Tuesday, March 28, 2017

MegaplanIT Supports PCI SSC North America Community Meeting with Platinum Sponsorship

I've worked with the group over at MegaplanIT for quite some time and have nothing but great things to say about them and their company. They're professionalism, technical ability and business acumen have always impressed me. Which is why when I heard they were sponsoring the PCI SSC North America Community as a Platinum sponsor I wanted to give them the recognition they deserve. Over the years MegaplanIT has grown to become a trusted partner in the security and compliance space and it's great seeing good people succeed. I would highly recommend reaching out to them for any PCI related services. Below is their new press release - Kudos, guys!




MegaplanIT Supports PCI SSC North America Community Meeting with Platinum Sponsorship

MegaplanIT, LLC, is the Platinum sponsor for the PCI SSC North America Community Meeting being held in Orlando, Florida, in September, 2017.

Scottsdale, Arizona – March 2017

MegaplanIT, LLC, a PCI QSC and premier provider of security and compliance solutions, has announced that it would be participating in the PCI SSC North America Community event this September, as a Platinum sponsor. The event, which takes place September 12-14, in Orlando Florida, is a principal conference bringing together stakeholders from the payment card industry to participate in discussions on the latest standards, technologies, and strategic initiatives shared by the PCI Council.

“We are excited for the opportunity to partner with the PCI Council as a Platinum sponsor in this year’s PCI SSC North America Community Meeting.  By sponsoring the event, we hope to display MegaplanIT’s continued commitment to, and appreciation of, the PCI Council’s hard work and guidance”, says Managing Partner of MegaplanIT, Michael Vitolo. He goes on to share, “with this support of the Council, we’re continually looking to develop strong relationships and work with other organizations to become a trusted partner within the payment card industry, while offering the best services available to our customers.”

By promoting the Platinum sponsorship, MegaplanIT believes that showcasing their brand during this PCI community event demonstrates their level of commitment and dedication to their clients in need of PCI and security related services. 

For further details please contact:

Jerry Abowd
Principal Account Manager
MegaPlanIT, LLC
800-891-1634 ext 105

Thursday, March 23, 2017

10 Must Read Infosec Books

I was recently asked to participate in selecting one information security book to add to a round-up of recommended reading for infosec pros. The round-up includes ten selections from different people and was published by Tripwire here.

There are many great books out there I wanted to recommended, but since I only had one spot on the list I wanted to make it count. My selection, even though it's an older book, was: Extrusion Detection: Security Monitoring for Internal Intrusions by Richard Bejtlich.

The technology in this book might have changed, but the concepts are still the same. In order to defend the confidential data within your network, there needs to be proper extrusion detection in place to detect intruders who have comprised your internal systems and are attempting to siphon sensitive data our of your network. There's been a huge emphasis on preventing threats in the past but we have to gain a mindset on expecting that we're already breached and how to deal with it. This book gives you some serious food for thought on how it can be applied and was eye-opening for me when I read it almost a decade ago.

Tuesday, February 21, 2017

New York State’s New Cybersecurity Regulation and What it Means to you

New York is launching a new regulation in cybersecurity which will come into effect March 1. This new regulation will target banking and insurance sectors with the aim of better protecting institutions and consumers against the bad actors that target these firms.
This new cyber security regulation, believed to be the first of its kind adopted by a U.S. state, highlights need as well as the inability to quall the attack on businesses and government agencies regardless of the countless monies invested in information security being thrown at the bad guys.
Take a look at the rest of the article here to determine what this means for youi http://www.ccsinet.com/ny-states-cybersecurity-regulation/

Friday, February 10, 2017

Establishing a Data Protection Committee for the Boardroom

Within other countries, especially Europe, there’s requirement to have data protection committees to enforce the privacy and protection of a countries or organizations data. Within America we don’t have those particular laws enforced here, but it’s something we should still strive towards even if it’s not mandated by government….yet. By establishing a committee regarding data protection within an organization there needs to be upper management approval, understanding of risk and law and the proper tools to complete the job. With this in mind the two largest concerns to data itself is security and privacy. These two topics overlap in certain areas, but can each standalone individually. When building a committee to protect these two aspects of data we’ll need to understand what the role of the committee is and how it will function going forward.


By far the most important part of the committee is the membership of who’s been asked to attend. There needs to be chairs, preferably co-chairs, that have been either voted on or assigned to the committee by upper management or leadership. The committee itself should include all walks of life when it comes to its members and not only include those in the security field. By only including members within security you miss out on valuable insight from other areas of the business. 

Membership should include representation from legal, compliance, particular business units, M&A teams, security & privacy, operations, etc. The membership can grow, but it should be kept to individuals who have the authority and acumen to make decisions regarding the topics at hand. They don’t always have to be experts on data security, but should bring knowledge of their business unit or field and how it relates to the protection of the organizations data. These members should be a cross-functional group of individuals working together with potentially a few advisors to help guide the conversation. This group should be in attendance for the majority of the committee meetings and not continually sending someone in their place. If this happens the meeting will be derailed and won’t bring about change. The tone of the committee should be one of top down management that’s making strategic decisions about data security and should be less operational in nature.

The need for this committee should be one that stimulates conversation with each business group, while guiding, proposing and advising the company on how to handle data protection as an organization. They’ll have to have an understanding of the current threat landscape and where the company is with protecting their data and privacy. By understanding this they’ll also have to understand where the gaps lie within their strategic vision. Once this occurs they can start putting plans in motion for standards and deliverables for subsequent meetings. By creating a vision of the future and reacting towards gaps that are in the company currently the data protection committee can start making real progress within the organization.

