Posts

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

DHS Has New Cyber Collaboration Center, But Private Companies May Hesitate to Share — Law.com

  • SonicWall CEO Bill Conner discusses the challenges faced by the new DHS National Risk Management Center initiative in relation to cooperation from the private sector.

ADT Acquires MSSP SDI, Eyes Small Business Cybersecurity Market Growth — MSSP Alert

  • ADT, the monitored security and home and business automation solutions provider, has acquired Secure Designs Inc. (SDI), a well-known MSSP and SonicWall partner that manages firewall equipment for small business customers.

The Changing Data Security Landscape — Database Trends and Applications

  • The SonicWall 2018 Cyber Threat Report is used in an analysis of the overall risk landscape for cybersecurity.

SonicWall to expand product engineering facility in India — ETCIO

  • Debasish Mukherjee, Country Manager India & SAARC SonicWall sat down with ETCIO to discuss the country’s expansion in Bangalore, India.

Cyber Security News

The Sensors That Power Smart Cities Are a Hacker’s Dream — Wired

  • Research from IBM Security and data security firm Threatcare that looked at sensor hubs from three companies—Libelium, Echelon, and Battelle—that sell systems to underpin smart city schemes.

Network of 15,000 bots used to spread cryptocurrency giveaway spam via Twitter — SC Magazine

  • A recently developed methodology for identifying Twitter bot accounts in large quantities turned up a cryptocurrency scam botnet operation found to leverage at least 15,000 bots to submit bogus tweets and likes.

Internet of Things Adoption to Rise Despite Security, Data Integration Challenges — The Wall Street Journal

  • Firms continue to adopt Internet of Things technologies, but believe large-scale deployments and returns on investment may take longer than expected to materialize due to ongoing security and implementation challenges.

iPhone Chipmaker Blames WannaCry Variant for Plant Closures — Bloomberg

  • Taiwan Semiconductor Manufacturing Co. blamed a variant of the 2017 WannaCry ransomware for the unprecedented shutdown of several plants, as it ramps up chipmaking for Apple Inc.’s next iPhones

Atlanta’s Reported Ransomware Bill: Up to $17 Million — Bank Info Security

  • The cost of the city of Atlanta’s mitigation and subsequent IT overhaul following a massive SamSam ransomware infection earlier this year could reach $17 million.

In Case You Missed It

SonicWall’s Consistent Value, Cyber Security Effectiveness Earn ‘Recommended’ Rating from NSS Labs

For far too long the modern organization has been told it must pay hundreds of thousands of dollars (or even millions) for powerful, enterprise-grade security.

But for more than 25 years, SonicWall’s mission has been to deliver consistent value and powerful cyber security for organizations of all sizes and budgets. For the fifth time since 2012, this has been validated by one of the most trusted, fact-based organizations in the industry: NSS Labs.

In its 2018 group test of next-generation firewalls (NGFW), NSS Labs strongly positioned SonicWall and the NSa 2650 firewall in the upper-right ‘Recommended’ quadrant of the 2018 NSS Labs Security Value MapTM (SVM).

“NSS Labs is committed to independent testing that helps enterprises make informed cybersecurity decisions,” said NSS Labs CEO Vikram Phatak in SonicWall’s official announcement. “With ‘Recommended’ ratings for five years, SonicWall next-generation firewalls are an excellent choice for any company seeking devices with strong security and consistent product quality to evolve their security architectures. We applaud SonicWall’s focus on product consistency and security effectiveness.”

This year’s in-depth firewall comparison was comprised of totals based on security effectiveness, block rates, stability, performance, product purchasing price, maintenance, installation costs, required upkeep, management and installation. In its head-to-head comparison tests, NSS Labs verifies that NSa 2650:

  • Remains one of the highest-rated and best-value NGFWs in the industry, with a 98.8 percent security effectiveness rating
  • Delivers second-best total cost of ownership (TCO) with $4 per protected Mbps
  • Tested 100 percent effective in countering all advanced HTTP evasion, obfuscation and fragmentation techniques
  • Earned 100 percent ratings in stability and reliability testing

Many factors are taken into consideration when weighing vendor options, measuring security efficacy and calculating TCO.

