Cyber Security Trend Week in Review: Command and Control, Tokenization, Network Defenses
This week in the Cyber Security Trend Community featured more advice on steps that can be taken to increase one’s security posture from attacks by cyber criminals. Topics ranged from preventing threats from Android malware to keeping electronic payments secure.
We kick off with special guest Steve Gates, chief research analyst, NSFOCUS, who delved into how enterprises can protect themselves from a growing and potentially crippling menace of large numbers of Android devices with Command & Control enabled. As he notes, “building enormous botnets of Android devices (or any other operating system) with C&C enabled could allow attackers to easily move beyond reflective/amplified DDoS attacks.”
The guest contribution from Dan Joe Barry, vice president of marketing, Napatech, using the Trojan Horse story as a metaphor, devolved into what network defense requires today. As he explains, the barbarians have gotten past the traditional perimeter and organizations, in addition to alerts from security detection appliances, need automated tools that can correlate information from multiple sources. To make sure that you get the security detection infrastructure you need, look for these capabilities: continuously capture all traffic – without losing any data; analyze the data in real time as well as in near-real time and forensically; go back and understand when and where the breach occurred.
We all know that electronic payments have become the rule rather than the exception. This means special measures must be taken to secure the data. Special guest J.D. Oder II, CTO and SVP R&D, Shift4, discusses why tokenization is the answer, but clarity is needed on precisely what it is and how it can be properly used.
In our last item, Cyber Security Trend Community host (ISC)² will recognize 35 honorees and announce four showcased workforce initiatives, at the July 26, 2016 ceremony in Bangkok, Thailand. This is an impressive list of deserving honorees that is worth a look.
If you have time this weekend, the Cyber Security Trend home page has been designed as your easy to use gateway to valuable resources. This includes feature articles, news, white papers and profiles of certifications that can help you keep your organization safe and secure and help advance your career. The Official (ISC)² OnDemand Training and The Rise of the Cloud Security Professional Whitepaper are just two of several great resources available for downloading and review. In addition, our companion Cloud Security Resource site is also a source of valuable security insights and news.