In December 2013, Target, a large US retailer, was the victim of a severe data breach that left more than 110 million consumer credit card and personal data records exposed to hackers. The cost of the data breach is estimated to be over £150 million, with US financial organisations having to replace 21 million customer credit cards. This is one of the largest data breaches ever seen in the retail sector, but what is most concerning is that the breach could have easily been prevented had the retailer adhered to common security practices of network segmentation.
The massive data breach at Target last month may have resulted partly from the retailer’s failure to properly segregate systems handling sensitive payment card data from the rest of its network.
The only really sophisticated component of the attack appears to have been the malware used to intercept and steal payment card data from Target’s POS systems. But the attackers would have been unable to install the malware if Target had employed proper network segmentation practices in the first place, Brazil said.
“You saw IT spending dip during the recession years, but you did not see security dip,” crackles the voice of Jody Brazil, CTO and Founder of FireMon from the boardroom phone. “it’s because security is seen as a must-have, and whilst IT is of course one too, it’s one that measured by ROI whilst security is measured more by ‘How scared are you?’”
Analysts and some security firms talked about the end of the perimeter, coining the abstruse term “deperimeterization.” Instead of going away, however, an organization’s security perimeter has simply become more distributed, says Jody Brazil, president and chief technology officer of FireMon, a configuration and policy management firm.
So how do private enterprises follow the government’s lead to implement this sort of continuous security monitoring? While decision makers could opt to purchase any number of commercial monitoring products from vendors like Symantec Corp., Tenable, TripWire Inc., FireMon Inc. among many others, chances are most enterprise networks have some version of the necessary tools in place to get started. However, before tools are discussed, let’s take a look at an important piece of the CSM planning process: device classification.
Business Computing World
Theorising what the most important IT security issues to address may be at any given time is always a highly subjective issue, particularly in this world of advocates, specialists and vendors fixated on their own particular piece of the puzzle.
However, inherent bias aside, based on the very nature of layered security and attack escalation there’s no question that network security sits at the very heart of it all. While a huge number of threats filter in through Port 80 and other avenues, if network security is properly aligned and continuously adjusted a lot of problems can be mitigated even if not altogether avoided.
A lawsuit accusing Facebook of mining private messages for information it can pass on to advertisers stands as a reminder to businesses that privacy is a relative word on a social network, experts say.
NetFlow analytic data is particularly great at detecting anomalous “hot-spots” of activity that could indicate existing issues or an active breach, says Jody Brazil, president and CTO of FireMon. “For example, NetFlow data can be leveraged to isolate compromised hosts by identifying those communicating with botnet command and control machines, or to highlight those hosts utilizing unusual ports,” Brazil says.
Improving criminal sophistication is another recurring theme. Matt Hines, product manager at FireMon, points to the continuing evolution of botnets as an example.
Theorising what the most important IT security issues to address may be at any given time is always a highly subjective issue, particularly in this world of advocates, specialists and vendors fixated on their own particular pieces of the puzzle… As such, here’s a rundown of the most pressing network security issues that remain heavily in play looking ahead into 2014, and for that matter, nearly all year round. Regardless of whatever area of security you’re focused on or the specific types of threats you seek to limit, if these specific areas are addressed more effectively, there’s much to gain and a lot less to lose.
January ushers in a new year, but the cybersecurity threats that come with it will for the most part look an awful lot like the ones agency IT managers already know. They will continue to morph, evolve and multiply to keep admins on their toes.
I recently conducted a cursory audit of our firewall rules using a tool called FireMon, uncovering several that aren’t utilized. I’m all for security and even more, redundant, security, but security measures that serve no real purpose don’t help.
Bernard Zelmans, general manager of EMEA at FireMon, said: “There have been few subjects that have stirred more controversy in information security than PCI DSS. Some say it has done more to raise the level of security preparedness of millions of merchants than anything before, whereas others claim it is responsible for dumbing-down security to a checkbox standard.”
IT Security Guru
Bernard Zelmans, general manager EMEA at FireMon, welcomed the changes as a move from a security check box posture to a more holistic risk management approach. “This will hopefully entail a more security centric approach to PCI compliance rather than the least common denominator approach of earlier versions of PCI,” he said.
Government Security News has announced its 2013 Homeland Security Awards finalists, and in some cases preemptive winners, in three different broad awards categories: Vendors of IT security products and solutions; Vendors of physical security products and solutions; and noteworthy achievements of federal, state, county and municipal government agencies.