With this progress, there will also need to be resources, budget and metrics. Proposing a plan of the future might require budget, but many times there are things that can be done without even spending a dime. Creating an agenda for each meeting with the appropriate deliverables to be accomplished is a helpful way to determine the progress of the committee. By brining metrics of these deliverables and holding those accountable to the data protection tasks will help involvement and participation. Long story short, this data protection committee needs to be made up people throughout the business that are looking to the future to protect the security and privacy of the data your organization holds. By using this committee to shine a light to your data protection efforts it can improve the safety of your data going forward.

The Difference Between Sandboxes and Containers

Isolating malware before it spreads and infects your endpoints is important. In doing so multiple technologies have come out with ways to defend against the threat of malware by isolating and detonating malware before it's able to exploit your systems. In this article, I speak about the differences between sandboxes and containers and recommendations on when they should be used.

It's really up to your architecture as to what makes the most sense for your environment, but understand the difference between containers and sandboxes will definitely give you a good starting point.

You can read my opinion on the matter here: http://searchsecurity.techtarget.com/answer/Whats-the-difference-between-software-containers-and-sandboxing

Tuesday, January 31, 2017

Cloud Adoption is Driving Security Innovation

Cloud adoption is bringing about a revolution in security innovation. Only a few short years ago security professionals were terrified to even utter the word “cloud”, but today as organizations see the benefit of moving towards the cloud it’s adoption has forced innovations that weren’t around just a few short years ago. If the cloud was to ever be taken seriously cloud service providers knew security had to be wrapped in from the start. By taking this approach leading cloud providers have driven security into their infrastructure and have arguably created environments that are not only as secure as where a business’s data was previously, but potentially even better. In many cases it’s up to the organization to create and manage the configuration in a secure manner. With this being said, CSP’s and security vendors have taken advantage of security in the cloud and are pushing it to their advantage and securing their clients in the meantime.

Cloud Service Providers Benefit from Security
It’s not a secret that AWS and Azure have been making giant strides in security. This has been done by either partnering with third party vendors to integrate their solution into their infrastructure, or with home grown features allowing clients the ability to have the needed architecture to implement a secure network. The security risks of the cloud were made known right away and without the CSP’s foreseeing this blocker as early as they did the cloud adoption wouldn’t be as prevalent as it is today. Not only did they secure their infrastructure to a point where it would pass regulatory audits, but added additional features within their cloud ecosystem that allowed security to come to the masses (E.G Logging, WAF, firewalls, security assessments, etc) that are built into their offerings. In the past other companies might have shied away from these options with on premise equipment, but having these services available has helped spread the awareness and implementation of security to the masses. The major CSP’s have to be given credit on the way they’ve banked on security and turned their offerings not only more secure, but more successful.

Security Vendors Adoption and SecSaas
With the cloud providers shoring up their infrastructure it was only a matter of time before the security vendors started to dabble in the cloud. Today there numerous cloud options available to security your enterprise and the security industry has made a large push to make sure that they’re products are all functional in a cloud based architecture. The security industry has been given a green light to proceed developing their products to be cloud friendly. If they didn’t they’d be left behind by competitors that are taking advantage of all the benefits the cloud has to offer. Just like the CSP’s pushed security into their offering early on, the security vendors are now pushing cloud into theirs.
Security vendors are using the cloud now to produce innovate products that are changing the way businesses work. The flexibility of the cloud and the capability to communicate remotely is allowing vendors to perform additional analysis, monitor more efficiently and remove management systems that once lived on premise at a client’s site. This is also allowing protection of endpoints to be up consistently up to date no matter where that endpoint happens to be. These vendors are also able to setup SOC like monitoring since all data lives on their site and assist the clients with 24x7 monitoring. No longer does an endpoint leaving the boundaries of your enterprise also leave security behind with it. These vendors are able to have their hybrid solutions produce the same level of security and monitoring without being tied to a geographic location.

Also, this has produced a huge increase in SecSaaS or security as a service. These services allow customers to have the flexibility of security services in the cloud and outsource the infrastructure to a third party. This industry has been growing and will continue to be a large part of the security in the cloud. A few examples of these services would be: MFA, IdP, SIEM, spam/phishing, DLP, MDM and the list goes on. These providers are taking particular security services that would normally be done on premise and outsourcing them to the cloud. The innovation here allows quick turn around on implementation, mergers and acquisitions to be unified, adoption of technology that might not have the in-house resources to manage, etc.

Many security companies today will start in the cloud and by having the ability to launch something in startup mode allows for innovators to test their ideas without having to be strapped for capital. This allows the burden of finances to be lifted and for new technology to be developed without the fear of financial loss. The cloud is enabling new ideas that are able to be tested quickly and efficiently and with that the industry will continue to grow and ideas that might have been stifled in the past will flourish and have the ability to be used by the masses.


Monday, January 30, 2017

Reviewing the Stampado Ransomware Variant

It seems like every day there's a new variant of ransomware popping up in the wild. Attackers are constantly tweaking code and making feature enhancements to their product to keep one step ahead of defenders. In this article, we discuss the Stampado variant, how it worms its way through your netowrk and why it became so popular.

http://searchsecurity.techtarget.com/answer/How-does-Stampado-ransomware-spread-to-external-drives