A Review of the Best News of the Week on Cybersecurity Management & Strategy

Is Security Just Too Damn Hard? Is Product+Service The Future? (Gartner Blog Network, Jun 21 2018)
We all remember Dan Geer’s classic quote “Internet security is quite possibly the most intellectually challenging profession on the planet” and most of us doing security read it optimistically (as in “oh yeah, we are pretty damn smart!”)

It’s Time You Learned About Quantum Computing (Wired, Jun 25 2018)
A researcher explains quantum computing in terms anyone can understand—even an 8-year-old.

Bejtlich on the APT1 Report: No Hack Back (TaoSecurity, Jun 25 2018)
“First, at no time when I worked for Mandiant or FireEye, or afterwards, was there ever a notion that we would hack into adversary systems. During my six year tenure, we were publicly and privately a “no hack back” company. I never heard anyone talk about hack back operations. No one ever intimated we had imagery of APT1 actors taken with their own laptop cameras. No one even said that would be a good idea.”

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

Top 10 Cybersecurity Best Practices for Healthcare CISOs (HealthITSecurity, Jun 26 2018)
Sentara Healthcare CISO Dan Bowden shares the top 10 cybersecurity best practices his learned during his career.

Security Startup Quantum Xchange Promises Unbreakable Quantum-Safe Encryption (SecurityWeek, Jun 26 2018)
Bethesda, MD-based start-up Quantum Xchange has announced $10 Million Series A funding from New Technology Ventures, and the launch of the first commercial quantum key distribution (QKD) service in the U.S.

First Women-Led Cybersecurity Venture Capital Firm Launches (Dark Reading, Jun 26 2018)
Chenxi Wang, former Forrester VP of research and Twistlock executive, heads up Rain Capital, with the intent to also help build new startups.

IEEE Statement on Strong Encryption vs. Backdoors (Schneier on Security, Jun 27 2018)
The IEEE came out in favor of strong encryption…

Can You Do a SIEM-less SOC? (Gartner Blog Network, Jun 26 2018)
Along the lines of this post where we discussed the concept of “SIEM alternatives”, let’s discuss this in the context of a modern SOC. Will I ever do or recommend a SIEM-less SOC? — As you can guess from the above, my answer is ‘it depends on what you mean by “SIEM.”’

Equifax Ordered by Eight States to Beef Up Cybersecurity (WSJ, Jun 27 2018)
Texas, California, New York and five other states say move is aimed at helping to prevent another data breach

Ticketmaster Blames Third Party Over Data Breach (SecurityWeek, Jun 28 2018)
Ticketmaster UK has had thousands of personal customer information compromised. This may include name, address, email address, telephone number, payment details and Ticketmaster login details, the company said.

SEC outlines cybersecurity changes after probe of EDGAR hack (Financial Planning, Jun 26 2018)
The reforms could serve as a checklist for firms looking to enhance their own cybersecurity posture in light of the regulator’s increased scrutiny.

Cynicism in Cybersecurity: Confessions of a Recovering Cynic (Dark Reading, Jun 27 2018)
Anyone constantly dealing with complex computer systems teetering on the brink of disaster will likely succumb to the cult of cynicism. These four strategies will help you focus on the positive.

Is Your SOC your CSIRT? (Gartner Blog Network, Jun 27 2018)
As we move forward on updating our SOC research, Anton and I are back to the discussion about the existence of two separate entities in organizations, the SOC and CSIRT.

Equifax Software Manager Charged with Insider Trading (Dark Reading, Jun 29 2018)
Sudhakar Reddy Bonthu used insider information about the company’s 2017 data breach to profit in stock transaction.

Accenture Security Builds Out Cyber-Reslience Capabilities (eWEEK, Jun 25 2018)
“We don’t just sell it [iDefense] as a feed, but we make it an integrated part of our managed security services, incident response services, threat hunting and red teaming.”

Dealing with the insider threat on your network (SC Magazine, Jun 25 2018)
California’s Department of Fish and Wildlife (CDFW) issued an internal memo warning that a former employee downloaded worker and vendor records to a personal device without authorization and took the records outside of the state’s network.

Why Do SOCs Look Like This? (TaoSecurity, Jun 28 2018)
The big screens are a waste of time. No one is standing near them. No one sitting at their workstations can read what the screens show. They are purely for an audience, who can’t discern what they show either.

Clarifying a murky Insider Threat Detection market (Gartner Blog Network, Jun 21 2018)
Gartner just published research on insider threat detection solutions in an attempt to clarify how different products help organizations with this use case.

China’s cyberlaw is unfair, dangerous – and a model to follow (South China Morning Post, Jun 26 2018)
Daniel Wagner says critics are right to say the law gives Chinese companies an unfair edge and raises important privacy concerns. The fear is that other countries are more likely to adopt this model than the EU’s more cumbersome one favouring rights protection

EU Set for New Cyber-Response Force (Infosecurity Magazine, Jun 27 2018)
Lithuanian proposal already has several member states on board