Symantec has announced that it has signed definitive agreements to buy both PGP Corp (approx $300m) and GuardianEdge Technologies (approx $70m). Subject to all the necessaries, of course, but expected to complete sometime in Q3 this year. These two acquisitions will ensure that we automatically think ‘crypto’ and not just ‘anti-malware’ when we think Symantec.
Given the ever-increasing security threat and the ever-growing awareness of that threat, under-pinned by spiralling legal compliance requirements – seems like a good idea to me. Remember that, effectively, under data protection laws, lost encrypted data is not considered lost.
What I really like about these acquisitions is that they go well beyond PC full-disk encryption alone. With PGP and GuardianEdge, Symantec gets a geographically-dispersed install base, a leading standards-based key management platform, a PKI SaaS offering, a strong government presence, and encryption coverage from mobile devices to mainframes. Yesterday, Symantec was lagging in encryption and key management and today, with PGP and GuardianEdge, it is now able to provide leading solutions worldwide.
Jon Oltsik, Principal Analyst at Enterprise Strategy Group
ENISA, the European Network and Information Security Agency, has produced a report that describes the five areas of security where the EU should concentrate its future research. The five research areas identified are:
- cloud computing
- real-time detection and diagnosis systems
- future wireless networks
- sensor networks
- supply chain integrity
This report gives the first direction of what the future IT security research priorities should be for the EU in our opinion.
Dr Udo Helmbrecht, Executive Director of ENISA
Possibly the worst fear involved in a computer crash (or theft) is not that you can’t access your data, but that you may never access it again. For businesses, it is their livelihood (contacts, sales, accounts all gone); for home users it could be their life (photos, memories, emails, music all gone). Large companies are alright – they have IT departments whose function is to make sure this never happens. But many small companies and the majority of home users simply don’t have adequate data back-up to ensure that this fear will never be realised. The reason is basically two-fold: cost and complexity.
Now Mozy, part of the EMC Corporation, has brought its low-cost online backup for SMBs and users to the UK and Ireland. I forgot to add ‘secure’: the system uses either AES or Blowfish encryption plus 128-bit SSL to move data from your computer to one of its data centres for safe storage (incidentally, a European data centre to ensure that business users stay within European Data Protection laws).
The cost, according to Mozy’s announcement, starts at £4.99 per month, per computer. But unless my arithmetic is crocked (not unknown, I’m afraid), this is wrong: it could be seen as £5.49 per month. This nit-picking is because if you look closely, home computer users can trial the system free for up to 2 GB of storage. Otherwise the cost is £3.99 + 50p for each GB. So, if you need less that 2 GB back-up, then it costs nothing: you need only pay if you need more, which will then start at £3.99 + at least £1.50.
The reason for this little dissection is not to say, Oh look, Mozy got it wrong, but to highlight an incredible offer: home computer users can get 2 GB of free data backup from Mozy. There are other services that give you similar on-line free storage: Dropbox or Google Docs, for example. But Mozy’s free 2 GB comes complete with the Mozy software to automate the process.
So for SMBs who don’t already have adequate backup facilities I would say you can afford to look at Mozy. For home computer users I would say you cannot afford not to look at Mozy’s free 2 GB storage offer.
PricewaterhouseCoopers LLP has today released the 2010 Information Security Breaches Survey (ISBS) commissioned by Infosecurity Europe. It will come as no surprise that everything is up: breaches, cost of breaches, security budgets, understanding of risk and so on.
Almost half the organisations we polled told us they had increased their expenditure on information security in the last year and roughly the same number said they expected to spend more on it next year. At the same time most organisations (82% of large ones and 75% of smaller ones) assess information security risks now, compared to just 48% who did so in 2008. So organisations are getting better at understanding security risks in a changing business environment where a large majority of them are relying increasingly on external services hosted over the internet.
However, this focus is not translating into fewer breaches of security; in fact the number has risen to well over double what it was two years ago and has reached record levels for all sizes of organisation. All types of breach were on the increase and a conservative estimate is that the total cost of breaches to UK business in billions of pounds is now well into double figures.
Chris Potter, partner, OneSecurity, PricewaterhouseCoopers LLP
Part of the solution to ensure better security is encrypting data and we see that there has [sic] been huge improvements in this area with regard to laptops, USB sticks and other removable media. But educating people is just as important and more companies than ever before now have a security policy, although only 19% of respondents from large organisations believed their policy is very well understood by staff. The root cause of this is that investment in security awareness training, while on the increase, is still often inadequate.
