Get My Score

Continuous Security Assessment & Remediation

Black Hat 2018

Everything CISO and Cybersecurity During Black Hat 2018

Black Hat celebrated its 21st anniversary this year, bringing together over 15,000 cybersecurity professionals to learn and network in Las Vegas.  At the Cavirin booth, people flooded to get their “Got CyberPosture” t-shirt and learn how the Cavirin CyberPosture Intelligence platform provides “credit like” scoring, with actionable insights, helping enterprises align their security resources to more effectively address pressing threats of cyber attacks in their hybrid environments (multi-cloud, containers, and on-premise). 

Additionally, BrightTALK was at the heart of the action, streaming live panel sessions and engaging in conversations with some of the world's top security leaders. These panels offer a collaborative atmosphere, enhanced by speaker presentations and insights. Cavirin’s CSO, Joe Kucic participated in two of the thought-provoking panels:  Key Factors for CISO Success & Managing Your Cyber Risk!  If you were unable to join us in Vegas, we highly recommend tuning into these two panels available on the BrightTALK website. Here is a little more information about the webinars: 

The Key Factors for CISO Success was a Part 1 of 2 CISO panels during Black Hat. This panel was an in-depth focus on the ever-changing role of the CISO and the factors influencing their success. There was also a focus on why identifying your organization’s security culture matters. With the huge shift to cloud services, CISOs are needed to recruit, develop, and retain strong security talent.  Today’s cyber threats and the introduction of the hybrid cloud is forcing CISO’s to build a new arsenal of talent and tools to accommodate its present complexity. Kucic believes that CISO’s are beginning to adapt the continuous security model to address the frequency and acts of today’s threats.  CISO’s are required to know what their levels of exposures are based on different assets. Further, they must be able to prioritize the remediation actions that help improve the overall security posture of an organization.  Taking that data and being able to present it to leadership is key for a CISO’s success.   Lots more great insight from Joe and other members of the panel: Mark Weatherford (vArmour), Azi Cohen (WhiteSource) and Mark Whitehead (Trustwave).

The second panel that Cavirin’s CSO, Joe Kuicic, was featured on was Managing Your Cyber Risk lead by ITSPmagazine, based on detecting and responding to threats within your organization. This panel was a Q&A based around managing security risk. The key takeaway was that every company has it whether they want to acknowledge it or not. Kucic says that “risk management has evolved to be a business enabler, a differentiator if they do it right.  It allows companies to move quicker with technologies and go to market faster than their competitors if they look at it the right way and not just as a compliance requirement”. Continuous visibility is important because risks and breaches are ongoing and not just a single occurrence.  Finally, he adds that remediation and mitigation are things that companies continue to struggle with today.  Both webinars are available on BrightTALK for free! Tune in for the full coverage.

Overall, Cavirin’s participation at Black Hat was awesome due to the relationships built, conversations enjoyed, and insights gained this year. To continue the BH momentum, if you want to see a demo of our CyberPosture Intelligence Platform, This email address is being protected from spambots. You need JavaScript enabled to view it.!  We would love to keep the connections going! We even might be able to get you the hot “Got CyberPosture” t-shirt.  See you soon.

 

0
0
0
s2sdefault

 

Phew!

That’s all I can say after last week’s very successful (in the eye of the writer), very crowded (50,000 in a construction zone?), and sometimes overwhelming (parties?) RSA. Anyone in attendance would agree that the intensity, the depth of conversation, and even the innovation was a step up from previous years.  But so was the angst.  Read on!

At Cavirin, we introduced CyberPosture Intelligence to the world, along with an accompanying survey on hybrid cloud security that speaks to the necessity and timeliness of our approach.  As a reminder, CyberPosture Intelligence:

  • Provides actionable intelligence for the CISO and stakeholders to take control by delivering continuous risk, cybersecurity, and compliance management across hybrid environments.
  • Offers continuous compliance for the hybrid cloud and eliminates the gaps and risks inherent with current approaches.
  • Secures both the public cloud control plane as well as target hybrid cloud workloads (servers), on-premise, within the public cloud, and within containers.

This last point is especially important, given the need to protect critical workloads in the cloud. Having a solution that only looks at the servers, or the cloud account itself, leaves you half-blind, half-protected. You need real ‘situational awareness’ where you’re immediately made aware of any drift from your ‘golden posture’ and, from there, can take appropriate action. 

At the same time, you need a simple deployment based on a technology-agnostic solution that delivers as close to single click scoring as practical, contrasting with multiple stove-piped tools, manual processes, and point-in-time assessments.  An approach that cuts through the noise to offer real, actionable guidance to protect the hybrid cloud, 24x7.

Similarly, a well-developed GDPR plan should be put in place for implementation. On May 25, the GDPR regulation will officially take effect in the EU, inevitably impacting companies beyond those borders.  According to a recent survey released by Cloud Security Alliance at RSA “31 percent of companies have well-defined plans for meeting GDPR compliance, 85 percent have something in place, and 73 percent have begun executing that plan.”

Ultimately, we want the CISO to achieve business outcomes that reverse what is a disturbing trend, where additional security investments don’t necessarily make things better. Reversing a reality that had Cisco’s SVP of security, John Stewart, lamenting the fact that 3.5 million security jobs will go unfilled in the coming years.  He concluded with the statement ‘we are completely screwed.’   Well, let us help un-screw things!