Security Effectiveness of Firewalls

NSS Labs conducts one of the industry’s most respected, comprehensive and fact-based validation programs for a full range of cybersecurity products, including network and breach security, endpoint protection, cloud and virtual security, and more.

For this year’s comparison test, the SonicWall NSa 2650 next-generation firewall was compared against other industry offerings. During the NSS Labs evaluation, SonicWall NSa 2650 endured thorough testing exercises via the NSS Exploit Library, which exposed the appliance to more than 1,900 exploits.

To ensure real-world testing conditions, NSS Labs engineers utilize multiple commercial, open-source and propriety tools to launch a broad range of attacks. SonicWall NSa 2650 blocked 98.8 percent of all attacks was 100 percent reliable during testing. SonicWall also was successful in countering 100 percent of all advanced HTTP evasion, obfuscation and fragmentation techniques.

The SonicWall NSa 2650 strong security effectiveness and findings within the NSS report are applicable to the entire SonicWall NSa next-generation firewall series.

Total Cost of Ownership for Firewalls

“SonicWall offers the second-lowest TCO with $4 cost per protected Mbps.”

The cyber security industry’s pricing models are, frankly, out of date. Too many legacy vendors believe their old way of doing business — charging hundreds of thousands, or even millions of dollars — is beneficial to end customers and prospects. In some cases, high-end hardware is required, but there should also be powerful, cost-effective options for today’s business.

SonicWall understands and embraces this change.

It’s the reason we continually monitor and refine our pricing structures to ensure every organization is able to protect themselves from today’s most malicious cyberattacks. And we’re proud to say that NSS Labs found SonicWall to offer the second-lowest TCO with $4 cost per protected Mbps.

NSS Labs calculates TCO across a three-year period. At a high level, the formula includes:

  • Year 1 Purchase Price
  • Year 1 Installation & Labor
  • Year 1 Maintenance Costs
  • Year 2 Maintenance Costs
  • Year 3 Maintenance Costs

According to NSS Labs, “Calculations are based on a labor rate of $75 (USD) per hour and vendor-provided pricing information. Where possible, the 24/7 maintenance and support option with 24-hour replacement is used, since enterprise customers typically select that option. Pricing includes one enterprise-class CMS to manage up to five devices.”

As a best practice, enterprises and security-conscious organizations should include TCO as part of their NGFW evaluations, including:

  • Acquisition costs for NGFW and a central management system (CMS)
  • Fees paid to the vendor for annual maintenance, support and signature updates
  • Labor costs for installation, maintenance and upkeep

5 Cyberattack Vectors for MSSP to Mitigate in Healthcare

It’s no secret that healthcare continues to be one of the most targeted industries for cybercriminals. Healthcare providers store and maintain some of the most valuable data and the appetite for fraudulent claims or fake prescription medications is insatiable.

Despite all of the regulations, there are still fewer watchdogs overseeing healthcare. For many providers, cyber security hasn’t been a priority until very recently.

With more and more organizations reaching out to cyber security experts for assistance, it’s more important than ever that managed security services providers (MSSPs) understand the healthcare industry so that they can tailor solutions aimed at improving the security posture of healthcare providers.

Inside Users Present the Greatest Threat

According to a 2018 survey of cyber security professionals conducted by HIMSS, over 60 percent of threat actors are internal users within a healthcare organization. Email phishing and spear-phishing attempts are aimed at tricking users into providing credentials or access to information for cybercriminals. Negligent insiders, who have access to trusted information, can facilitate data breaches or cyber incidents while trying to be helpful.

In addition to systematically monitoring and protecting infrastructure components, MSSPs need to consider a multi-faceted campaign that creates a cyber security awareness culture within healthcare organizations. This campaign should include template policies and procedures for organizations to adopt, regular and routine training efforts, and human penetration-testing.

