Connect with us

CyberSecurity

As cybersecurity threats change, so must hospitals

Published

on

A new assessment of cybersecurity threats highlights consumers’ growing role and predicts things will get worse before they get better.

Never before has the healthcare industry been so vulnerable on so many fronts. As consumers interact with online health data and even create their own, hospitals both need to cater to a larger connected presence as well as provide a larger attack surface on the internet.

What happened?

Many machines run legacy software, including operating systems that are at or near the end of their lives. And even as consumers directly acknowledge these fears and claim some responsibility in protecting their data, they admit to knowing little about the state of their health data or their rights to it.

All of these scenarios and more are outlined in a new threat assessment from Morphisec, a cybersecurity firm.

Why it matters?

The report finds that the number of consumers accessing their health data online has grown to 42 percent, a significant jump from the previous year. Additionally, patients are using their smartphones and other devices to generate their own health data, which can be shared with a practitioner.

Internet of Things connected devices often can’t operate within the same security parameters that other devices do. As they continue to explode as a device class in healthcare settings, they present new vulnerabilities as well. These new forms of digital connection between patient and provider create new attack surfaces in a network, as well as enlarge ones that already exist.

While many consumers responded that they felt they had a shared responsibility to protect their data, the report notes that it still is the responsibility of the provider to secure data. Many consumers struggle with this, with nearly half responding that they felt their smartphones were “nearly as secure” as hospital data networks.

Consumers still have a hard time being engaged on their health data safety and while over half of the U.S. population has been exposed to some form of data breach, close to the same amount polled did not know whether their data had ever been compromised.

What is the trend?

Hospitals need to go above and beyond in their preparedness and response to cyber threats.

Large data breaches are becoming the norm and when targets include large national companies, the effects of an attack can be felt everywhere. Furthermore, every player in the security ecosystem – from vendor to practitioner to patient – needs to have a stake in maintaining the security of healthcare data.

CyberSecurity

Cybersecurity, Could this be Your Chance to Get in?

Published

on

Cybersecurity is becoming an increasingly essential part of business

See the source imageThe significance of the cybersecurity capabilities of Russia is mission-critical, according to President Biden. “That it is approaching.” An FBI advisory notice also advised Russian intelligence services to scan various networks for vulnerabilities to use as a step for potential future invasions. Of course, businesses need to increase spending on cyber defense in light of the need for national security and the anxiety caused by the release of Colonial Pipeline and Solarwinds (SWI) insider information. Among solutions offered are cloud-based options that include Crowdstrike (CRWD), ZScaler (ZS), and Okta (OKTA) as well as consumer-focused choices like NortonLifelock (NLOK) and Fortinet (FTNT). Further, major conglomerates like Amazon (AMZN), Microsoft (MSFT), and Cisco (CSCO) have subsidiaries that concentrate on networking protection after possible breaches of security.

 

We believe the cyber security industry led by key names such as Palo Alto, Zscaler, Crowdstrike, Sentinel One, Check Point, Palantir, CyberArk, Tenable has been on the front lines proactively guarding from Russian cyber attacks and has been very successful; bullish for sector

— Dan Ives (@DivesTech) March 18, 2022

Notwithstanding the tumult resulting from the Russian invasion of Ukraine, a tried-and-true pick for the rest of 2022 is Palo Alto Networks (PANW). Incorporated in 2018, it offers a winning combination of strong financial health, evident growth, and a firm focus squarely on the cybersecurity domain, which has all the earmarks of a long-term investment.

Staying safe at home and keeping your Families Cybersecurity in mind.

See the source imageA major plotline of the modern economy after seeing the coronavirus years has been the shift to a work-at-home lifestyle. According to Pew Research, more than two-thirds of American workers took up remote work to do after the epidemic, with more than half hoping to continue in this setting. While this increases convenience for employees, it creates a headache for security industry professionals. “Employees increasingly require easy access to IT resources,” IT consulting firm Flint noted in a recent report. Currently, companies gaining a distinction in the marketplace must be most interested in providing business solutions rather than just consumer solutions. And for sure, a number of consumer-oriented companies aren’t faring well, when Symantec encountered difficulties as it attempted to buy Avast (AVASF).

