Speaking of Security – The RSA Blog and Podcast

As an employee at some company somewhere, you are probably putting your organization at risk every day – and you don’t even know it. Do you re-use the same password to login to multiple accounts? Are you visiting social networking sites and planning your upcoming summer vacation while at work? Have you ever logged in to check your work email from unsecured wireless hotspots? These are just some of the activities employees around the world do every day that seem relatively harmless, but could be putting their company at risk.

Art Coviello at RSA often refers to the skills gap in the number of Cyber security professionals in his keynotes. A UK National Audit Office report out today quotes it could take “up to 20 years to address the skills gap.” The truth is the number of IT and cyber security professionals in the UK has not increased in line with the growth of the internet and the NAO warns that the UK faced a current and future cyber security skills gap, with “the current pipeline of graduates and practitioners” unable to meet demand.

The European Cybercrime Centre officially opened its doors this month based at the European Police Office in the Netherlands. According to a BBC report cybercrime in europe is estimated to cost €1.5 billion. The EC3′s focus is on illegal online activities carried out by organized crime groups — especially attacks targeting e-banking and other online financial activities, online child sexual exploitation and crimes that affect the critical infrastructure and information systems in the European Union.

Online banking losses have increased 28% year-on-year. UK Cards offered some explanation quoting the fact that phishing attacks had increased by 199% over the past 12 months. The only reason I can think of why phishing attacks continue to rise is because fraudsters are still catching victims. Phishing is still a viable form of credential harvesting providing a meaningful return on investment for fraudsters.

Evolution isn’t just about making things better but to adjust living creatures to their ever changing surroundings. Fraud in that sense is also adapting, but instead of searching for food like a giraffe, it adapts to obtaining as much money as possible. If money from one fraud chain depletes, it would adapt and create a different one.

The results are in for the first half of 2012, and once again, phishing attack numbers mark a notable increase on the global scale. Compared with H2 2011, end of June numbers show a 19% increase as phishers heavily target the UK, U.S. and Canada – and their associated brands – with the same old online [...]

Mobile apps, and the content they provide, are the reason smartphones and tablets are so popular; recent statistics show that mobile users around the globe download over 67 million app every day! Although these numbers are staggering, security-awareness did not follow, and it was a matter of time – and only logical for cybercriminals – before online threats, such as phishing and malware, became a reality on mobile devices.

In a recent SBIC report one of the recommendations for protecting against Advanced Threats was to ‘participate in information exchange’.  Defending against advanced threats will require new models for information sharing.  Historically organizations have been reluctant to share threat information but it is becoming increasingly vital that organizations share information and more importantly share it [...]

In his keynote at EMCworld 2012  in Las Vegas, Pat Gelsinger proposed a tongue-in-cheek equation for the “physics of information technology”.  He also used analogies drawn from the world of physics to talk about the transformations that are occurring in information technology — describing the transition from applications to data as a shift in the [...]

The Eternal Flame is something you’ll probably recognize as the ever burning fire in ancient Greece; but in fact it has deeper roots in the Middle East. The first records of such custom are, interestingly enough, set in ancient Iran and Israel. The security industry’s skies are now alight with Flame, the latest discovery in [...]