FireMon a finalist for Best Continuous Monitoring Solution.
With the ever increasing threat of cybercrime knocking on one’s door, many large organisations are reliant on IT security teams to protect their vast network from attack. As many Chief Information Security Officers (CISOs) will attest, the larger the network, the more complicated the job. According to Gartner more than 95 per cent of firewall breaches will be caused by firewall misconfiguration, not firewall flaws.
As IT organizations seek to make better risk-based decisions about security practices, perhaps the number one component for success is the IT risk assessment. However, even when organizations actually conduct a risk assessment, they frequently fall prey to mistakes that can greatly devalue the exercise. Here are some of the most common blunders to avoid.
Vivemos na era da violação dos dados. Todos os dias há uma nova história sobre a invasão de uma rede, que termina no roubo de informação confidencial ou sensível. Números de cartões de crédito, dados pessoais, enfim, há uma miríade de informações que podem ser extraídas de forma criminosa de algum site ou serviço online. E tanto a indústria quanto a sociedade em geral não deixam de buscar uma saída para esse problema, que pode causar prejuízos na casa dos milhões. Estima-se que, no Brasil, este número ultrapasse os R$ 20 bilhões anuais.
Computer Business Review
FireMon’s CTO and founder, Jody Brazil, talks to CBR about where the blame lies with security breaches.
FireMon’s CTO and founder, Jody Brazil, debunks common myths about the data breaches that plague both the private and public sectors.
VitAL Security Magazine
To help you decipher fact from fiction, Jody Brazil, President and CTO of FireMon, reveals the biggest myths that exist about data breaches, and explains how and why they occur…
Global Security Mag
FireMon était présent pour la première fois aux Assises de la Sécurité, afin de mieux se faire connaitre sur le marché français. Cet éditeur américain s’est installé en France, il y a moins d’un an afin de proposer ces solutions de management des firewalls. A l’occasion de sa participation FireMon présentait la version 7 de son produit. Pour Philippe Lerer, Regional Sales Manager, FireMon, les entreprises doivent déployer un outil de gestion pro-active des firewalls.
According to Ruby Khaira of FireMon, “The real issue, as I see it, is being able to find enough computer experts to build an effective force, with a distinct shortage of security personnel within the private sector, this could be a very real problem. The MoD therefore will likely need to have a robust training plan in place to train those they hire for the cyber defence force, and will then need to offer a good enough package to keep those security professionals from moving to the private sector.”
Experts praise Pentagon’s march to security standards
Consolidation of the Defense Department’s 15,000 networks expected to cut costs, as well as improve security against Edward Snowden-like leaks.
The Pentagon’s decision to move its thousands of networks under a single security architecture is the right strategy to bolster defenses against hackers and malicious insiders, experts say.
SC Magazine UK
As the Bring Your Own Device trend continues to grow we are seeing that many people using their smartphones at work are blurring the lines between professional and personal use, which is creating an ‘always-on’ trend. This change in culture means that now more than ever people find themselves logging on and checking emails and working from home, or even abroad.
Added layers of complexity create even more interdependencies and need for systematic change management approach.
Private sector IT security pros weigh in on the evolution of the chief security officer role.
IT administrators may be the first line of defence against hackers eager to tap into companies’ networks. But even they may have some inaccurate beliefs about how hackers operate – and those can have frightening consequences for their businesses’ data.
The Data Chain
We live in the age of the data breach. It seems that every day we hear about yet another breach of a computer network resulting in the theft of confidential or sensitive information.
Computer Business Review
Ruby Khaira, regional manager for UK, Northern Europe and India at FireMon said: “Today’s security landscape is fast changing and organisations are failing to address the challenges that are being posed by sophisticated criminal enterprises.”
For a long time the lament about HIPAA was that it was a dog with no bite. Well, the reality of HIPAA fines are changing that perception rather quickly.
ITProPortal probed Matt Hines, Product Manager at Security Management company FireMon, about the very real security threats induced by the skills shortage and what can be done to mitigate it before it is too late.
SC Magazine UK
“The skills shortage is the same issue for everyone and with all budgets, as everyone has got the same problem with too much work and too few people. If you automate your employees you can move forward.”
In March 2013 the US Senate Select Committee on Intelligence named cyber risk as its top global threat. The committee said that the global system was dealing with uncertainty and doubt in the face of new and unpredictable cyber threats.
