Cyber Security Trend Week in Review: ChatOps Platform, Private Keys and Mobile Ransomware
This week in the Cyber Security Trend Community is a good example of the broad expanse of subjects readers need to not only be aware of but should consider as areas for continuing education and certification. It covers new tools that could be useful in fighting cybercriminals also with features ranging from compliance to ransomware as a service (RaaS). The good thing is that we were fortunate to be able to share the insights of several special guest contributors.
A good place to start is what I consider an interesting contribution to the cause from a company just out of stealth mode. The company’s name is Demisto, and the reason it is noteworthy is its introduction to the market of what it describes as an intelligent Bot-owered ChatOps Platform. What makes the Demisto Enterprise solution of interest is that it combines two new technology applications not seen previously in security industry solutions:
- An intelligent security bot (Dbot) for automating playbooks and response tasks, and for detecting duplicate incidents.
- The industry’s first security ChatOps-based platform for ticketing, collaboration and reporting.
Our second feature comes from special guest Matthew McKenna, Chief Strategy Officer, SSH Communications Security. In the posting, The Misguided Ambition of Controlling the Private Key, McKenna observes that if IT security professionals feel that they get the private keys for encryption under control that all is well and organizations should feel safer. As he notes, and why this is a piece well worth a read, is that such is not the case and readers need to consider the consequences of having a false sense of security.
We live in a world where data can reside anywhere and where privacy and compliance with the rules regarding the protection of data are complex. It necessitates that IT professionals, particularly from large multi-nationals, understand the implications of new regulations regarding privacy protection compliance. This week, special guest, Jaspreet Singh, CEO, Druva delves into the challenges that need to be addressed as a result of the European Union's General Data Protection Regulations (GDPR).
The final contribution this week came from special guest, Feixiang He, Cyber Analyst, Check Point Software Technologies. With ransomware top of mind as well as topping industry news, his observations on how ransomware is going mobile and what to do about it could not be timelier.
The Cyber Security Trend home page has links to valuable resources to enable community members to stay on top of industry best practices and career advice.
Resources include white papers and profiles for of certifications that can help you keep up with the bad guys and advance your career. Two resources I continue to recommend as weekend reading, or any time for that matter are, Official (ISC)² OnDemand Training and The Rise of the Cloud Security Professional Whitepaper . You also may wish to check out on our companion Cloud Security Resource site, the article about two new reports from Flashpoint on ransomware, is one all cyber security professionals are going to find interesting.