the Olympics or the next US Presidential elections will be used as a bait. Cybercriminals will continue to target social media sites to steal personal data.
• Malware increase: In the past few years, the number of malware threats has grown exponentially, and everything seems to indicate that the trend will continue in 2012. In fact, malware is the weapon use by cybercriminals to carry on their attacks.
• Trojans: they are cyber-crooks’ weapon of choice for their attacks, as shown by the fact that three out of every four new malware strains created in 2011 were Trojans, designed to sit silently on users’ computers and steal their information.
• Cyberwar: or maybe it is more accurate to say cyberespionage. 2011 has been the year with most intrusions ever aimed at companies and government agencies. From New Zealand to Canada, from Japan to the European Parliament, there have been countless attacks aimed at stealing secret or classified information. We live in a world where all the information is in digital form, so modern-day spies no longer need to infiltrate a building to steal information. As long as they have the necessary computer skills, they can wreak havoc and access the best-kept secrets of organizations without ever leaving their living-rooms. In 2012 we will see these kind of attacks even more.
• Mac malware: As the market share of Mac users continues to grow, the number of threats will grow. Fortunately enough, it seems that Mac users are now more aware that Mac is not immune to malware attacks and they are increasingly using antivirus programs, hindering cyber-crooks. The number of malware specimens for Mac will continue to grow in 2012, although much less than for PCs
• Mobile malware: Over ten years ago, antivirus companies started making dire predictions of a mobile malware epidemic. Years later, as the situation was not as apocalyptic as predicted, they started claiming that the installation of antivirus software on mobile phones had prevented the catastrophe. Well, they were wrong again. If having an antivirus solution were enough to solve all types of malware problems, the world would be a happier place. Unfortunately though, both users and security vendors alike are in the hands of cyber-crooks, who are the ones who decide which platform to target. In this context, last year PandaLabs predicted a surge in cyber attacks on mobile phones, and the fact that Android has become the number one mobile target for cyber-crooks in 2011 confirms that prediction. In 2012 there will be new attacks on Android, but it will not be on a massive scale. New mobile payment methods –via NFC for example– could become the next big target for Trojans but, as always, this will largely depend on their popularity.
• Malware for tablets: The fact that tablets share the same operating system as smartphones means that they will be soon targeted by the same malware as those platforms. In addition, tablets might draw a special interest from cyber-crooks as people are using them for an increasing number of activities and they are more likely to store sensitive data than, say, a smartphone.
• Cybercriminals targeting small to medium-sized companies: Why do cybercriminals target online banking customers instead of directly attacking banking institutions to steal money? The answer to this question has to do with the cost-benefit ratio of the attack: Financial entities are usually very well protected, and the chance of launching a successful attack is remote and very costly. However, attacking their customers to steal their identity and impersonate them is much simpler. The security of small to medium-sized companies is not that strong, and this makes them very attractive for cyberthieves, who can steal data from hundreds or thousands of users in one go. On many occasions, small to medium-sized companies do not have dedicated security teams, which makes them much more vulnerable.
• Windows 8: The next version of Microsoft’s popular operating system is scheduled for November 2012, so even though it is not supposed to have much on an impact on the malware landscape in the coming year, it will surely offer cyber-crooks new opportunities to create malicious software. Windows 8 will allow users to develop applications for virtually any device (PCs, tablets and smartphones) running Windows 8, so it will be possible to develop malicious applications like those for Android. This, in any event, will probably not take place until 2013.

InfoWatch group of companies to expand its presence on European market

The German software company cynapspro GmbH has joined InfoWatch group of companies. Under the deal, cynapspro's controlling interest goes under InfoWatch management. The agreement provides transfer of exclusive rights for all cynapspro GmbH products and designs, patents and trademarks to InfoWatch. InfoWatch plans to increase revenue from this direction in the next 2-3 years up to several dozen million euros per year.

Zlock aizsargās «Аэрофлот» no datu noplūdēm

Maskava, 2011. gada 30. novembrī — kompānija SECURIT, Krievijas vadošais iekšējo draudu informācijas aizsardzības (DLP) risinājumu izstrādātais, paziņo par sistēmas Zlock, kura nodrošinās aizsardzību pret noplūdēm lielākajā Krievijas aviokompānijā «Аэрофлот», ieviešanas pabeigšanu.

Zecurion DLP-konferencē sapulcē vairāk nekā 2700 informācijas drošības ekspertu

Pirmā Krievijas un NVS valstu interneta Web-konference par aizsardzību pret informācijas noplūdēm Zecurion DLP Web konference 2011 sapulcē vairāk nekā 2700 dalībnieku no 96 pasaules pilsētām.

Zecurion DLP Web Conference 2011 — the first online conference on protection against leaks

Company SECURIT Together with COMDI Will spend on October, 20th conference on DLP with direct video translation across all Russia and behind its limits. Free of charge it is possible to be registered on an official site to the address http://www.dlpconf.ru/participation/registration/.