“We think strong security demand should remain durable through ’22 and, as a result, security stocks provide better opportunities for relative outperformance vs. broader software.” In a recent note, Morgan Stanley analyst Hamza Fodderwala summed up the industry action.

Adaptive systems and innovations being developed to safeguard sensitive data are likely to stay a consistent and current priority in the foreseeable future, furthering intended budget cuts.

Discover the Many Reasons to Love Palo Alto

See the source imageAmong the choices available, there are numerous ways for investors to invest. Crowdstrike, Zscaler, and Okta are not investments to abandon. By all means, they will each gain from these overarching trends. But there is also an issue with respect to how much these niche services may succeed in valuations, considering that three of these mega services have trended more toward the high-end of the expected earnings growth rate. Dan Ives mentioned (Palo Alto) as “a table pounder” during his CNBC interview. Ives viewed (Palo Alto) as “a table pounder.” Palo’s strong balance sheet earned him high praise. Management attributed the sales increase to positive changes in the company’s income, particularly 20 in the last quarter, and to significant increases in its free cash flow, which was up to $441 million on a 33% profit margin. Clearly, there is a frugal trend of companies in harnessing profitability that has been holding other firms back. Palo Alto places an emphasis on maintaining a market-leading performance standard even as growth continues. Nikesh Arora, CEO of Nikesh Holdings, mentioned this ideal in the firm’s most recent earnings report.

Yet another outstanding quarter in Palo Alto, California, led by outstanding broad-spectrum performance, was led by 70 y er old annual recurring revenue (ARR) growth and hardware sales that are yet to surmount supply-chain difficulties as the company takes share on surging demand.

Two recent studies by Mistic Systems and Crowdstrike likewise appear to be strong, with each meeting Interlock’s own Stephen “Sarge” Guilfoyle’s standards for balance sheets and earnings of late. Nonetheless, I don’t think Sarge would assert that Palo Alto is the sturdiest among the group.

Considerably above the current market valuation, it seems prudent even though the current market varies and appears likely to continue to be able to demonstrate healthy profitability metrics for the foreseeable future. For a defensive-minded name in security that likewise offers an investor significant upside, Palo Alto appears an easy top pick even at all-time highs. Palo Alto appears an easy-to-read pick even at the top margin because of its healthcare sector’s defensive mindset and substantial profit potential.

About Palo Alto

See the source imagePalo Alto, California-based cybersecurity company Check Point Software Technologies Ltd. was founded in 1998 by a team of entrepreneurs led by Dr. Shmuel Hauser, who is currently its chairman and chief executive officer (CEO). The company provides cyber security solutions to corporate and government customers worldwide. In the early days of its development, the company received significant investment from Microsoft Corporation and Intel Corporation. After years of growth and innovation, Check Point entered into an agreement with IBM to create an alliance that would combine the strengths of their two companies in the cybersecurity market. In 2013, Check Point acquired Israeli cyber security startup ZoneAlarm for $1 billion.

Continue Reading

CyberSecurity

Top 10 in-demand cybersecurity skills for 2021

Published

on

Top 10 in-demand cybersecurity skills for 2021

Jimmy Sanders has a long list of work to do, so he wants a security team that can handle the multitude of tasks ahead – from advancing his company’s zero-trust security strategy to securing its cloud deployments to deploying machine learning solutions. Team members must be able to do all that at scale, as well as shift gears and upskill as quickly as business needs shift, technology evolves and security risks change. In fact, Sanders puts “comfortable with change” as one of the most in-demand skills for 2021, alongside internal drive and the ability to be self-directed with work. It’s a lot, he admits.