Check here for some of the great coverage we’ve received on our CyberPosture strategy and how it fits into current security conversations across different verticals and geos.

0
0
0
s2sdefault

 

Today we’re announcing the next phase in Cavirin’s evolution, with an approach and product offerings that will truly provide organizations with the visibility and control they require across their hybrid infrastructures, an approach that provides the CISO with actionable insights to minimize the attack surface while meeting the reporting requirements of his or her board.  We call this ‘CyberPosture Intelligence for the Hybrid Cloud.”  Read on!

The hybrid cloud is real, and in fact, 81% of enterprises are adopting a multi-cloud architecture, spanning on-premise and one or more public cloud providers.  And this won’t go away anytime soon, with about 1/3 of workloads remaining on-premise in 2025, sometimes the most critical.  But there is a problem.  A good 77% of IT personnel identify security as still a barrier to adoption, and almost the same number, 75% lack visibility across their hybrid cloud.

So what is CyberPosture, a word that you’ll be seeing more of in the future?  It is verifying that your slice of the public cloud is secure, be it IaaS, PaaS, SaaS, or even FaaS.  It is confirming that your workloads (servers) in the cloud are secure as well, be they VMs or containers.  It is ensuring that sensitive data if in the cloud, is secured, being able to pass your periodic security audits, and not only securing your own infrastructure but those of your critical suppliers and partners.  Finally, it is an architecture to help you truly understand the risks and deficiencies that are part of any hybrid cloud infrastructure.  One that permits you to effectively balance your risk tolerance with skills and budgets.

CyberPosture is closely aligned with the rise of DevSecOps, the automation of security within DevOps to ensure a more secure cloud infrastructure and to offer more automated remediation when issues are discovered.  In a break from the past, SecOps will no longer be held as a barrier to agile development.  They will regain their place at the table as an enabler.  Who manages this?  The ‘Cloud Security Architect’ runs point, bringing together skillsets from across the organization in a ‘Cloud Center of Excellence.’ 

How do you achieve CyberPosture?  As with any type of posture, it doesn’t just come to you.  You actively set off to achieve it.  We help you instrument your public cloud accounts, your cloud security posture.  We offer the tools to enable continuous compliance across regulations that include GDPR, PCI, HIPAA, SOC, ISO, CIS, and others.  We help you apply these tools across critical verticals and use cases, such as cyber-insurance risk assessment or supply chain risk management.  We integrate these tools with your agile development processes. And, we package up this intelligence in the form of a ‘CISO Dashboard’ or as reports for your audit committee, providing you with a consolidated ‘Cavirin Risk Score’ that combines elements of security and compliance, for your cloud, and for your workloads.

The next step?  Visit us at RSA to learn more about Cavirin’s CyberPosture Intelligence, and while there challenge your existing cybersecurity partner on how to solve this hybrid cloud security and visibility challenge.  Then drop by booth N4439 and share your thoughts with us!

0
0
0
s2sdefault
Hybrid Cloud Strategy Advantages

A Hybrid Cloud Strategy is Important for Security 

Cybersecurity is evolving and strengthening every day, but Lloyd’s, in partnership with AIR Worldwide, released a cautionary report entitled Cloud Down – The impacts on the US economy. This report outlines the possible, and probable, repercussions of the failure of one of the leading cloud providers. In focus: the financial impact of such an event.

Why should we care? If these insights are heard and headed, insurance managers could better grow their cyber business in a judicious manner. Along the same train of thought, it is important to remember that these analyses are made with the notion that a unique CSP would be affected at a time. As such, distributing workloads across multiple CSP’s, taking the time to analyze which advantages of each cloud would best help you attain your goals, would be a possible real-world application of this report.

To provide us with a baseline, the report specifies that “the results published in the report are based on the top 15 cloud providers in the US, which account for a 70% market share.”

0
0
0
s2sdefault

In my previous blog, I looked it just how easy it is for the typical hacker to obtain a variety of exploit tools, or to obtain compromised data. The hacker lifecycle roughly maps to the diagram below, where he or she first obtains or develops the various tools, or leverages ‘dark web’ services, then leverages these to compromise physical assets with a goal of obtaining useful data.  Here, I’ll look at how Cavirin helps you counter these threats by focusing on the middle phase – how to protect your assets, either on-premise or in the cloud. 

 

 

Hacking as a Service (HaaS)

For those familiar with the Cyber Kill Chain concept (and I realize that there are different views on applicability, but it is useful to frame the discussion), the lifecycle may look familiar.  There are seven stages, with stages 3-5 of interest.  

  1. Reconnaissance: Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.
  2. Weaponization: Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.
  3. Delivery: Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)
  4. Exploitation: Malware weapon's program code triggers, which takes action on target network to exploit vulnerability.
  5. Installation: Malware weapon installs access point (e.g., "backdoor") usable by intruder.
  6. Command and Control: Malware enables intruder to have "hands on the keyboard" persistent access to target network.
  7. Actions on Objective: Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.

    0
    0
    0
    s2sdefault

At Cavirin, 2017 was no less than re-thinking securing the hybrid enterprise and pioneering massive scalable solutions. This blog is a summary of all our announcements and key features related to Content and Policy frameworks that we brought to our customers and the community last year.

Read on!

Cavirin also released CIS Android Security Benchmark and launched CIS communities for Kubernetes and Azure benchmark development.

0
0
0
s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.