From a systematic perspective, it’s important to have tools that will do everything possible to mitigate cyberattacks. Tools like next-generation email security to block potential phishing or spear phishing attempts; endpoint security solutions to monitor behavior through heuristic-based techniques; and internal network routing through a next-generation firewall to perform deep packet inspection (DPI) on any information transgressing the network — especially if it’s encrypted.

Mobile Devices Open Large Attack Surfaces

Mobile devices have changed the way that we do just about everything. And the same is true for the manner in which healthcare conducts business.

To enable mobility and on-demand access, many electronic health record (EHR) applications have specific apps that create avenues for mobile devices to access portions of the EHR software. The widespread adoption of mobile devices and BYOD trends are pushing healthcare to adapt new business models and workflows. Cyber risk mitigation must be a priority as momentum continues to build.

MSSPs need to pay very careful attention to the access that mobile devices have to the EHR application, whether hosted on-premise or in the cloud. For more protection, implement a mobile device management (MDM) solution if the organization doesn’t already have one.

IoT Leaves Many Healthcare Providers at Risk

The Internet of Things (IoT) is bringing connectivity and statistical information to providers in near real-time while offering incredible convenience to the patient. Even wearable devices have immense capabilities to monitor chronic illnesses, such as heart disease, diabetes and hypertension. With these devices comes an incredible opportunity for hackers and immense threat for healthcare providers.

IoT devices tend to have weaker protections than typical computers. Many IoT devices do not receive software or firmware updates in any sort of regular cadence even though all of them are connected to the internet. There are so many manufacturers of IoT devices, and they are distributed through so many channels. There are no standards or controls regarding passwords, encryption or chain of command tracking capabilities to see who has handled the device.

If it’s feasible for the organization, totally isolate any IoT-connected devices to a secure inside network not connected to the internet (i.e., air gapped).

Encryption for Data at Rest Is Critical

For healthcare providers, it’s equally important to have a strong encryption for both data at rest and data in transit. Encryption for data at rest includes ensuring the software managing PHI doesn’t have a really weak single key that could unlock everyone’s PHI. If at all possible, records should be encrypted with unique keys so that a potentially exposed key doesn’t open the door to everyone’s information.

Attacks Are Hiding within Encrypted Traffic

MSSPs serving healthcare organizations need to realize that there is not one layer of defense that they should rely on. That said, perhaps the most important layer is the firewall.

A next-generation firewall, with DPI capabilities, is a critical component to securing a healthcare network. Even internal traffic transgressing the network should be routed through the firewall to prevent any potential malicious traffic from proliferating the entire LAN and to log transactions.

As much as possible, isolate medical devices and software applications that host PHI inside a secure network zone and protect that zone with an internal DPI-capable firewall that will only allow access to authorized services and IP addresses.


About ProviNET

ProviNET is a SonicWall SecureFirst Gold Partner. For nearly three decades, ProviNET has delivered trusted technology solutions for healthcare organizations. Whether it’s a single project or full-time onsite work, ProviNET designs and implements customized solutions so healthcare organizations can focus on core services.

ProviNET’s tight-knit group of experienced, industry-certified personnel are focused on customer satisfaction. They are a reputable organization, fulfilling immediate IT needs and helping plan for tomorrow. They are ready to put their extensive knowledge to work for healthcare, developing strategies and solving challenges with the latest technology.

To learn more about ProviNET, please visit www.provinet.com.

Ransomware Surges, Encrypted Threats Reach Record Highs in First Half of 2018

To ensure organizations are aware of the latest cybercriminal attack behavior, today SonicWall published a mid-year update to the 2018 SonicWall Cyber Threat Report.

“The cyber arms race is moving faster than ever with bigger consequences for enterprises, government agencies, educational and financial institutions, and organizations in targeted verticals,” said SonicWall CEO Bill Conner in the official announcement.

Cyber threat intelligence is a key weapon in organizations’ fight against criminal organizations within the fast-moving cyber arms race. The mid-year update outlines key cyberattack trends and real-world threat data, including:

Data for the annual SonicWall Cyber Threat Report is gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories.

