Mobile Security

Digital Universe CyberSecurity Student Defenders in Action

After writing my blog about Students – Be the Next Defenders of the Digital Universe I received several inquiries about what RSA’s Anti-fraud Command Center does and how Purdue University works with that team.  Since this week’s national cyber security awareness month theme is Building the Next Generation of Cyber Professionals  it is perfect timing…

Securing eCommerce Transactions without Losing Customers Part 4 – Mobile Strategy

Through this series we have looked at reducing fraud chargebacks via risk-based authentication for account holders, behavioral analytics and 3D Secure. In this final post we will look at mobile strategy. There is no shortage of statistics reflecting the tremendous growth in mobile commerce. In fact according to Criteo, 29% of US eCommerce transactions are…

2015 Year of Cybersecurity Consilience?

Art Coviello just sent out his annual end of year letter with the following 2015 predictions: 1.Nation-state cyber-attacks will continue to evolve and accelerate but damage will be increasingly borne by private sector 2. Privacy debate will mature 3. Retail is an ongoing target and Personal Health Information (PHI) is next 4. The Internet Identity…

Bugat Joins The Mobile Revolution: BitMo Hijacking SMS-Borne OTP’s #INTH3WILD

By Limor S. Kessem, Cybercrime and Online Fraud Communications Specialist, RSA RSA researchers analyzing Bugat Trojan attacks have recently learned that Bugat’s developers managed to develop and deploy mobile malware designed to hijack out-of-band authentication codes sent to bank customers via text messages. Bugat (aka: Cridex) was discovered and sampled in the wild as early…

Non-malware Penetration Techniques of an Advanced Attacker – Podcast #246

The level and sophistication of advanced threats is a constantly moving target pitting the advantages of smart and patient attackers against security teams that often times can’t possibly know what to look for when an attacker employs specialized techniques and tools designed to cloak their movements. What happens when an attacker doesn’t have to rely…

Disruptive technologies breaking down our doors in 2013

RSA recently launched its latest SBIC report titled ‘Information Security Shake-up – Disruptive Innovations to test Security’s Mettle in 2013’. It introduces some interesting food for thought on what organizations should have on their ‘to do ‘list for 2013. Four key innovations are highlighted which shouldn’t come as a big surprise to anyone, I think…

BYOD Checklist Part 2

Here’s the second installment for the BYOD checklist as promised : Ensure end-users are responsible for backing up personal data Clarify lines of responsibility for device maintenance, support and costs Require employees to remove apps at the request of the organization Establish that the company will disable a device’s access to the network if a…

Securing the Mobile Enterprise

We are seeing a fundamental shift in the way IT is consumed, and subsequently secured, and it’s mostly driven by mobile. The recent SBIC report, “Realizing the Mobile Enterprise: Balancing the Risks and Rewards of Consumer Devices,” highlights these shifts. “A huge benefit of mobile devices is the user interface…This is simply how people want…

Risk and Reward See-Saw for Mobile

At RSA Conference Europe recently, the latest report from the Security for Business Innovation Council was launched entitled ‘Realizing the Mobile Enterprise’. It is really about balancing the risk and rewards for mobile devices and incorporating them in the overall enterprise Security strategy. BYOD is not a new concept and most organizations today have some…

Mobile Risks and the Enterprise

I have worked on mobile security strategy for RSA for the last two years now, and during that tenure the market continues to evolve and move at a rapid pace, which no doubt is putting more stress and uncertainty into the minds of security professionals. But, just the other day I saw a graphic in…