Bank Info Security
“Ninety-five percent of firewall breaches are caused by misconfigurations, not because of problems with the firewalls themselves,” Skurla says. “They’re a very proven technology … frequently not managed as well as they need to be because of the tremendous volume of activity going on around them.”
“This is not just ignorance or poor management” Brazil said. “Systems administrators are given the keys to the kingdom and entrusted not to do harm with it.”
Agencies can achieve a much bigger bang for their precious bucks by investing in better management of existing security assets.
We are nearly three months into sequestration, and the world – or even the U.S. government – has not ground to a screeching halt.
SC Magazine UK
With the ever increasing threat of cyber crime knocking on one’s door, many large organizations are reliant on IT security teams to protect their vast network from attack… But what happens when a breach has occurred? Can an individual be held accountable, or is it fair to put the responsibility entirely on your security team?
Wall Street Journal
FireMon, the leading provider of security management and risk analysis solutions, today announced that it has been named to Homeland Security Today’s Rising 10 of 2013. Recognizing the “Innovators and Game Changers” who serve the federal sector, FireMon was selected to represent the “Continuous Monitoring” category based on the company’s industry-first capabilities in continuous assessment of security infrastructure policy and risk posture.
“We do not see any immediate impact” on cybersecurity, said Jody Brazil, president and CTO of FireMon, an enterprise security management company. “In [the Defense Department] we see no impact whatsoever; cybersecurity is still a priority. In the other agencies it is less certain.”
“For an outside attacker gaining access to protected resources, ultimately the board room is going to be held accountable,” Brazil said. “They will want to push responsibility down through [their] organizations to the people requesting change [to technologies or systems]. That person should be held accountable and responsible for the security failures of those systems in the same way that they would be held responsible for the financial failure of a project.”
“In the physical sphere the U.S. is proud to have the best trained and best equipped fighting force in the world,” Brazil said. “This must be our mission in the cyber sphere as well and backed with real resources immune to budget battles. Technology can be used to better optimize the process and procedure of an active cyber defense, and can focus resources to ensure the most effective use of that budget. But in the end, technology can assist in analysis, but can never replace trained analysts.
“If the firewall is doing its job and dropping traffic, and you trust the technology that you have purchased, why are we focusing all of our attention on the traffic that is being dropped and not on the traffic that is getting through?” Brazil says.
Jody thinks that there are some common myths around firewall management that need to be debunked. In fact, look for more on that from FireMon soon. But among these Jody says FireMon’s own research shows that most attacks are not due to inadequate firewalls or the technology being obsolete. Most of the time it is due to misconfigurations that lead to successful breaches.
Product name: Security Manager Version 7.0 Key features: Enables security and operations teams to more effectively identify, understand and manage changes in security posture – in real-time. New capabilities include Continuous Assessment, Best Practice Modeling and Business Process Standardization. It is the first security and policy management platform to support the OMG’s BPMN 2.0 standard. More info.
IT Security Pro
FireMon has taken the wraps off v7.0 of its Security Manager software, which is billed as allowing companies to improve their ability to identify, understand and manage changes in the security defenses.
With this in mind, ITSP caught up with Tim Woods, FireMon’s customer technical services VP, for a rundown on the current state of play on security management.
The multiplication of internal firewalls to comply with regulations like PCI and minimize risk to critical databases and applications has created a rats nest of firewall configuration issues.
Many organizations now recognize this regulatory compliance conundrum and are responding with their pocketbooks. New enterprise investment in cybersecurity is now driving innovation in required areas like Advanced Malware Detection/Prevention (AMD/P, Damballa, FireEye, Sourcefire, and Trend Micro), big data security analytics (IBM, LogRhythm, PacketLoop, RSA Security, Solera Networks), and continuous monitoring (FireMon, Red Seal, Symantec).
Help Net Security
FireMon announced new capabilities in Security Manager 7.0 that improve organizational ability to identify, understand and manage changes in security posture – in real-time.
New features in the latest version are designed to help organizations quickly and efficiently manage changes, assess configurations and measure associated risks in real-time.
SC Magazine UK
Jody Brazil, president and CTO at FireMon, says: “We sweat bullets day in, day out to make sure our software is easy to use.”
Jody Brazil, president and CTO of network-device management firm FireMon, for example, likes to tell the story of one customer, a hosting provider, whose firewalls would seize up every week or so. The problem: Too many unnecessary and conflicting rules in their policies.