“SonicWall has been using machine learning to collect, analyze and leverage cyber threat data since the ‘90s,” said Conner. “This commitment to innovation and emerging technology is part of the foundation that helps deliver actionable threat intelligence, security efficacy and automated real-time bread detection and prevention to our global partners and customers.”

Get the Mid-Year Update

Dive into the latest cybersecurity trends and threat intelligence from SonicWall Capture Labs. The mid-year update to the 2018 SonicWall Cyber Threat Report explores how quickly the cyber threat landscape has evolved in just a few months.

GET THE UPDATE

Capture Cloud Platform: A Security Ecosystem that Harnesses the Power of the Cloud

We have fantastic advancements in technologies right now. With software-defined everything (SDx) and cloud becoming more accessible and affordable, both large and small organizations can effectively execute their digital business strategies with greater ease and speed.

As new applications, systems and SDx architecture are deployed to advance the digital business, many organizations also find themselves retooling their cyber security model to maintain the health and defense of their networks and services.

Organizations now must have complete knowledge, visibility and control of the security ecosystem, and the capacity to manage and remove cyber risks that can be disruptive and disastrous to the business.

To help make the cloud journey powerful, agile and safe, SonicWall developed its Capture Cloud Platform to address CISOs’ top three cyber security priorities:

  1. Give actionable cyber threat intelligence to help better understand security risks and quickly respond to them
  2. Reduce security silos by consolidating and integrating security technologies
  3. Manage cyber risk with greater visibility and control

Integrated Security, Management & Analytics

The core value of the Capture Cloud Platform is the integration of several key capabilities with our cloud-based centralized management, reporting and analytics services, including the Capture Advanced Threat Protection (ATP) sandbox, which includes Real-Time Deep Memory Inspection (RTDMITM) technologies, and Capture Labs and Capture Threat Network threat intelligence services.

This all-in-one approach enables our complete portfolio of high-performance hardware, virtual appliances and clients to harness the power, agility and scalability of the cloud and allows organizations to:

  • Drive end-to-end visibility and share intelligence across a unified security framework
  • Proactively protect against known and unknown cyberattacks (e.g., zero days)
  • Gain contextual awareness to detect and respond to security risks with greater speed and accuracy
  • Make informed security policy decisions based on real-time and consolidated threat information

SonicWall Capture Cloud Platform service-oriented architecture tightly unifies the current and future SonicWall security and management services organizations needs to run an efficient security operation center (SOC). It eases and, in most cases, automates the governance of their network, endpoints and cloud security services with single-pane-of-glass (SPOG) experience.

10 Components of the Capture Cloud Platform

Organizations are empowered by Capture Cloud Platform to make the shift from the old on-premises world of IT into the new hybrid cloud-as-a-service world by coalescing SonicWall security solutions with simple, common management tools that not only help achieves desired security and operational goals but also real business values.

Currently, Capture Cloud Platform is comprised of 10 key SonicWall security and service components:

  1. Capture Security Center
  2. Real-Time Cyber Threat Intelligence
  3. Capture Client
  4. Capture ATP
  5. Cloud App Security
  6. Management & Analytics
  7. NSv Series virtual firewalls
  8. NSa Series hardware firewalls
  9. Web Application Firewall (WAF)
  10. MySonicWall & Licensing (credentials required)

The combination of these services delivers mission-critical layered cyber defense, threat intelligence, analysis and collaboration, and common management, reporting and analytics, that work synchronously together.

This help organizations stay on top of the cyber threat landscape, protect sensitive information, meet compliance, and maintain normal service operations while moving the company’s digital transformation forward safely.

Visit our Capture Cloud Platform to get detailed information on each of the solution values and learn how the platform can securely accelerate your cloud journey.

How to Evaluate & Compare Antivirus Solutions

When evaluating a change in how you secure your network, you need to look beyond the upper-right quadrant.

