All posts by Michelle Drolet

Towerwall Opens Dallas Office, Serves Growing InfoSec Market

Earlier this month, Towerwall opened its second office location in Dallas, Texas.

 

The office will be managed by Information Security Expert and Towerwall team member, Vijai Jasrotia.

“We are excited to bring Towerwall’s information security expertise to this growing marketplace. I know we will be able to add value and help our customers secure the data!”

– Michelle Drolet, Founder & CEO, Towerwall

 

If you would like to speak with our Texas information security expert, please contact Vijai Jasrotia by phone at 214-207-9691 or via email vijaij@towerwall.com

6th Annual Information Security Summit – 5/24/18

6th Annual Information Security Summit

Presented by MassBay Community College and Towerwall, Inc.
 

When:

Thursday, May 24, 2018
8:00AM – 1:30PM

When:

MassBay Community College
50 Oakland Street
Wellesley Hills, MA 02481

About the Conference:

The Information Security Summit is a regional event with the goal to give participants from New England an update on the latest development, trends and status in information security. With growing popularity of disruptive technologies including Mobility and Cloud Computing, Social Networking and Big Data Analytics, the accompanying data security and privacy issues become fundamental concerns. Industry experts will be invited to share their experience and knowledge.

$45 (includes breakfast & lunch)

2018 Topics may include but are not limited to:

  • Develop & Maintain a Real-world Security Awareness Program
  • GDPR-Friendly Best Practices for IT Architects and Implementers
  • Incident Response Planning/Table Top Exercises
  • IoT Security: Challenges & Solutions
  • Turtles, Trust, and the Future of Cybersecurity
  • The Enterprise Immune System: Using Machine Learning for Next-Generation Cyber Defense

 

 
 

Michelle Drolet featured in “Women CEOs on Blazing a Trail to the Top”

Our own Michelle Drolet featured in Fierce CEO’s “Special Report Women CEOs on Blazing a Trail to the Top: Part 2”

 
What does it take to reach the chief executive post? Being direct about what you want, for one. “If women want the brass ring, they should try to grab it,” says Jennifer Keough, CEO of JND Legal Administration. In the second part of this two-part feature, women CEOs discuss the challenges, pitfalls and rewards of becoming a leader and key decision-maker.

Not all experience problems

Michelle Drolet, CEO of Towerwall, said she has never run into any difficulties having the role of woman CEO. “I feel blessed for never having been the target of discrimination or mistreatment,” Drolet said. “Like any business, we’ve had our share of clients with whom we needed to depart ways, but overall our contract renewals are at 96%. We have clients that have been with us since the ‘90s.”

 

Click here to read the full article >

Eliminate the IoT Security Blind Spot

Securing the new endpoint: Making the IoT transformation safe for enterprises.

The number of devices that exist within an average organization has grown exponentially over the last few years. The growth of mobility and the Internet of Things (IoT) explosion have led to a rapid rise in the number of endpoints that must be managed and secured. This problem is set to grow, with Gartner predicting more than 20 billion connected things will be in use by 2020, up from 11 billion this year.

While many people perceive IoT devices as simple, they’re not simple at all – they’re actually running operating systems with full networking stacks and an application layer. To make matters worse, most of them are beyond our control. As many as 82% of organizations are unable to identify all the devices connected to their network, according to a Forrester study, and 77% of companies admit that increased usage of IoT devices creates significant security challenges.

 

A growing risk

As the number of devices that we don’t have control over continues to grow, so do the risks. We’re already seeing a marked increase in botnets where IoT devices are taken over and used in everything from volumetric and brute force attacks to spam and data exfiltration.

Hackers can compromise outdoor traffic cameras for example, where they can upload rogue firmware resulting in their ability to take complete control of affected devices remotely. Cameras are known to have issues with dynamic DNS services, device-to-device communications, and buffer overflow vulnerabilities.

Vulnerable IoT devices also offer entry points for rapidly spreading malware, like that used in the WannaCry ransomware attacks.