Bernard Zelmans, General Manager EMEA at IT security management product firm FireMon said: “Any initiative that helps encourage business executives to take proactive measures to identify what assets are at risk on their network versus reacting and patching after a breach has occurred can only be a good thing.
F. Ward Holloway, Vice President of Business Development at FireMon, says he will be supportive of Obama’s order if it amounts to a “concrete action plan to help reduce and eliminate breach events” that are occurring daily and receiving more public attention. “Specifically, there needs to be a commitment to moving to a proactive versus reactive network security posture,” says Holloway. “The technology already exists to do this.”
A remediation plan would be a good step forward to Richard Towle, head of federal markets at FireMon. “If not for a troubling history preceding this incident, this report could be seen as an opportunity to improve,” Towle says. “If classified information was truly not compromised, the organization could use what was taken to inform themselves about risks in the “reach-ability” of critical assets and associated access vulnerabilities.”
IT Security Teams Should Focus on Security Resolutions Rather Than Security Predictions
The well-established and saturated firewall market has been a channel mainstay that has enabled partners to create entire practices and build out service revenues for decades.
But a lesser known derivative springing from the firewall market is the growing niche of firewall management. And while it remains relatively small and specialized, increasing network complexity coupled with a more sophisticated spate of threats, promise to give the market a swift upward boost.
Key Features: Access Path Analysis allows Security Manager customers to proactively predict and forensically record network packet flow and obtain detailed path analysis for more effective risk analysis and better informed remediation activities. FireMon Insight combines a Web-based Dashboard with a new FireMon Query Language to enable an ability to visualize the current state of network and security configuration.
Kansas City Business Journal
Belated, but widespread, adoption of cyber security software will help FireMon LLC more than double its revenue to about $20 million this year.
Access Path Analysis complements FireMon’s Risk Analyzer, which sniffs out potential risks in an organization’s network. Access Path enhances risk management by tracing the potential traffic routes, identifying the weakest links and providing guidance for redirecting to more secure avenues.
Putting sophisticated hackers aside, having systems on your network vulnerable to aged and well-worn exploits also makes your organization a target to the much larger population of opportunistic attackers, as well,” said Matt Dean, the chief operating officer at the security firm FireMon. “Many of the attacks we see are more about (attackers) finding things that can be exploited, and that they know how to exploit than they are about targeting a specific company,” he said.
Firemon etwa bietet mit dem Security Manager 6.0 Risikoanalyse und -bewertung, Konfigurationsmanagement sowie Durchsetzung und Auditing von Netzwerkgeräten wie Firewalls, Routern, Switches und Loadbalancers. Das Tool nutzt verteilte Datenkollektoren und soll in Echtzeit die Auswirkung von Veränderungen beispielsweise an Policies identifizieren, einzuschätzen und korrigieren.
“The biggest challenge in network security today is matching the pace at which new threats are launched, morphed, and adapted. Existing network security controls are often an ineffective countermeasure, largely because manual configuration is time-consuming, and the management information necessary to correctly react is locked in disconnected systems,” said Jody Brazil, president and CTO of FireMon. “While SDN presents a great opportunity for rethinking connectivity it is also an opportunity to
Companies need visibility in two ways: They need to know what devices employees have and how those devices affect their risk, says Matt Dean, chief operating officer at FireMon, a security management software company. “You want to manage and control the risk that you’re exposed to, so if a mobile device shows up on your wireless network, you understand what risk it poses to your network,” he says.
Threats are increasing and becoming more targeted and aggressive, says Matt Dean, COO of security vendor FireMon. “Certainly part of that response for most organizations are the people who prepare for, detect, and respond to threat activity,” he says. “Skills in network risk assessment, application security, and forensic analysis continue to be in very high demand. As organizations shift from a reactive mode to a proactive security stance, skills in assessing network posture and application v
FireMon’s Bernard Zelmans says MSSPs can build trust by being transparent about their work
FireMon’s tools are designed to help you more effectively manage network security gear by giving you visibility into what the tools are doing/how they are configured and how they interact with other systems in the security ecosystem.
Matt Dean, chief operations officer for FireMon, agreed, saying that he often sees corporations make security compromises in Internet-enabled business applications. ‘They are constantly balancing security with usability, the ability to access this data when and where people need to,’ Dean said.