It is easy to run to analyst graphs and pick a few cyber security solutions that etch closest to the top right. But is that the right path of exploration for your organization? Did these evaluations consider the factors most important to you and your security objectives?

Comparing endpoint protection platforms (EPP), commonly referred to as antivirus (AV) solutions, is no different. For example, SonicWall Capture Client features an antivirus engine (powered by SentinelOne) that scores very high in NSS Labs 2018 results. But there is always more to consider.

So, how do you decide who and what to evaluate? Outside of a good balance between detection versus false positives, organizations should consider:

  • Costs
  • Built-in synergies with other security services and appliances
  • Ability to stop cyberattacks before the execute
  • Inspection of encrypted traffic
  • Ease of remediation

To complement NSS Labs research, SonicWall is providing exclusive access to the Gartner paper, “Understand the Relative Importance of AV Testing in EPP Product Selection.” This resource will help guide your organization as you sift through the benefits, capabilities and performance of top endpoint protection and antivirus solutions.

Within the paper, Gartner breaks down the concepts of advanced endpoint protection into four core components:

  1. Prevention
  2. Detection
  3. Response
  4. Prediction

To learn more, download the full Gartner report, “Understand the Relative Importance of AV Testing in EPP Product Selection.”

Get the Complete Gartner Paper

Deciding on the endpoint solution that’s right for your organization is a complex undertaking. To help guide your path, download the exclusive Gartner paper, “Understand the Relative Importance of AV Testing in EPP Product Selection,” compliments of SonicWall.

Get the Report

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Cybersecurity 500 List, 2018 Edition Cybersecurity Ventures

  • SonicWall is announced as #36 on Cybersecurity Ventures Cybersecurity 500: 2018 Edition List which includes the world’s hottest and most innovative cybersecurity companies to watch in 2018.

British Businesses Facing Cyber Ransom Demands of up to £200,000 The Daily Telegraph

  • Cyber criminals are arming themselves with “malware cocktails”, expertly blended using old variants of malicious computer code. The new viruses are more potent than their predecessors because they have adapted to companies’ cyber defenses, like a digital version of antibiotic-resistant superbugs.

Securing Your Journey to Success With Innovation and Security: SonicWall Silicon Review

  • Recently announced as one of the 10 Best Security Companies in 2018, SonicWall is featured in an editorial highlighting the company’s history and success with CEO Bill Conner at the forefront.

10 Best Security Companies in 2018 Silicon Review

  • SonicWall is announced as one of the 10 Best Security Companies in 2018.

Cyber Security News

Cybercriminals on Average Have Seven-Day Window of Opportunity to Attack SC Magazine

  • Once a vulnerability is announced, the average attacker has a seven-day window of opportunity to exploit the flaw before a defender is even aware they are vulnerable, according to report from Tenable.

Deadly Attacks Feared as Hackers Target Industrial Sites The Hill

  • The hacking threat to critical infrastructure in the United States and beyond is growing larger, with nation states and other malicious actors looking to gain a foothold in sensitive technologies to conduct espionage and potentially stage disruptive or destructive attacks.

U.S. Judge Dismisses Kaspersky Suits to Overturn Government Ban Reuters

  • A U.S. federal judge on Wednesday dismissed two lawsuits by Moscow-based Kaspersky Lab that sought to overturn bans on the use of the security software maker’s products in U.S. government networks.

BackSwap Banking Malware Bypasses Browser Protections With Clever Technique SC Magazine

  • A new banking malware called BackSwap has replaced tricky conventional browser injections with a simpler browser manipulation technique.

Over 5K Gas Station Tank Gauges Sit Exposed on the Public Net Dark Reading

  • It’s been three years since researchers first discovered automated tank gauges (ATGs) at some 5,000 US gas stations exposed on the public Internet without password protection, and a recent scan found 5,635 locations were vulnerable to the same issue.