Andrew Beard, director, OneSecurity, PricewaterhouseCoopers LLP
While not denying any of this, it seems to me that there is one simple statement that is being ignored: “We are spending more while losing more because the criminals’ ability to attack is increasing faster than our ability to defend.” Simple as that.
I am not a lawyer. Not a UK lawyer, and a million miles from understanding American law. Be that as it may, my understanding was that a ‘subpoena’ was a legal writ issued to compel (not ask or request, but to demand) compliance with the delivery of documents or attendance of witnesses.
It appears that the Senate Committee on Homeland Security and Governmental Affairs (one part of American government) issued subpoenas against the Departments of Defense and Justice (other parts of the American government) for information relating to the Fort Hood terrorist incident of November 5, 2009.
And was, in effect, ignored. The Committee commented
DOD and DOJ have produced a limited set of documents in response to the subpoenas, which we appreciate. However, they still refuse to provide access to their agents who reportedly reviewed Major Hasan’s communications with radical extremist cleric Anwar al-Awlaki and to transcripts of prosecution interviews with Hasan’s associates and superiors, which DOD already provided to its internal review.
DOD and DOJ’s failure to comply with the subpoenas is an affront to Congress’s Constitutional obligation to conduct independent oversight of the Executive Branch, a right all the more critical in order to ensure that our government operates effectively to counter the threat of terrorism.
There are three issues here. The first concerns the Committee’s own investigation; and I cannot comment on that.
The second is that if a Senate Committee cannot get the information it is legally entitled to and legally demands, what hope is there that government will ever be open with the people?
And the third is this. Both the US and UK governments tell us lies. We know this. If they continue to release limited, grudging, and often contradictory information about the ‘terrorist threat’, then we may begin to believe it is not as serious as they tell us.
Arbor Networks has released a virtualized version of its appliance-based enterprise network security and monitoring product running on VMware’s ESX and ESXi hypervisors.
Designed for cloud hosting companies, Peakflow X provides the network visibility that is needed to monitor external security threats, internal network usage, and more than 100 bandwidth-sapping applications that can jeopardize network performance. It leverages IP flow technology in existing network devices. It analyzes flow statistics to define normal network behavior. Then, in real-time, its embedded Network Behavioral Analysis (NBA) technology identifies abnormal activity that can indicate a developing security attack before its signature is created. Since Peakflow X detects network anomalies and threats using NBA technology, it is complementary to signature-based security products such as IDS/IPS, anti-virus and firewalls.
Peakflow X Virtual helps providers meet their customers’ needs by providing the visibility and control over their infrastructure that they require as part of a complete managed security services offering. These new services can be delivered with the cost saving benefits of virtualization, resulting from reductions in rack space, power consumption and easier service deployment and maintenance. We are very excited about this release and think hosting and network service providers will be too.
Rob Malan, Arbor Networks co-founder and chief technology officer
Unsurprisingly, the USA is the world’s worst offender for relaying spam (13.1%). Surprisingly, bad boy China is now good boy China, having dropped out of the top ten (1.9%). (I find this a little worrying since our esteemed leaders, the Entertainment Industry, will look to China as the model for how to clean up the internet.)
The United Kingdom (3.1%) occupies its historical position trying to separate France (3.0%) and Germany (3.2%) from either fighting each other or sleeping together. Like the old-fashioned Victorian prude, we don’t like either; but if spam sold testosterone rather than Viagra they’d probably go back to fighting.
The bit that continually surprises me is how high the USA always rates in these studies. As Graham Cluley comments, “virtually all spam comes from malware infected computers (called bots, or zombies) that are controlled by ‘botherder’ cybercriminals.” If this is so, then the only conclusion I can draw is that the most technologically advanced country in the world is home to a vast population of technologically illiterate users. And that doesn’t quite ring true to me.
Computer users can unwittingly allow their PCs to become part of a botnet in a number of ways, including clicking on malicious links that are frequently contained within the spam messages that the botnets are used to distribute. The only way for users and administrators to reduce the risk of being compromised is to run anti-spam and anti-malware protection and ensure all software and hardware is up to date with security patches.
That will, of course, help; but it is not the solution. Neither of those will protect against zero-day threats; and zero-day threats appear to be more common than we are led to believe. The only real solution is not to get infected in the first case. And that won’t happen either. But Cluley does make an interesting point: spam is like the gutter press: it only exists because there is a market for it.
Furthermore, we all shouldn’t forget that if no-one bought products sold via spam there would be a lot less incentive to send junk email. Computer users should not just protect their computers from threats like malware and spam, they should also pledge to never ever buy anything advertised via spam.