Airborne threats are also on the increase as we boost wireless connectivity and enable more devices to connect to each other. Look at something like BlueBorne, which allows attackers to exploit vulnerabilities in Bluetooth to take over devices. It exposed 5.3 billion devices to risk, allowing attackers to potentially take over any devices with Bluetooth turned on.

One of the scariest things about these vulnerable endpoints is that they can allow attackers to gain access without your knowledge. If you don’t know what all the devices on your network are or manage them to ensure they’re properly patched, then you won’t know when your defenses have been breached.

 

Circumventing security

While your firewall might do a good job of protecting your perimeter and monitoring network traffic at certain specific points, there’s generally a lack of visibility into what whitelisted devices on your network are up to. Consider that these devices can often communicate with each other directly nowadays, using Bluetooth or Wi-Fi to bypass your security systems.

Stop and think about the potential cost of a data breach, and you’ll quickly realize how important it is to establish genuine visibility of all the devices on your network. As we discussed in our tips for blocking ransomware, segmenting your defenses and acting to prevent lateral movement is vital, as is sandboxing suspicious files and swiftly isolating infected systems.

 

Developing a new approach

What’s needed is visibility that extends beyond the perimeter into the network core. A successful architecture cannot rely upon agents, it must be clear what all the connected devices are, and we need to know when a device has been compromised.

In implementing a security solution, you’ll want something that can integrate with your environment and sit on top of the existing network infrastructure to provide insights. Take the time to map every device and analyze the potential interactions between them. Visibility isn’t enough on its own, though, because security policies must be enforced. Employ automation wherever you can to avoid overwhelming security teams.

 

Behavioral analytics are the way forward

Many security tools and strategies are intrusive and disruptive for staff. That’s why careful analysis is a good option. We’ve looked at the potential of user behavior analytics before and you can apply the same logic to devices. Model the expected and intended behavior of all the devices on your network, automate policy enforcement where you can, and flag anomalies to security staff where you can’t.

While the IoT transformation is enabling a lot of exciting developments in many industries, it’s crucial that we don’t neglect security concerns, or it could grow into the kind of blind spot that allows a major incident to develop.

 

Watch our latest IoT Webinar with Armis

 

Armis: Eliminate the IoT Security Blind Spot

 

This article was originally posted in CSOOnline >

 

For true cybersecurity you must know what employees are doing

A look at some options for keeping tabs on your staff and the possible pros and cons.

Securing your data in the digital age is very challenging, but it has never been more necessary. We just looked at the hair-raising cost of a data breach in 2018 and we know that employees are often the weakest link. In fact, over 90% of all cyber-attacks are successfully executed with information stolen from employees, according to the Identity Management Institute.

The majority of these employees are the innocent victims of phishing attacks, but former, or even current, employees with an axe to grind can also cause enormous damage and typically prove more difficult to root out. There’s no doubt that security awareness training is vital, but it’s not enough on its own.

As many as 47% of all data breaches were caused by hackers or criminal insiders, according to the Ponemon Institute’s 2017 Cost of Data Breach Study, and these breaches were more costly to resolve at an average of $156 per stolen record, compared to an average cost of $128 per record when human error was the cause.

If you really want to secure your company data then you need to know what your employees are doing, and there are many ways of finding out.

 

Being Big Brother

There are a lot of employee monitoring software options out there, like Teramind, InterGuard and  SentryPC, that enable you to watch exactly what your employees are doing in real time. At the shallow end you can use these packages transparently and automatically filter out inappropriate content or limit social media time. At the deep end, you can use them silently to track exactly what websites your employees visit and even record keystrokes for online searches, messaging chats and emails.

You may consider this the nuclear option. It may not be illegal to monitor employees in this way, though some states have put protections in place, but it’s certainly an ethical quandary. It gives your IT department access to a lot of potentially sensitive information.

If you’re considering using software like this, then it’s worth asking, “Who watches the watchmen?” Depending on how you use it, monitoring can also be time consuming, so it’s certainly not the most efficient way to guard against the risk of a data breach.