In Case You Missed It


Upcoming Webinars & Events

June 4
Webinar
1 a.m. PDT
Technical Deep Dive – Securing Office 365 with SonicWall Email Security
> Register Now

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

New DHS National Cybersecurity Framework Sets Goals, Milestones — MSSP Alert

  • As a result of the recent elimination of the White House cybersecurity coordinator role, SonicWall CEO Bill Conner is featured for his perspective and insight into what the move implies for the future of cybersecurity policy.

SonicWall Pushes Capture Cloud Platform with Endpoint Security — Chinabyte.com

  • SonicWall’s recent updates including the company’s new Capture Cloud Platform, enhanced RTDMI technology and more are featured in this article.

Cybersecurity Sourcebook 2018 Looks at Evolving Data Threat Landscape — Database Trends & Applications

  • This article explains the serious need to safeguard data using key SonicWall threat data. Specifically, they’ve included stats sharing that cyberattacks are becoming the number-one risk to businesses, brands, operations, and financials, and that there were 9.32 billion malware attacks in total in 2017, representing an 18.4% increase over 2016.

Cyber Security News

Brutal Cryptocurrency Malware Crashes Your PC When Discovered — ZDNet

  • The malware, dubbed WinstarNssmMiner by 360 Total Security researchers, has been used in half a million attempted attacks leveraged at PCs in only three days.

What Makes ZTE a Cybersecurity Threat? Congress Wants to Know — CNET

  • Congress wants a detailed explanation on what cybersecurity threats the Chinese phone company poses.

Mexico Central Bank Says Hackers Siphoned $15 Million from Five Companies — Reuters

  • Mexico’s central bank said on Wednesday that a cyber attack had sucked around 300 million pesos ($15.33 million) in fraudulent transfers from five companies, but it was unclear how much thieves had managed to pull out in cash.

Former CIA Software Engineer ID’ed as Suspect in Vault 7 Leaks — SC Magazine

  • The former CIA software engineer believed to have leaked the CIA’s Vault 7 hacking tools is already behind bars at the Metropolitan Correctional Center in New York City, after being indicted for possessing child pornography.

DHS Issues More Medical Device Cybersecurity Alerts — GovInfo Security

  • The Department of Homeland Security has yet again issued a warning about cybersecurity vulnerabilities in medical devices. These warnings have come after independent researchers, or the companies themselves, have reported the problems.

Cybersecurity Whistleblowers are Growing Corporate Challenge — The Wall Street Journal

  • Signals from the U.S. Securities and Exchange Commission over how seriously it takes cybersecurity, combined with a Supreme Court ruling on whistleblower protections, are putting pressure on companies to be more careful about how they deal with potential tipsters, lawyers say

In Case You Missed It


 

 

Ransomware, Variants, Snipers & Kung Fu

The 2018 SonicWall Cyber Threat Report reported a 71.2 percent decline in the number of ransomware attacks, but a 101.2 percent increase the number of ransomware variants. Let me ask you, is this good news or bad?

If this was a military battle, would you celebrate the news the enemy reduced the number of machine guns by nearly three quarters but doubled the number of snipers? Perhaps, but now you’d have to keep your head lower and stay out of sight.

2016 saw a flood of “spray-and-pray” ransomware attacks as hackers were taking advantage of soft defenses and low levels of employee awareness. In fact, in 2016 SonicWall blocked nearly 640 million ransomware attacks; that was over 1,200 ransoms not seen (or paid) each minute.

Because of this intense pressure, organizations around the globe bolstered their defenses and education efforts. Simply put, we got tired of getting beat up for our lunch money and took Kung-Fu lessons.

Attackers retool ransomware strategies

In 2017, attackers retooled with new exploits. From that, WannaCry, NotPetya and Bad Rabbit were born. Each were designed to be malware cocktails that infected a system and then move on to the rest of the network through shared drives. But these are just three of the 2,855 variants SonicWall created defenses for in 2017 alone.

With these new malware cocktails in the wild, threat actors targeted specific roles within companies through social engineering. Instead of annoying thousands of people with a small ransom with a shrinking chance they will pay, many switched to hard-hitting attacks with larger demands.

