A Review of the Best News of the Week on Cybersecurity Management & Strategy

Chinese Wind Turbine Manufacturer Gets Max. Fine for Source Code Theft (Dark Reading, Jul 09 2018)
Sinovel Wind Group has been sentenced for stealing trade secrets from the company formerly known as American Superconductor Inc.

What Is “SIEM+” Or “Can We Have A Cyber Defense Platform?” (Gartner Blog Network, Jul 06 2018)
Contrary to what some “analytics” or “AI” vendors will have us believe, SIEM in 2018 is not the SIEM of our grandfathers. In 2002, when I was first initiated into the dark arts of SIEM, it was very different (it was called either SIM or SEM back in the B.C. era – that is, Before Compliance).

WPA3 (Schneier on Security, Jul 12 2018)
Everyone is writing about the new WPA3 Wi-Fi security standard, and how it improves security over the current WPA2 standard. This summary is as good as any other

Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report

D.C.-area cybertech companies persuade West Coast investors to head east (Washington Post, Jul 09 2018)
A handful of recent “exits” — start-up lingo for taking a company public or otherwise cashing out — are beginning to show investors that the area’s crowded cybersecurity industry can yield returns.

Insurers Sue Trustwave for $30M Over ’08 Heartland Data Breach (Dark Reading, Jul 09 2018)
Lawsuit filed by Lexington Insurance and Beazley Insurance is in response to a Trustwave legal filing that called their claims meritless.

How an Israeli cybersecurity company tracked the employee who stole its code (CNBC, Jul 10 2018)
An ex-employee of Israel’s NSO Group was indicted last week for stealing the company’s code.

AT&T to Acquire Cybersecurity Company AlienVault (Fortune, Jul 10 2018)
The acquisition will expand AT&T’s security solutions portfolio

Ticketmaster Breach Part of Massive Payment Card Hacking Campaign (Dark Reading, Jul 10 2018)
Threat actor Magecart has infiltrated over 800 e-commerce sites with card skimming software installed on third-party software components, RiskIQ says.

Why You Should Be Dwelling on Dwell Time (SecurityWeek, Jul 10 2018)
Dwell time forces security leaders to work hard to not only prevent exploitation, but to also detect, respond, and recover as quickly as possible. Whereas in the past all of the security budget went to preventative tools and processes, today we’re focusing much more on rapid detection and response than ever before.

Cisco Chief Executive’s New Mantra: Simplify Computer Networks (The New York Times, Jul 11 2018)
Chuck Robbins’s strategy is giving a Silicon Valley giant — one that used to benefit from technological complexity — momentum despite the growth of cloud computing.

Facebook fined a paltry £500,000 (8 minutes’ revenue) over Cambridge Analytica scandal (Graham Cluley, Jul 11 2018)
The UK’s Information Commissioner’s Office (ICO) has announced that Facebook will be fined £500,000 – the maximum amount possible – for two breaches of the Data Protection Act 1998 in connection with the Cambridge Analytica scandal.

Timehop Releases New Details About July 4 Breach (Dark Reading, Jul 12 2018)
Additional information includes PII affected and the authentication issue that led to the breach.

Banks Suffer an Average of 3.8 Data Leak Incidents Per Week (Dark Reading, Jul 11 2018)
New study examines how financial services information gets sold and shared in the Dark Web.

Three Emerging Technologies to Accelerate Incident Readiness (SecurityWeek, Jul 12 2018)
Instead of an extended war game, Purple Teaming is collaborative and iterative. It brings the Red and Blue Teams together through a more informed and continuous process designed to help the defenders actively get better at mitigating risk from real-world, highly sophisticated attacks.

Notorious ‘Hijack Factory’ Shunned from Web (Krebs on Security, Jul 11 2018)
Score one for the good guys: Bitcanal, a Portuguese Web hosting firm long accused of helping spammers hijack large swaths of dormant Internet address space over the years, was summarily kicked off the Internet this week after a half-dozen of the company’s bandwidth providers chose to sever ties with the company.

ExxonMobil Bungles Rewards Card Debut (Krebs on Security, Jul 06 2018)
“ExxonMobil recently sent snail mail letters to its Plenti rewards card members stating that the points program was being replaced with a new one called Exxon Mobil Rewards+. Unfortunately, the letter includes a confusing toll free number and directs customers to a parked page that tries to foist Web browser extensions on visitors.”

Businesses Struggle to Build ‘Security-First’ Culture (Dark Reading, Jul 10 2018)
New Accenture study finds half of businesses provide cybersecurity training for new hires and only 40% of CISOs prioritize building or expanding insider threat programs.

How to allocate budget for a well-rounded cybersecurity portfolio (Help Net Security, Jul 10 2018)
Getting the C-levels to approve an IT security budget is probably one of the most difficult and exasperating tasks that security professionals and IT managers have to do each year.

Canada Breach Reporting Law Goes Into Effect November 2018 (The Duo Blog, Jul 11 2018)
On November 1, 2018, organizations will be required to report breaches to the Office of the Privacy Commissioner (OPC) of Canada. This includes the breach of security safeguards if the breach poses a “real risk of significant harm” to individuals affected by the security incident.

What We Talk About When We Talk About Risk (Dark Reading, Jul 11 2018)
Measuring security risk is not that hard if you get your terms straight and leverage well-established methods and principles from other disciplines.