Azlan, the enterprise networking business unit of Computer 2000, has added FireMon’s range of network security solutions to UK VARs. FireMon’s solutions enable enterprise and public sector customers to assess vulnerabilities and to defend networks from external threats.
The value-added resellers and managed services providers in the UK will be offered the company’s analysis and policy and configuration management solutions, as it says.
The agreement with Azlan is the US firm’s first UK distribution deal. Mark Corrigan, head of enterprise and Access Networking at Azlan says the new signing complements its existing vendor relationships “very well indeed”. He says: “For our customers addressing the enterprise and public sector markets, security and policy management is a growing opportunity.
US-based firewall management vendor FireMon has appointed its first UK distributor eight months after touching down on this side of the Atlantic.
FireMon has granted Azlan access to its full range of network security solutions, including its recently launched FireMon Security Manager 6.0.
Well-entrenched and decades old, the traditional firewall market is undergoing dynamic changes driven by demand for mobility, virtualization and cloud. Users need next-generation firewalls to handle these complexities, but they are resistant to change. Channel partners will find great sales opportunities if they can help their customers understand the need for next-gen appliances.
IT Security Pro
The Olympics may be allowing a large number of people to work from home over the weeks of the Games, but Juan Lyall, EMEA channel manager with FireMon, says that it also creates a number of challenges for the IT security staff in their organisation, who may be inadvertently opening the corporate computer platform to an attack.
Bernard Zelmans, General Manager EMEA for FireMon, has some cautionary words of warning about what to look out for if you are going to allow your staff to work from home during the Olympics.
Remote working during the Olympics raises a number of serious access management challenges, according to security management provider FireMon’s general manager EMEA, Bernard Zelmans.
Two new products that were demonstrated at the Black Hat 2012 security conference use different techniques to try to prevent cyber-attackers from penetrating enterprise networks.
SC Magazine UK
No business should be under-prepared for the effect of the Olympics, but the issue could be the delivery of applications and services to remote workers.
Firewalls are a mature technology and yet their administration has evolved very little in two decades… …poor firewall management defeats the purpose of change by ineffectively controlling access and limiting visibility; poor management also increases the cost associated with security management. Changes in general, whether to a firewall, router, application or any other part of the IT infrastructure…
Is the linchpin of security a victim of its own success?
The Department of Homeland Security, through its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), issued a warning last Friday about security vulnerabilities in the Tridium Niagara AX Framework, a popular software platform that integrates various control systems and devices and allows them to be managed over the Internet.
The VAR Guy
Security management and risk analysis solutions specialist FireMon announced its flagship security policy and posture management solution, Security Manager, has been designated “McAfee Compatible” for its integration with McAfee Firewall Enterprise V8.
If IT security departments want to truly meet the risks posed by today’s advanced threats, they need to get more scientific with how they develop their strategies. Because based on the breach statistics and malware infection rates, the old methods aren’t even close to adequate, security experts warn.
CSOs are mixing an assortment of technologies, approaches and policies to shore up defenses on the changing corporate boundary…
…FireMon key to Accor’s policy administration.
Product name: Security Manager Version 6.0 Key features: The first security policy and posture management solution that fully integrates comprehensive risk analysis with configuration management, enforcement and auditing of network devices like firewalls, routers, switches and load balancers. Gives enterprises the visibility to understand the scope of business vulnerability and prioritize the proactive defense of critical assets. More info.
The FireMon Security Manager with Policy Manager and Risk Analyzer is the ultimate policy and risk management tool.
FireMon Security Manager 6.0 Delivers Integrated Risk Analysis and Policy and Configuration Management Solution for Network Security
FireMon Security Manager 6.0 Offers the Only Fully Integrated Risk Analysis
Help Net Security
FireMon has rolled out the next rev of its security management and risk analysis platform. FireMon Security Manager 6.0 provides extended capabilities around risk analysis, configuration management and policy enforcement, plus the auditing of firewalls, routers, switches, load balancers and other devices on the network. The net result is a high level of visibility into overall network security and the defense of critical assets.
Detecting a threat does little good if the targeted company is not ready to respond. Security experts weigh in on ways to speed a business’ response to threats
Presentation to Address Advanced Firewall Management and Risk Visibility Solutions
FireMon, the firewall management vendor spun-off from security integrator FishNet Security, reported 50 percent year-over-year sales growth in 2011 that propelled it to profitability. It also reported a “dramatic” growth in new customers.
Firewall management vendor FireMon is launching a European channel assault after hiring its first heads in the region.