DRJ Fall 2019

Conference & Exhibit

Attend The #1 BC/DR Event!

Spring Journal

Volume 32, Issue 1

Full Contents Now Available!

Industry Hot News

Industry Hot News (324)

Some folks see trees when they look up at clouds. For others, clouds may take the form of a rabbit. But when IT professionals stare at clouds, they can’t help but picture a hosted private cloud with micro-segmentation. And for good reason.

What IT professionals see when they look at clouds

An increasing number of organizations are moving to the cloud for its obvious benefits. But along with this transition comes a greater need for more advanced cloud security measures. Micro-segmentation is one of these measures.

Unlike traditional security defense strategies like firewalls and edge devices that protect the flow of north-south data by focusing on the perimeter, micro-segmentation focuses on the inside, isolating individual workloads to protect traffic that’s traveling east-west within a data center. So even if a bad actor manages to get past your perimeter security measures, micro-segmentation will prevent the attack from spreading.

Failing to adapt security to meet the growing needs of increasingly complex IT environments can be catastrophic.

With cloud security top of mind for IT professionals, it’s no wonder they’re seeing it everywhere they look.

https://www.sungardas.com/en/blog/cartoon-what-it-professionals-see-when-they-look-at-clouds/

Recently, the department for Digital, Culture, Media & Sports in the United Kingdom released the Cyber Security Breaches Survey 2019.

The survey discusses statistics for cyberattacks, exposure to cyber risks, the awareness and attitudes of companies around cyber risk, and approaches to cybersecurity. Here are the four takeaways from the survey (all statistics included in this briefing are part of the survey).

...

https://www.onsolve.com/blog/4-takeaways-from-the-2019-cybersecurity-breaches-survey/

Charlie Maclean Bristol discusses whether you should consider likelihood when conducting a risk assessment as part of the business continuity process. Do you need to know how likely it is that a threat will become an actuality; or is knowledge of the impact of the threat enough?

Business continuity has always had a slightly uneasy relationship with risk management. In the 2010 and 2013 BCI Good Practice Guidelines (GPGs) we looked at threat assessments, whereas in the more recent 2018 GPG, we cover a threat and risk assessment. This issue of conducting a threat assessment instead of a risk assessment was driven by a certain character in business continuity circles who was very anti-risk assessment, and hence pushed the idea of threat assessment in the two earlier GPGs.

Nowadays, risk assessment is coming of age and it seems to be everywhere. You need a risk assessment for climbing up a ladder and you also need one for running a massive multinational organization.

This article was inspired by a talk given by Tony Thornton, ARM Manager for ADNOC Refining, which I heard at The BCI UAE Forum in February. During his talk on risk assessment, he focused on there being no point in looking at likelihood when you are doing a business continuity risk assessment. He said that having a 3x3 or even a 5x5 scale was meaningless in terms of likelihood. The point he was making was that if there was a possibility it could happen, then that was good enough: and how likely it was to happen didn’t really matter. He was more enamoured with impact, which he said was worth looking at, as well as differentiating between high, medium and low impacts.

...

https://www.continuitycentral.com/index.php/news/business-continuity-news/3931-business-continuity-risk-assessments-is-looking-at-likelihood-a-waste-of-time

'Sea Turtle' group has compromised at least 40 national security organizations in 13 countries so far, Cisco Talos says

A sophisticated state-sponsored hacking group is intercepting and redirecting Web and email traffic of targeted organizations in over a dozen countries in a brazen DNS hijacking campaign that has heightened fears over vulnerabilities in the Internet's core infrastructure.

Since 2017, the threat group has compromised at least 40 organizations in 13 countries concentrated in the Middle East and North Africa, researchers from Cisco Talos said Wednesday.

In each case, the attackers gained access to, and changed DNS (Domain Name System) records of, the victim organizations so their Internet traffic was routed through attacker-controlled servers. From there, it was inspected and manipulated before being sent to the legitimate destination.  

...

https://www.darkreading.com/attacks-breaches/nation-state-hacker-group-hijacking-dns-to-redirect-email-web-traffic/d/d-id/1334462

Steve Blow explains that while businesses must remain consistently focussed on digital transformation in order to not fall to the back of the pack, digital transformation efforts could be futile if businesses don’t address and improve their IT resilience.