Unique Ransomware Signatures

One such instance was the city of Atlanta, where the SamSam ransomware variant affected five out of 13 city departments and shut down systems for 10 days. Fortunately, the $51,000 ransom went unpaid but the damages to systems, lost files and productivity far outweigh the demand.

How to stop ransomware attacks, avoid ransom payouts

So, what can we do in this period of the threat landscape? Employee awareness for social engineering attacks (e.g., phishing attempts) still needs to drastically improve. Strong password hygiene also needs to be in place to block attacks like SamSam that work off of guessed passwords.

From there, we need ransomware protection technology in place that stops attacks. Here are two core technologies have may not have thought of recently:

  1. Implement a network sandbox that can identify and stop unknown attacks.

    A network sandbox is an isolated environment on the firewall that runs files to monitor their behavior. SonicWall Capture Advanced Threat Protection (ATP) is a multi-engine sandbox service that holds suspicious files at the gateway until a verdict can be achieved.

    Capture ATP also features Real-Time Deep Memory InspectionTM (RTDMI). RTDMI is a memory-based malware analysis engine that catches more malware, and faster, than behavior-based sandboxing methods. It also delivers a lower false-positive rate to improve security and the end-user experience. Learn about its ability to find and block malicious PDFs and Office documents.

  2. Use advanced endpoint client security

    For years, companies deployed traditional anti-virus (AV) on their computers, which was fine when the total number of signatures they had to write and update numbered in the hundreds of thousands. Last year, SonicWall discovered 58 million new forms of malware that take time to signature and push to defense points like firewalls.

    Even if these are pushed within 24 hours, it leaves a gap that new and advanced malware can walk right through. I recommend using a next-generation anti-virus (NGAV) solution that can monitor the behavior of a system to look for malicious activities, such as the unauthorized encryption of your files. For example, SonicWall Capture Client delivers advanced malware protection and additional security synergies for SonicWall firewall users.

On top of these two new forms of technology, please follow best practices when securing and managing your networks, such as network segmentation.

Download the 2018 SonicWall Cyber Threat Report

The cyber arms race is a challenge we face together. And it’s the core reason we’re committed to passing our findings, intelligence, analysis and research to the global public via the SonicWall 2018 Cyber Threat Report.

READ THE FULL REPORT

The Shortest Line at RSA Conference 2018: Where are all the Women?

Anyone who has attended an RSA Conference knows that it is typically a male-dominated event. In keeping with this year’s theme, “Now Matters,” I decided that this was the year for me to take a step toward shifting that gender imbalance.

I reached out to my leadership team to request that I attend RSA Conference 2018 as a part of the SonicWall team. My motivations were clear: as a woman working in cyber security, I believe more women need to be represented at the RSA Conference (and every other information security event).

In early March, the organizers behind RSA Conference 2018 announced their preliminary lineup of keynote speakers to much backlash and outcry in the industry. Critics and concerned industry experts were quick to highlight that the lineup was stacked with 19 men out of a total of 20 speakers. The sole female speaker: Monica Lewinsky. Lewinsky, although undoubtedly an interesting and relevant keynote on the topic of anti-cyber-bullying, is not exactly a name synonymous with cyber security.

RSA’s position
To their credit, RSA Conference organizers were quick to clarify that the list was not yet complete. The initial list only included speakers that had been confirmed early, many of whom were connected to the conference through sponsorship deals. In a matter of days, the RSAC organizers clarified that the conference would “feature more than 130 female speakers tackling everything from data integrity to hybrid clouds to application security, among other topics.”

In a statement that seemed to shift the blame back to the industry, RSA highlighted that 20 percent of overall speakers at the event were women, even though Forrester estimates that 11 percent of cyber security positions are held by women.

Observations at RSA Conference
As a member of SonicWall’s booth team, I spent the majority of my time at the conference on the expo floor where, interestingly, there seemed to be a decent representation of both men and women. On closer examination, the majority of women present were wearing exhibitor badges, indicative of women gravitating toward marketing or sales roles in the technology industry. Though, admittedly, this is anecdotal evidence.