“The people who can do all that is in super high demand,” says Sanders, head of security for Netflix DVD and president of the San Francisco chapter of the Information Systems Security Association (ISSA).

Indeed, the demand for cybersecurity talent continues to outpace supply. A July 2020 report from the ISSA and the Enterprise Strategy Group (ESG) found that 70% of ISSA members believe the global cybersecurity skills shortage has impacted their organization, while the 2020 (ISC)2 Cybersecurity Workforce Study found that 64% of responding security professionals experienced skills shortages within their own organizations. Such statistics only tell part of the story, though. Security leaders say there’s not only a shortage in the number of qualified people working in the field, but it’s also challenging to find the needed skills among the existing pool of security professionals. That’s not surprising, considering the lengthy list of desired skills needed today. In fact, security professionals need more than a single certification or even experience with a few key tools. Increasingly, they need the right combination of multiple security skills alongside technology, business, and interpersonal skills, as security jobs morph into a hybrid of roles that span different disciplines.

“There’s a shift away from people in security who do one thing, and only one thing, well. There are too many threats and too many opportunities for systems to be comprised that you can’t be an effective security professional without a broad base of knowledge,” says Will Markow, managing director of Burning Glass Technologies, a labor market analytics firm, which issued a 2019 report on the hybridization of job roles. The most in-demand security skills for 2021 reflect this trend, with security chiefs saying they need people who can pull together expertise in the various sphere to meet the emerging security and threat environments as well as overall business requirements.

Here are the 10 areas where skills are most in demand for the year ahead — and why:

Risk identification and management

Jorge Rey, CISO for professional services firm Kaufman Rossin, wants security workers who understand both the company and its industry, which is why he values the low turnover rates within his department. He says veteran staffers bring the business insights he needs. And that insight, when combined with technical acumen and cybersecurity experience, helps them identify which threats pose the greatest risks to their company so they can effectively allocate limited resources to deliver the best protection.

“The best way to mitigate threats is to understand the risk,” he says, “so we need people versed on governance and strategy who can then determine the best solutions, who can find the right technology or the right outside provider or build the right capacity in-house.”

Others also put risk management high on their list of desired skills for 2021, with Burning Glass listing it as one of the security skills seeing the fastest growth in demand over the upcoming five years and one that could earn professionals more than $10,000 a year in premium pay.

“CISOs need people who can take a risk-based approach to build a secure digital infrastructure,” Markow adds.

Technical fundamentals

CISOs are also looking for people with overall technical skills, noting that they can’t understand risk and develop security plans for a digital world without understanding the IT components that make up the infrastructure.

“Programming skills, system administration skills, and network skills are all required and necessary to have … because security skills are worthless without foundational knowledge to build upon,” says Matthew Rogers, CISO of tech company Syntax.

Consulting firm PwC likewise identified technology acumen is critical for security professionals, listing knowledge of “digital building blocks” as one of the three critical areas of expertise (digital skills, business acumen, and social skills) needed for an effective security program. As such, Joe Nocera, principal, and leader of the Cyber & Privacy Innovation Institute at PwC say security chiefs want staffers who understand architecture as well as logging, monitoring, identity management, and authentication in addition to expertise around specific business and security solutions. Jack O’Meara, a veteran CISO now serving as a director on the cybersecurity solutions team at Guidehouse, a tech advisory, and outsourcing firm, agrees. “I want to make sure people have hands-on expertise for the specific technologies I’m deploying. They have to have an understanding of how the technology works because if they don’t, they’re never going to understand how an attacker can exploit it,” he says.

Data management and analysis

The security department is one of the biggest generators of data within the enterprise, and in many organizations, it’s becoming one of the biggest consumers of data, too, as it seeks to use the information to drive more effective and efficient protection strategies.

“They’re looking to make sense of the massive amounts of data they have, and the tools only go so far,” says Brandon S. Dunlap, a leading partner for security and risk management at the tech research firm Gartner, adding that he’s seeing more CISOs hire data scientists, data engineers, and data officers.