 

User behavior analytics

From a security standpoint, what you really want is to be alerted when employees do something suspicious. User behavior analytics (UBA) are a smarter way to sniff out anomalies in users’ actions and flag them for further investigation. Companies like IBM and Varonis have developed advanced UBA tools that can detect unusual activity.

Is an employee trying to access a file they shouldn’t? Maybe they’re downloading something at 3:00am from a location that isn’t their home. Perhaps they’re trying to move laterally between systems. The beauty of UBA is that it highlights malicious insiders and outsiders using stolen credentials equally well, though it may require further investigation to determine which is which.

 

Applying security to the end user experience

If you’re going to go to the trouble of monitoring your employees, then maybe you should extract more value from the data you collect.

There’s a new breed of software that offers the same potential security protections to ensure compliance but focuses on the end user experience and how it might be improved to remediate issues as they happen. Nexthink detects and addresses anomalies in endpoint behavior before they occur or worsen into bigger problems. Nyansa takes a similar approach to problem prediction and mitigation with its network analytics service. Emphasis is placed on end users that have been or could be impacted by a problem then address it before escalation.

“End users lose more than 20 minutes of time each day because of computer issues, resulting in lost productivity for the business and lost credibility for IT,” says Samuele Gantner, VP Products, Nexthink. “We see this happen even in the most advanced organizations.”

Realigning endpoint monitoring to focus on improving the daily work experience for your employees makes a lot of sense. You can tighten your cybersecurity and gain the oversight you need, while simultaneously facilitating greater productivity and lessening the workload on your IT department.

Whatever strategy you choose, there’s clearly a need to act. The 2018 Insider Threat report from Crowd Research Partners interviewed 472 cybersecurity professionals and 53% confirmed that an insider attack had happened at their organization in the last year. It also found that 90% of organizations feel vulnerable to insider attacks.

Pair good policy and training with effective monitoring software and you can reduce the risk.

 

This article was originally posted in CSOOnline >

5 Tips to Help you Block Ransomware

Learn about best practices to combat the threat of ransomware

 

There have been some seriously nasty ransomware attacks in the last few years. From Petya to Wannacry to the SamSam attack on health record company Allscripts just last month, ransomware has been wreaking havoc across the world. Global ransomware damages exceeded $5 billion last year, up from $325 million in 2015. That’s a meteoric rise.

The sad thing is we understand the risks and how to mitigate them. A few simple steps can at least ensure that a bad situation isn’t made worse, but the evidence suggests that too many organizations have failed to learn the importance of a proactive approach. Let’s look at five areas that deserve attention.

 

1. Get your defenses in order

It’s vital to have a proper intrusion prevention system (IPS) in place. That means a cutting edge, high performance firewall and sandboxing support. Secure those open ports. Review your port-forwarding rules and try to find alternative ways to access resources. Apply rules to govern your network traffic and make sure it is being monitored round the clock.

Try to reduce the potential attack surface to make life harder for cybercriminals. Review your access policy for data and make sure it is suitably restricted. The fewer entry points there are to your system, the harder it will be for attackers to gain access, and the easier it will be for your IT staff to monitor and identify problems.

 

2. Sandbox web and email traffic

Filter incoming traffic for suspicious files and automatically block downloads from the web and strip attachments from emails, so that they can be properly analyzed before they gain access to your network.

Phishing scams are a very common point of entry for ransomware and it’s frequently found lurking in seemingly benign PDFs, Microsoft Office documents, and especially in executables. It’s not easy to round up and eject ransomware once it has a hold, so stop these files at the door.

The risk with email is very high; according to PhishMe the proportion of phishing emails that carry ransomware has increased to 97% and as many as 90% of data breaches can be traced back to a phishing email.

 

3. Educate your employees

You can’t rely on security software to keep you safe. A Ponemon Institute surveyof 1,000 IT professionals at small and mid-sized businesses last year, found that 54% of respondents named negligent employees as the root cause of data breaches. You need clear policies, staff must be trained, and you need to test their understanding.