Zecurion DLP Web Conference 2011 (http://www.dlpconf.ru/) — The first web conference completely devoted to a theme of protection against leaks of the corporate information (DLP). The web conference program will capture the most interesting themes of market DLP, technologies, introductions and uses of DLP-systems. Zecurion DLP Web Conference 2011 will pass on October, 20th from 10:00 till Moscow time. ABOUTNlajn-translation will be conducted both in usual, and in HD-quality By means of web service of working out of company COMDI (http://www.comdi.com/) — The technical partner of conference.

Industry conference on the protection of confidential information from internal threats.

DLP-Russia-First international conference dedicated to the issues of sensitive corporate information protection and data leakage prevention. The conference gathers leading industry professionals to share their experiences and to discuss current state of the DLP-market and future market development scenarios.

SECURIT DLP sistēmas atzītas GBA, ka labākie produkti aizsardzībai pret noplūdēm

Kompānija SECURIT paziņo par uzvaru 3-ja ikgadējā prēmija Golden Bridge Awards 2011. Balvas saņēma kompānijas produkti Zgate un Zlock divās kategorijās: informācijas noplūdes novēršanu un datu aizsardzību.

Golden Bridge Awards ir prestiža balva, kura katru gadu tiek piešķirta labākajiem uzņēmumiem, produktiem, vadītājiem un darbiniekiem dažādās tautsaimniecības nozarēs. Balvas nominācijas apvieno publiskā un privātā sektora organizācijas visā pasaulē. Novērtējot kandidātus 40 neatkarīgo žūriju locekļu, kuri pārstāv dažādu darbību jomās, New York 10 augustā Golden Bridge 2011 Award 3-ja gada balvas ceremonijas laikā paziņoja uzvarētājus.

InfoWatch Global Data Leakage Report 2010

InfoWatch presents the latest issue of its annual analytical study of confidential data leaks, reported in the world in 2010. The study is based on a database that was maintained by InfoWatch experts since 2004. The InfoWatch leak database includes the incidents that took place in the organizations as a result of malicious insider attacks or careless acts of employees and were released in the mass media and other open sources (incl. web forums and blogs).

InfoWatch Global Data Leakage Report 2010

SECURIT Zgate 3.0: aizsardzība pret noplūdi caur Skype un šifrētu HTTPS savienojumu

Kompānija SECURIT paziņo par jaunās Zgate 3.0 versijas izlaišanu, sistēmas lai novērstu konfidenciālas informācijas noplūdi. Jaunajā versijā tika ievērojami paplašināta kontrolējamo tīkla kanālu saraksts. Papildus ICQ, Mail. ru Agent, Jabber (XMPP), Google Talks un citu atbalsta interneta Zgate peidžeram pievienotās MySpaceIM, Microsoft Lync (Microsoft Office Communicator) un Skype.

Report SECURIT Analytics about leaks in 2010

Company SECURIT announces report on leaks of confidential data for 2010.
A total of 2010 experts SECURIT Analytics leaks were reported in 1014 that 15.6% more than in 2009. The report contains statistical sections on geography leaks, data types, channel leakage, categories of victims, damage, etc. In addition, detailed article devoted to the incident ChronoPay, Facebook, Google, WikiLeaks, «Alfa-Bank", "Molotkom.Ru and other large companies. The full report is available at SECURIT.
In this case, according to experts SECURIT Analytics, really in the media and you can find only a small part of the incident, at best, 0.1% of the actual number of leaks. This is due to two main reasons. The first - the imperfection of the legislation, which only a few states require organizations to disclose the fact of data leaks immediately after its detection. The second - the limited measures used to protect and as a consequence, the technical inability to detect leaks. The use of specialized DLP-systems still remains quite rare.
"The main trends in 2010 is the increase in references to the Russian area and, of course, increase public awareness of the problems because of numerous publications on WikiLeaks. We think that in 2011 will significantly increase the numbers released by leakage from the Russian companies ", - said Alexander Kovalyov, director of marketing SECURIT.

InfoWatch Traffic Monitor Autolinguist Helps Enterprises Secure Their Information by Increasing Confidential Data Detection Reliability

InfoWatch, а leading developer of internal information monitoring and protection solutions, announces the availability of its new software product InfoWatch Traffic Monitor Autolinguist. The product is complimentary for InfoWatch comprehensive internal data protection solution InfoWatch Traffic Monitor Enterprise and allows automatic creation of customer- specific content filtering base to more efficiently detect sensitive data in outgoing corporate traffic.

Global Study of leaks in the first half of 2010

Speciālistiem tiek piedāvāta regulāra analītiska atskaite par 2010.gada pirmajā pusē atklātiem incidentiem, kuras konstatētas konfidenciālas informācijas noplūde. Šis pētījums balstās uz datu bāzi, kura tiek ikdienu papildināta, par informācijas noplūdēm, ko veic InfoWatch analītiskais centrs kopš 2004 gada. Datu bāzē apkopota informācija par noplūdēm kura bija publicēta plašsaziņas līdzekļos, blogos, web- forumos un citos publiskos avotos visā pasaulē.