DevSecOps

Organizations are increasingly moving beyond DevOps to DevSecOps, seeking to add security considerations into the application design and development phase to ensure more secure apps. That requires security people with development and operations knowledge and experience.

“We’ve learned over the past few years that where security risk really sits is in the application itself, so we need to have the software developed with security integrated right from the start,” says Jeffrey Weber, executive director of the IT staffing firm Robert Half Technology. Burning Glass lists application development security as the No. 1 fastest-growing skill, with expected demand to increase 164% over the next five years.

Cloud

The widescale adoption of cloud, and especially the increasing embrace of a multi-cloud strategy, has increased the demand for security workers who are experienced in cloud deployments and can marry that with the enterprise security strategy. Rey, for example, says he wants team members with expertise on one or more of the public cloud platforms (AWS, Azure, Google) as well as private cloud architecture. “When I think about cloud security, it requires a bit of knowledge about everything; it’s about developing a secure network within a cloud environment,” he says.

Automation

In its 2020 report, The Life and Times of Cybersecurity Professionals, ESG says enterprise security can use automation to help address the cybersecurity skills shortage. Experts concur, explaining that automating repetitive tasks creates efficiencies and boosts effectiveness while shifting valuable employee time to the complex work that only humans can do. Automating security functions, though, requires security workers skilled in actually implementing automation solutions. Rey is among the CISOs who believe automation can help close the skills gap, saying that automation skills “should be embedded in anyone who is in IT or security.” He wants people who are able to identify tasks that can be automated as well as can do the automation itself, using Python, PowerShell, and other scripting languages to make it happen.

Threat hunting

Threat hunting is a relatively new security strategy that is gaining widescale traction. According to a 2020 survey from security solutions maker DomainTools, 93% of organizations said threat hunting should be a top security initiative to provide early detection and reduce risk. The growing interest in, and implementation of, threat hunting practices is driving demand for the right combination of skills needed to do the job. Burning Glass lists it as the No. 4 fastest-growing in-demand skill. Rick McElroy, the principal cybersecurity strategist at security tech company VMware Carbon Black, says it takes analytics skills, understanding of the MITRE ATT&CK framework or other such methodologies, knowledge of the enterprise technology stack (so “they can tell when something ‘wonky’ is happening”) and intellectual curiosity to probe for problems. “They have to think like an attacker; they have to wonder, ‘How would an attacker bypass my defenses?’” McElroy says.

Interpersonal skills

The cybersecurity function has become not only more critical with the rise of the digital economy, it has become more prominent as well. That puts security professionals in front of the C-suite, board members, and employees with greater frequency. So, they must be able to collaborate, communicate, and consult with these various stakeholders, making those and other interpersonal skills a hot commodity. “It’s almost a sales function, to be able to present to all different levels of the organization to impress upon them what they need to do to protect the organization,” says Gary Todd, associate director of cybersecurity for the energy firm PNM Resources.

Business acumen

HP CISO Joanna McDaniel Burkey wants workers who understand the business, who speak in business terms, and view themselves as business people as well as technologists. She says security professionals need such skills so they can help manage risk, which is the prime objective for the modern security team. Security professionals must help their organizations balance security with costs, market demands, and other business metrics. “I talk about it as ‘polarities to manage’ versus trade-offs,” she says. “We need to see both sides of issues, we need to put ourselves in their shoes, so we can co-create well with stakeholders.”

Agility

According to the 2020 (ISC)² workforce study, 30% of respondents saw their organizations move to a remote workforce in just one day as a result of the COVID-19 pandemic, while another 47% had just several days to a week to make the shift (only 16% had more than a week.) Experts don’t anticipate such rapid workplace transformations to become the norm, but they do expect the pace of technology and business changes to continue accelerating. Security needs to keep up. “COVID brought in a whole new set of scams and attacks and way of working,” says E.J. Widun, who as CTO of Oakland County, Mich., works with the security team. “COVID showed we need people with the ability to adapt, and to adapt fast.”