Combine sandboxing with a comprehensive training plan for security awarenessand you can dramatically reduce the risk of ransomware gaining access to your network and catch it early if it ever does get in.

 

4. Try to minimize lateral movement

Once ransomware gains entry to a network it often propagates by spreading laterally. If you have a flat network topology, with endpoints connected into a central switch, then it’s going to be tough to see or control the spread. Segmenting your Local Areas Networks (LANs) and connecting them through the firewall can help you uncover and block laterally moving threats.

 

5. Infected systems must be isolated

Sadly, infections are something of an inevitability. The trick is to identify them as quickly as possible and take immediate action. Automatically isolating any compromised systems is a smart move. Make sure that nothing can spread and buy yourself some time to further analyze the problem. With some ransomware infections, you may be able to roll out an automatic fix, while others will require manual attention from an InfoSec pro.

It should go without saying that you need to patch systems on a regularly scheduled basis, keep software up to date (accept those updates!) and of course auto back up all your precious data nightly.

If you do fall victim to a successful ransomware attack it could prove very expensive. Malwarebytes found that ransomware attacks caused 22% of infected small and medium-sized businesses to cease operations immediately. For one in six, the infection caused 25 hours or more of downtime.

Putting the right protection in place is going be a lot cheaper than cleaning up after an attack. Be proactive and take steps to guard against ransomware today, before it’s too late.

 

This article was originally posted in CSOOnline >

Watch webinar: Countdown to GDPR

Click Here to Watch the Webinar Now >

 
 

About the Webinar

The deadline for the new European General Data Protection Regulation (GDPR) is four months away, and it is likely to affect most companies around the world in one way or another – even ones not based in Europe. Join our friends from Sophos in this session to learn more about the GDPR and get suggestions for what to look out for in your preparations. Register now for this webinar brought to you by Twinstate Technologies, Towerwall and Sophos!
 

Watch webinar – Armis: Eliminate the IoT Security Blind Spot featuring Nadir Izrael

Click Here to Watch the Webinar Now >

 
 

About the Webinar

Webinar featuring Nadir Izrael Co-founder & CTO of Armis Security and Michelle Drolet Founder & CEO of Towerwall

Would you put a new endpoint in your environment without securing it? Of course, not. But businesses are being inundated by unmanaged, unprotected IoT devices every day. Devices you can’t put an agent on. Our research shows businesses can’t see 40% of the devices around them. Devices that are designed to connect, yet don’t have protection.

The fact is that the current security architecture is broken. We need a new approach to address the new endpoint (IoT devices) in the workplace. Join Armis CTO Nadir Izrael as he discusses:

  • How the current security architecture is broken
  • What the next-generation IoT security architecture should look like
  • How to address vulnerabilities found in IoT devices and unmanaged endpoints

 

Contact us to discuss Armis Solutions today >

 


10 Things I Know About… Cybersecurity trends

10) Data breaches.

Nearly 5 million data records are lost or stolen worldwide every single day, or 58 records every second. According to an IBM report, the average cost of a data breach is $7.3 million.

9) Machine learning will play a bigger role in cybersecurity.

Because the battle against cyber criminals moves so rapidly, machine learning models identifying attacks early could be a real boon for defenses.

8) Rise in ransomware.

A growing threat claiming high-profile victims, ransomware is when bad actors lock access to your data, then demand payment for the key.

7) Patching & updating.

Back up your sensitive data like customer records regularly, keep patching and updating systems – all simple steps.

6) Skills shortage.

The dearth of skilled cybersecurity professionals is a major problem. Despite soaring average salaries, thousands of positions are vacant.

5) Hire a virtual CISO.

Chief information security officers can be hired on a temporary basis to lay out a ground plan. Expect to see more outsourcing as employers fill the skills gap.

4) Application testing.

If you don’t test your security, then you don’t know how secure your business is.

3) IoT is a weak link.

We’re rolling out more and more sensor-packed, internet-connected devices, but the Internet of Things remains a major weak point for defenses. All too often these devices lack basic security controls.

