I was in Munich last week, speaking at the European Identity and Cloud Conference in a panel on standards for mobile security. It was a very good session, not least because of the colleagues who joined me on the panel. John Sabo spoke about the work he’s doing in privacy frameworks.  Tony Nadalin spoke about [...]

In this particular case, we see a common cybercrime attack methodology, mass spam, a social engineering hook and a downloader Trojan, crossing over into APT space, likely due to all of the recent press coverage of Mandiant and other APT-related investigations. This is further evidence of the constant evolution of online attacks based on current events.

The initial inspiration of my “Groove Theory of GRC” was Rocco Prestia, the bass player for the funk band Tower of Power. His definition, or lack thereof, of the term groove started my thought process on how very important things can exist without exact scientific explanation. In my last blog, I talked about combining Musicality and Performance to create a special musical experience and how GRC should strive for this powerful combination through Visibility and Accountability to result in Performance Optimization. Now I want to explore the complexities of any musical endeavor. While solo performances can be captivating, a full orchestra performing in perfect concert together is one of the highest forms of human collaboration and expression. So on to postulate #2:

Today, Norman and Shadowserver released a paper that revealed a large attack infrastructure in which they detailed an ongoing campaign, running as far back as September 2010. This campaign, reportedly run out of India, used spear-phishing attacks and multiple strains of malware to breach targets of interest and extract data.

A fair percentage of clients that I have provided incident response services to over the last 12 months are operating without security or oversight on the Internet, meaning not a single person employed at that organization is solely dedicated to working on security issues. While this is common for small companies and startups, these clients matured over the years to the point where they had hundreds or thousands of employees and even more computing devices on the network. What had not occurred, however, was the investment in security commensurate with the growth of the company.