Over at Moscone West, where the keynote speeches and sessions required a full conference pass costing $2,000-plus per attendee, it was a different story. A SonicWall colleague who attended the first morning’s keynote sessions jokingly shared with me that it was the first time he had experienced longer waits for the male restrooms while the female restrooms were relative ghost towns.

Organizers even made changes to the restroom configuration: In the North Expo hall, the women’s restrooms were converted to be gender-neutral in order to facilitate demand.

Lines for the Men’s Restrooms at RSA Conference 2018. Photo Credit: Samantha Schwartz

A history of change

It wasn’t all negative news for female representation at the RSA Conference. The organizers at RSA have been adapting to the changing industry landscape long before this year’s criticism. As recently as five years ago, it was common to see technology vendors at trade shows advertising their products with the assistance of “booth babes.”

It wasn’t until 2015 that RSA, under industry pressure largely driven by social media, issued a ban on so-called “booth babes.” Exhibitors are contractually obliged to have all expo staff adhere to a dress code described as “business and/or business casual attire.” This move has forced marketers to find creative and unique ideas to garner booth traffic — everything from magicians to virtual reality experiences were on display at this year’s expo.

Women in cyber security
This year’s conference also featured several panels and discussions dedicated to the topic of women in the industry. An unexpectedly optimistic discussion, “Women in Computing: Why Are Women Leaving Computing Professions?,” provided valuable insights to help leaders address female turnover in the industry.

Caroline Wong led a panel discussion on “Women in Security: A Progressive Movement,” which focused on the value that a woman’s perspective can bring to the table along with actionable takeaways for addressing problems with hiring practices.

Diversity is everyone’s responsibility

While tech conference organizers certainly have a responsibility to ensure the conversation around gender disparity has a forum and that women are represented fairly, opportunities to accelerate the progress in this area lie within companies, leadership and individual employees at all levels.

The Frost & Sullivan report, “The 2017 Global Information Security Workforce Study: Women in Cybersecurity,” published some telling statistics about this effort. Although just 11 percent of information security professionals globally are women according to the report, women in the field are more likely (52 percent) than their male coworkers (46 percent) to hold a master’s degree or higher. Despite this, they still hold less workplace authority.

Many organizations say they want to hire more women, yet most companies, especially in male-dominated fields of technology and cyber security, are far from reaching hiring parity. In North America, for example, women represent 14 percent of the cyber security workforce — the highest percentage when compared to other regions like Asia-Pacific (10 percent), Africa (9 percent), Latin America (8 percent), Europe (7 percent) and the Middle East (5 percent). For context, in the United States alone, females make up 48 percent of the workforce, said the report.

Organizations need to increase their investment in women. Beyond the obvious opportunities — closing pay gaps and advancing women in top leadership — organizations need to make workplaces trusted spaces, implement unconscious bias education and share best practices.

If you are a woman involved in the tech industry, you have an opportunity to serve as a much-needed role model — both to other women and to your male colleagues, many of whom are eager to hear and understand the female perspective in this industry. In short, if you are a woman in tech … get out there, be seen and be heard.

Resources for Women in Cyber Security

Organizations
WiCyS Women in CyberSecurity
Women in Security and Privacy
National Center for Women & Information Technology
SWE – Society of Women Engineers
Conferences and Events
WiCyS Women in CyberSecurity
Grace Hopper Celebration
OURSA – Our Security Advocates
Scholarships
Raytheon’s Women Cyber Security Scholarship Program
(ISC)² Women’s CyberSecurity Scholarships
Scholarship for Women Studying Information Security

SonicWall is proud to be an equal-opportunity employer. We are committed to providing employees with a work environment free of discrimination and harassment and welcome the opportunity to support skilled, talented women and men in their cyber security careers. If you are interested in pursuing a career at SonicWall, please explore our careers page: https://www.sonicwall.com/en-us/about-sonicwall/careers