A Review of the Best News of the Week on Cybersecurity Management & Strategy

US military given the power to hack back/defend forward (Naked Security – Sophos, Sep 20 2018)
The new preventative cybersecurity powers include potentially acting against countries considered friendly toward the US – a risky move, some say.

Guccifer to Be Extradited to US for Prison Sentence (Dark Reading, Sep 14 2018)
Four-year, four-month term will follow a longer sentence in hacker’s home country of Romania.

New Magecart victims ABS-CBN and Newegg are just the tip of the iceberg (Help Net Security, Sep 20 2018)
With the Magecart attackers compromising web shops left and right, online shopping is becoming a risky proposition. After Ticketmaster, British Airways and Feedify, two new Magecart victims have been identified: the broadcasting giant ABS-CBN and online retailer Newegg.

Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a better way to build your strategy.

CISOs and the Quest for Cybersecurity Metrics Fit for Business (SecurityWeek, Sep 17 2018)
Asked if CISOs are currently delivering good metrics, the answer was an unequivocal yes and no, maybe, it depends, but probably not.

Firewalls and the Need for Speed (TaoSecurity, Sep 18 2018)
“This bothered me, so I Tweeted about it….What do you think of this architecture? My Tweet has attracted some attention from the high speed network researcher community, some of whom assume I must be a junior security apprentice who equates “firewall” with “security.” Long-time blog readers will laugh at that, like I did. So what was my problem with the original recommendation, and what problems do I have (if any) with the 2018 version?”

The Mirai Botnet Architects Are Now Fighting Crime With the FBI (Wired, Sep 18 2018)
In 2016, three friends created a botnet that nearly broke the internet. Now, they’re helping the feds catch cybercriminals of all stripes.

As Tech Drives the Business, So Do CISOs (Dark Reading, Sep 19 2018)
Business leaders used to ask the CISO what controls they needed; now they want security embedded in business planning and application development. “You want security expertise in the operations groups, you want that in development groups, you want that in each component of operations, including the cloud,” he adds.

Your business should be more afraid of phishing than malware (Graham Cluley, Sep 19 2018)
More than twice as many breaches were blamed on phishing rather than malware (48% compared to 22%) In fact, even when malware was combined with unpatched systems (coming to a total of 41% of reports) it still failed to be as big of a problem as phishing.

DMARC Fully Implemented on Two Thirds of U.S. Government Domains (SecurityWeek, Sep 21 2018)
DMARC has been fully implemented on roughly two thirds of U.S. government domains, but agencies have less than a month to roll out the email security standard on the remaining websites.

NTA: The Other IDS? (Gartner Blog Network, Sep 20 2018)
“IMHO, Network Traffic Analysis (NTA) was born to separate the old, mostly flow-based (layer-3) technology from the modern layer-7 based tech that analyzes network activities for security purposes.”

Lawmakers warn Trump’s election interference order does not go nearly far enough (Washington Post, Sep 13 2018)
The main bill lawmakers are pushing is the bipartisan DETER Act, which was introduced by Sens. Marco Rubio (R-Fla.) and Chris Van Hollen (D-Md.). The bill would require the administration to slap Russian businesses and oligarchs with sanctions within 10 days if the director of national intelligence determines that the Kremlin has interfered in an election. It would also place a powerful check on the White House: Under the legislation, the president would be barred from lifting the sanctions unless intelligence officials report to Congress that Russia has gone two election cycles without interfering in U.S. elections.

83% of SMB owners have no cash put aside to deal with the fallout from a cyber attack (Help Net Security, Sep 19 2018)
Small businesses are leaving themselves exposed to significant financial risk from cybercrime by not having adequate measures in place to recover in the event of a cyber attack. That’s according to the findings of InsuranceBee’s Cyber Survey, which asked more than 1,000 SMBs how prepared they are to deal with cybercrime.

AES Resulted in a $250 Billion Economic Benefit (Schneier on Security, Sep 21 2018)
“NIST has released a new study concluding that the AES encryption standard has resulted in a $250-billion worldwide economic benefit over the past 20 years. I have no idea how to even begin to assess the quality of the study and its conclusions — it’s all in the 150-page report, though…”

Russian Spies Arrested on Suspicion of Plans to Hack Swiss Laboratory (SecurityWeek, Sep 14 2018)
Dutch intelligence services arrested two alleged Russian spies on suspicion of planning to hack a Swiss laboratory investigating the poisoning of double agent Sergei Skripal, reports and officials said Friday.

Yahoo Class-Action Suits Set for Settlement (Dark Reading, Sep 17 2018)
Altaba tells SEC it will incur $47 million to settle consumer litigation for massive Yahoo data breaches.

Insurance experts expect higher cyber-related losses (Help Net Security, Sep 18 2018)
Large cyber-attacks, like WannaCry or NotPetya, are also expected to be more frequent, with over 60% of respondents stating they anticipate these occurring at least once every five years.

Awareness and tendency towards risky online behavior (Help Net Security, Sep 18 2018)
It found that, while employees are generally risk averse, more than half (55 percent) admitted to clicking links they didn’t recognize, 45 percent said they would allow a colleague to use their work computer and 34 percent were unable to identify an unsecure ecommerce site.

Fidelis Cybersecurity Raises $25 Million (SecurityWeek, Sep 18 2018)
The funding, which brings the total raised by the company to date to nearly $50 million, will be used to extend product innovation, support business growth, and invest into the company’s 24×7 Managed Detection and Response (MDR) service. The round was led by existing investors.

Japan Digital Currency Exchange Hacked, Losing $60 Million (SecurityWeek, Sep 20 2018)
Hackers have stolen 6.7 billion yen ($60 million) worth of cryptocurrencies from a Japanese digital currency exchange, the operators said Thursday.

NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO (Dark Reading, Sep 19 2018)
The lawsuit accuses the three security vendors and the nonprofit AMTSO, of which they and other endpoint security vendors are members, of unfairly allowing their products to be tested only by organizations that comply with AMTSO’s testing protocol standard. NSS Labs, which also is a member of AMTSO, earlier this year voted against adoption of the standard and says it has no plans to comply with it.