The market as we know it has been changing dramatically over the last decade, with each digital development outpacing the other at every turn in the track. Companies that are too stuck in their ways are being overtaken by contemporary companies, unencumbered by legacy and real estate, which are in line with the latest developments in IT.

This said, almost every single business must remain consistently focussed on digital transformation in order to keep up with developments; taking on new digital initiatives to drive efficiencies, create new experiences, and ultimately, beat the competition. According to recent research (1), 90 percent of businesses see data protection as important or critical for digital transformation projects. However, the same research revealed that the proper technological provisions are not yet in place, in order for these same businesses, striving to achieve digital transformation, to deliver on demands of data protection assurance.

It has become increasingly clear that having the right foundations early on in any digital journey is a critical factor in the success of transformation initiatives. So, building data protection within a robustly resilient IT infrastructure will be of paramount importance for businesses. Not only will this be critical for businesses to succeed day-to-day, but also to ensure complete transformation, modernization and cohesion. From my experience, there are three recommendations that could be key to help businesses achieve this:

...

https://www.continuitycentral.com/index.php/news/technology/3930-it-resilience-the-key-to-a-successful-digital-transformation

I occasionally find people mapping their SOC capabilities to the ATT&CK framework by checking off specific techniques that they have shown they are able to detect with the intent of measuring coverage within their SOC. In this blog post, I hope to clarify why this strategy may be misleading.

There Are No Bad Actions, Only Bad Behavior

It’s almost impossible to have a high-confidence indictment of a process based on a single behavior. Hypothetically, if there were such a thing as a purely malicious operation, the system would not have been designed with this capability, or it would have been patched out. While there are certainly exceptions (things you would absolutely want to know if they happen in your infrastructure), it’s important to understand ATT&CK techniques as the building blocks of a cyberattack and that they are not malicious in and of themselves.

...

https://go.forrester.com/blogs/the-mitre-attck-framework-is-not-a-bingo-card/

Executive coach and strategic advisor Amii Barnard-Bahn provides guidance on how executives can prepare for a board appointment: Start by following the 10 steps outlined here.

A lifelong diversity advocate, I testified in multiple legislative committees on the successful passage of California’s SB826, the first law in the U.S. requiring corporate boards to include women. This legislation was designed to create more access for diverse and qualified candidates for public boards. “More access” is important because the role of the board has become critical to the long-term health of a company and the protection of its shareholders and employees. Creating a larger pool of seasoned professionals to guide and govern our corporate institutions is paramount in a time of TeslaPapa John’sTheranos and CBS debacles.

A board search can take many years, so it’s never too early to evaluate and cultivate the skills and network you need to establish yourself as a viable candidate.

...

https://www.corporatecomplianceinsights.com/are-you-a-board-ready-executive-take-these-10-steps-first/

Wall Street loves a digital business. These technology-driven innovators, which put customer acquisition, retention, and experience at the center, have a different way of looking at the world. They are rewarded with growth and investment.

And it’s not just digital natives. Digitally advanced incumbents, firms such as Accenture, Capital One, Microsoft, and Philips, also see the world through a technology opportunity lens. They are also rewarded.

What do digitally advanced companies look like? How are they different from companies just starting their digital transformation? To find out, we analyzed the digital maturity of 793 enterprises in North America and Europe. We found digitally advanced firms in every industry, from retail and consumer products to manufacturing and financial services.

...

https://go.forrester.com/blogs/assessing-your-digital-maturity-what-does-excellence-look-like/

Archived data great for training and planning

By GLEN DENNY, Baron Services, Inc.

Historical weather conditions can be used for a variety of purposes, including simulation exercises for staff training; proactive emergency weather planning; and proving (or disproving) hazardous conditions for insurance claims. Baron Historical Weather Data, an optional collection of archived weather data for Baron Threat Net, lets users extract and view weather data from up to 8 years of archived radar, hail and tornado detection, and flooding data. Depending upon the user’s needs, the weather data can be configured with access to a window of either 30 days or 365 days of historical access. Other available options for historical data have disadvantages, including difficulty in collecting the data, inability to display data or point query a static image, and issues with using the data to make a meteorological analysis.

