Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Chinese Using OPM Data?”, 2) “Creating REAL Threat Intelligence…with Evernote Slides from SourceDublin”, and 1) “Some Humbers to Keep in Your Back Pocket”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference. A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
Password Complexity Requirements & Frequent Changes Are Pointless Says GCHQ: Finally some good news on the password guidance front from the other side of the pond… In their most recent publication UK intelligence agency GCHQ recommends ditching traditional password guidelines to focus instead on making life easier for users. Many in the security industry have suggested the same for years but perhaps GCHQ’s backing could be the tipping point towards wider adoption. Here are a few of their more refreshing suggestions. (continued here)
Mach37 Fall 2015 Class Announced: Our favorite local cyber security startup accelerator, Mach37, has just announced their latest class. The new companies include Locurity, Cyber 20/20, 418 Intelligence, TensorWrench, Cyber Algorithms, Atriceps, and Huntress Labs. Congratulations to the new class. (continued here)
Chinese Using OPM Data?: Trend Micro released an interesting report towards the end of last week on the Chinese threat actor Iron Tiger. In it they discuss their targeting of the U.S. government, its military, and supporting contractors. Based on follow-up discussions with company executives, news sources have since been reporting that the Chinese are actively using the massive cache of stolen OPM data as part of these attacks. (continued here)
QOTD: Longer Is Stronger: Get your mind out of the gutter … we’re just referring to passwords here. We just wanted to do this follow-up based on the recent GCHQ advice to finally ditch complex password requirements. Within the article Paco Hope had a great mantra that we should start using when talking to non-security people. It’s simple and to the point. (continued here)
Creating REAL Threat Intelligence … with Evernote Slides from SourceDublin:In this updated version of my threat intel framework presentation (using Evernote as a backend database) at SourceDublin, I have really expanded the framework out a bit, introducing notebooks dedicated to a logger, SIEM, indicator database, and adversary tracker. As before there are also a few implementation examples. Thanks to the SourceDublin crew, especially @rcheyne, @internmike, and @lotusebhat, for having me! (continued here)
Some Numbers to Keep in Your Back Pocket: Here are some numbers to keep in your back pocket for when leadership balks at your request for security funding: $551,000 for large enterprises and $38,000 for SMBs to recover from a single incident based on a recent Kaspersky survey of 5,500 companies. The three most expensive incidents for enterprises included “Failure of Third Party Suppliers,” “Fraud by Employees,” and “Cyber Espionage” while SMB’s most costly incidents were “Cyber Espionage,” “Failure of Third Party Suppliers,” and “Network Intrusion/Hacking.” (continued here)
Hope everyone had a wonderful week! Have a great weekend!