Continue Reading

CyberSecurity

Microsoft and Its Industry Partners Secure Key Domain Used in the SolarWinds Hack

Published

on

Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack. Mobile devices continue their march toward becoming powerful productivity machines. But they are also major security risks if they aren’t managed properly. We look at the latest wisdom and best practices for securing the mobile workforce. The domain in question is avsvmcloud[.]com, which served as a command and control (C&C) server for malware delivered to around 18,000 SolarWinds customers via a trojanized update for the company’s Orion app. At the time of their release between March 2020 and June 2020, the SolarWinds Orion versions 2019.4 through 2020.2.1 contained a strain of malware named SUNBURST (also known as Solorigate).

Takedown to stop last-minute attempts to hack

The recent sinkholeing of avsvmcloud[.]com by a coalition of tech companies transferred the domain ownership to Microsoft. Sources familiar with today’s actions described the takedown as “protective work” done to prevent the threat actor behind the SolarWinds hack from delivering new orders to infected computers. Despite the SolarWinds breach becoming public on Sunday, the SUNBURST operators could still deploy additional malware payloads on the networks of companies that failed to update their Orion applications and still had the SUNBURST malware installed on their network. SolarWinds estimated on Monday that over 18,000 customers have installed the trojanized Orion app update, and most likely have the first-stage SUNBURST malware. Nonetheless, the hackers do not seem to have exploited all these systems and have only targeted a small number of carefully-planned intrusions into the networks of high-profile targets. The report was attributed to US security firm Symantec, which said that it discovered SUNBURST malware on the internal networks of 100 of its customers, although it did not observe any second-stage payloads or network escalation activity. According to Reuters, who confirmed the report with independent sources, many companies that installed the trojanized Orion app update did not find evidence of any further activity and escalation from the malware, confirming that hackers primarily targeted big-name companies.

Since Sunday, when the SolarWinds hack came to light, the number of confirmed victims has grown to include:

  • US cybersecurity firm FireEye
  • The US Treasury Department
  • The US Department of Commerce’s National Telecommunications and Information Administration (NTIA)
  • The Department of Health’s National Institutes of Health (NIH)
  • The Cybersecurity and Infrastructure Agency (CISA)
  • The Department of Homeland Security (DHS)
  • The US Department of State

Sinkholing operations are underway to discover all victims.

Currently, the avsvmcloud[.]com domain redirects to an IP address owned by Microsoft, with Microsoft and its partners receiving beacons from all the systems where the trojanized SolarWinds app has been installed.

The technique, known as sinkholing, is allowing Microsoft and its partners to compile an extensive list of infected victims, which they plan to use to notify all affected companies and government agencies.

“This is not the first time a domain associated with malware has been seized by international law enforcement and even by a provider,” ExtraHop CTO Jesse Rothstein told ZDNet in an email, referring to Microsoft’s previous takedown and sinkholing efforts against the Necurs and TrickBot botnets. Ongoing takedown and sinkholing efforts also involve the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency, which is trying to pinpoint other US government agencies that may have been compromised. As SolarWinds has a large US government customer base, the government has declared the security crisis a national security emergency. On Thursday, the White House held a rare meeting of the US National Security Council to discuss the hack and its repercussions. Indicators of compromise and instructions on how to discover and deal with a SUNBURST malware infection are available from Microsoft, FireEye, and CISA.

Once installed, the malware would remain dormant in a computer for 12 to 14 days and then attempt to ping a subdomain of avsvmcloud[.]com. FireEye found that a C&C domain would issue a DNS reply that contains a CNAME field with information on another domain from which the SUNBURST malware can obtain additional instructions and execute additional payloads on an infected company’s network.

Continue Reading

Trending