Using data for simulation exercises for staff training

Historical weather data is a great tool to use for conducting realistic severe weather simulations during drills and training exercises. For example, using historical lightning information may assist in training school personnel on what conditions look like when it is time to enact their lightning safety plan.

Reenactments of severe weather and lightning events are beneficial for school staff to understand how and when actions should have been taken and what to do the next time a similar weather event happens. It takes time to move people to safety at sporting events and stadiums. Examining historical events helps decision makers formulate better plans for safer execution in live weather events.

Post-event analysis for training and better decision making is key to keeping people safe. A stadium filled with fans for a major sporting event with severe weather and lightning can be extremely deadly. Running a post-event exercise with school staff can be extremely beneficial to building plans that keep everyone safe for future events.

Historical data key to proactive emergency planning

School personnel can use historical data as part of advance proactive planning that would allow personnel to take precautionary measures. For example, if an event in the past year caused an issue, like flooding of an athletic field or facility, officials can look back to that day in the archive at the Baron Threat Net total accumulation product, and then compare that forecast precipitation accumulation from the Baron weather model to see if the upcoming weather is of comparable scale to the event that caused the issue. Similarly, users could look at historical road condition data and compare it to the road conditions forecast.

The data can also be used for making the difficult call to cancel school. The forecast road weather lets officials look at problem areas 24 hours before the weather happens. The historical road weather helps school and transportation officials examine problem areas after the event and make contingency plans based on forecast and actual conditions.

Insurance claims process improved with use of historical data

Should a weather-related accident occur, viewing the historical conditions can be useful in supporting accurate claim validation for insurance and funding purposes. In addition, if an insurance claim needs to be made for damage to school property, school personnel can use the lightning, hail path, damaging wind path, or critical weather indicators to see precisely where and when the damage was likely to have occurred.

Similarly, if a claim is made against a school system due to a person falling on an icy sidewalk on school property, temperature from the Baron current conditions product and road condition data may be of assistance in verifying the claim.

Underneath the hood

public safety historical weather dataThe optional Baron Historical Weather Data addition to the standard Baron Threat Net subscription includes a wide variety of data products, including high-resolution radar, standard radar, infrared satellite, damaging wind, road conditions, and hail path, as well as 24-hour rainfall accumulation, current weather, and current threats.

Offering up to 8 years of data, users can select a specific product and review up to 72 hours of data at one time, or review a specific time for a specific date. Information is available for any given area in the U.S., and historical products can be layered, for example, hail swath and radar data. Packages are available in 7-day, 30-day, or 1-year increments.

Other available options for historical weather data are lacking

There are several ways school and campus safety officials can gain access to historical data, but many have disadvantages, including difficulty in collecting the data, inability to display the data, and the inability to point query a static image. Also, officials may not have the knowledge needed to use the data for making a meteorological analysis. In some cases, including road conditions, there is no available archived data source.

For instance, radar data may be obtained from the National Centers for Environmental Information (NCEI), but the process is not straightforward, making it time consuming. Users may have radar data, but lack the knowledge base to be able to interpret it. By contrast, with Baron Threat Net Historical Data, radar imagery can be displayed, with critical weather indicators overlaid, taking the guesswork out of the equation.

There is no straightforward path to obtaining historical weather conditions for specific school districts. The local office of the National Weather Service may be of some help but their sources are limited. By contrast, Baron historical data brings together many sources of weather and lightning data for post-event analysis and validation. Baron Threat Net is the only online tool in the public safety space with a collection of live observations, forecast tools, and historical data access.

Flooding in large swaths of the Midwest has already claimed the lives of at least three people and has caused $3 billion in damages.

A combination of melting snow and rainstorms led to breaches in levees along the Missouri River and other bodies of water.

According to FEMA flood map data, 40 million people in the continental U.S. are at risk for a 100-year flood event; that’s three times more than previously estimated. Additionally, the amount of property in harm’s way is twice the current estimate.

With communities underwater and many more at risk, officials are asking themselves how response plans can be improved.

...

https://www.onsolve.com/blog/breaches-in-the-midwest-taking-a-closer-look-at-flooding-management-and-response/

Page 1 of 2