2) Handle with care.

Lessen the blow by handling the aftermath correctly. Delaying disclosure, misdirecting potential victims, and failing to patch a known vulnerability will make a bad situation worse.

1) All is not doom.

Positive developments in cybersecurity include adoption of models like the National Institute of Standards & Technology’s cybersecurity framework. As more organizations and experts come together to develop a common language, our collective defenses grow stronger.

This article was originally posted in Worcester Business Journal >

The Cost of a Data Breach in 2018

58 data records are stolen every second at an average cost of $141 each.

Trading in intellectual property and personal data is so widespread that someone invented a calculator that can estimate the potential harm to your own business.

Nearly 5 million data records are lost or stolen worldwide every single day, according to the Breach Level Index. That’s a staggering 58 records every second. High profile data breaches hit the headlines with worrying frequency. Just last year there were notable incidents at Equifax, Verizon, and Kmart, to name just the three biggest.

Smaller breaches go unreported, and it’s not unusual for exposure to be grossly underestimated in the initial aftermath. Example: the real depth of Yahoo’s 2013 breach only came to light last October. It was a revelation that proved very costly, immediately wiping out $350 million off Verizon’s acquisition payment.

All of that comes before we consider the undiscovered data breaches lurking in the shadows of server stacks waiting to unseat executives, tank stock prices and damage reputations.

Data breaches have the power to cause enormous disruption, because they can, and often do, end up costing a huge amount of money to sort out. But the cost varies wildly depending on the country, the industry, and a host of other specifics.

 

What’s the cost of a data breach?

The 2017 Cost of Data Breach Study from the Ponemon Institute, sponsored by IBM, puts the global average cost at $3.6 million, or $141 per data record. That’s a reduction on the average cost in 2016, but the average size of data breaches has increased. It’s also worth noting that the average cost of a data breach in the United States is much higher at $7.3 million.

You can use the data breach calculator to arrive at a good estimate for your business. It allows you to factor in, not just by location and industry, but also lots of pertinent extras like compliance considerations, third-party involvement, insurance protection, and a whole lot more.

The size of the breach is also, obviously, an important factor in determining the overall cost. For a breach that results in less than 10,000 records being compromised, the average total cost is $1.9 million, but for 50,000 or more that rises to $6.3 million.

As the General Data Protection Regulation (GDPR) comes into effect in May, the cost of non-compliance could be about to skyrocket. It’s also worth remembering the potential for reputational damage to cause a downswing in any company’s fortunes. An interesting assessment of British telecoms company TalkTalk by Alva shows the impact of data breaches on reputation, and highlights how reputational risks grow more damaging when they aren’t successfully managed.

 

How you react has a big impact

Breaches will happen, but how you act to mitigate them has a very real impact on the bottom line. While the initial data breach is certain to cost money to fix, things get a great deal more expensive when they’re mishandled. For example, Equifax made a bad situation a lot worse by delaying disclosure, misdirecting potential victims, and failing to patch known vulnerabilities.

Putting a good security awareness program in place isn’t just a preventative measure, it also trains people in how to act when a suspected data breach does occur. Ponemon found that an incident response team can reduce the cost of a breach by up to $19 per record. If you want to keep costs down, having a solid response plan in place and taking the right action quickly is vital.

It stands to reason that the faster a data breach is uncovered and contained, the less it will cost, but most organizations still have a lot to do in this area. Ponemon found the average time to identify was around 191 days last year, with another 66 days on average required to contain the breach. These times could be reduced if every organization would keep up to date with NIST’s Cybersecurity Framework, keep tighter control of its data, and consider scanning the dark web for threat intelligence.

There’s no doubt that the potential cost of a large data breach should be enough to give many executives a sleepless night. But that fear should be leveraged by CISO’s and other InfoSec professionals to persuade organizations to do the right thing and invest properly in cybersecurity. It might not be possible to completely prevent breaches, but the right preparation can dramatically reduce the resulting cost.

 

This article was originally posted in CSOOnline >