Sony Hack – Who’s To Blame?


While the White House considers the devastating cyber-attack on Sony Pictures Entertainment “a serious national security matter,” and is still evaluating how best to respond, we in the security sector know all-too-well that Sony is just the latest example of how easy it is to penetrate the networks of our most critical private and public infrastructures – stealing valuable data, tampering with critical assets and crippling the operations of market-leading companies.

Sony, like most companies, doesn’t take security seriously until it’s too late.  They failed to conduct routine maintenance on their systems, lacked encryption and had no mechanism to detect and respond properly to a breach.  Now we have Sony execs and the government saying the breach is most likely the act of a sophisticated hacking network sanctioned by North Korea (Really? Duh!). While Sony attempts to deflect attention away from their own incompetency and slipshod defense, the fact remains – their security was an absolute joke, penetrable by a high-school student with rudimentary computer science skills.

In an article by the Associated Press, Sony Pictures Entertainment CFO David C. Hendler complained to CEO Michael Lynton that the company had experienced significant and repeated outages as a result of limited hard disk space, outdated software, poor system monitoring, and unskilled IT workers. The AP reported that hackers targeted executives to trick them into revealing passwords and that many employees used easy-to-guess passwords. Additionally, strategic plans and medical information about some employees were stored in unencrypted form.

Sadly, Sony’s sloppy security hygiene is commonplace.  Most corporations and smaller businesses are no better at securing their data.  Breaches like Sony will continue to happen because corporations, security vendors and hackers are complicit.

Companies don’t bother to properly fund IT security or properly secure their critical assets – this is evident by the volume of breaches that occur daily.  It’s really easy to be hacked.  Companies need to rethink their approach to security and recognize that attacks happen.  They need security solutions that quickly detect and investigate anomalous activity and minimize the damage.

Security vendors fail to innovate.  They push the same old products that don’t work and provide little more than a false sense of security.

Hackers seeking profit, protest, challenge or just enjoyment will continue to find and exploit weaknesses in computer systems and networks. Stop making it so easy for them.

It’s time for organizations to wake-up and activate change.  Make security a top priority every day. Invest in next-generation security products that discover and remediate attacks that escape detection by sandbox tools.  Your business and our national security depend on it.

It’s Time for Apple to Open Up


Triumfant’s CEO John Prisco, penned a guest post appearing on TechCrunch calling for Apple to open up its iOS.

An excerpt from the open letter follows:

Hackers are a reality. Malware is inevitable, state-sponsored or not. How can there be any level of acceptable and secure BYOD if the world’s largest smart device manufacturer won’t let security professionals protect its users? Xsser is one example of what can go wrong and it will not be the last and not even close to the worst.

We’ve all realized Apple is no longer infallible; now it’s time for Apple to realize it for itself. It’s time for Apple to open its eyes and its iOS.

To read the full post, go to:

A Good Year for Cyber Criminals, Bad Year for Companies – How Will 2015 Fare?

This week, CIO reported that nearly a billion records were compromised in 2014. It shouldn’t be surprising, considering there seemed to be a hack or breach every week, but to see the number written out is pretty shocking. The article calls out that in the first nine months of 2014, after 1,922 confirmed incidents, criminals managed to compromise 904 million records. Many of the incidents reported in 2014 were record setting, including 20 that resulted in the compromise of more than a million records each. Many experts, including the ones here at Triumfant, have been wondering – as companies are planning their budget allocations for 2015, will security finally receive the attention (and spend) it deserves?

We recently conducted a survey to gauge security spending in relation to budgets as a whole, and the data we got back spoke volumes. The survey of security/IT professionals addressed both security spending during the past five years and current budget spend when it comes to protecting a company’s assets, employees and customers. Organizations are more concerned than ever about the security of their companies, yet 85 percent of respondents said the total spend on IT security is less than 25 percent of their total budget (with 53 percent indicating it’s less than 10 percent).

Our CEO John Prisco notes, “We are at the point where there is a major hack or a breach each week, and it’s disheartening that companies are still not putting the resources behind security. Our findings showed that when it comes to marketing, only 78 percent say spend is less than 25 percent of budget. Moving into 2015 and using what we learned over this year, those marketing dollars would be better spent proactively protecting against a breach instead of being available to cover for one after the fact.”

Additional key findings include:

  • Thirty-five percent of survey takers are barely concerned or not concerned at all, about a security breach.
  • While many still downplay their security concern, 56 percent of survey takers stated that budget for security resources increased during the past five years.
  • More than half (59 percent) of survey respondents also said they take cyber threats more seriously than they did five years ago.

So now what? From our perspective, it’s time to say good riddance to the “year of the hack” and hope that companies take the opportunity to allocate spending toward better protecting their assets in 2015.

Voting is Open for the 2015 SC Awards

The time is here to cast your vote for the industry’s most distinguished awards program. Voting is open for the 2015 SC Awards, which honor the professionals, companies and products that help fend off the myriad security threats confronted in today’s corporate world. This year Triumfant is up for nomination in two Readers Trust categories, including Best APT Solution and Best Managed Security Service. Winners in the Readers Trust categories are chosen by qualified readers and registrants of SC Magazine as well as end-users. Voters are asked to consider the functionality, manageability, ease of use and scalability of the product or service, as well as the customer service and support provided for it.

We’re always honored when Triumfant is recognized by the industry for the innovative work we’re doing in providing companies and government entities worldwide with continuous protection from advanced malware threats, but it means even more when our end-users, customers and partners validate our industry leadership. At Triumfant, our goal is ensuring that our customers have the confidence that their endpoint machines are secure, configured, and compliant and therefore ready for business in an increasingly hostile environment. If you believe that we have been successful in achieving this objective, we would appreciate your vote.

Please visit to see all nominees and cast your vote. Only subscribers to SC Magazine that are end-users have access to review and vote, but if you’re not an SC Magazine subscriber, subscribing is free. Voting ends November 17, 2014.

We thank you in advance for your help!

NYC Executive Roundtable October 23, 2014

Our CEO and President, John Prisco, is heading to NYC next week to join 14 other information security execs in discussing how to protect companies’ data from malware. The event will be moderated by the first CIO, Steve Katz, and will bring together top security executives in a roundtable to examine current strategies and concerns when it comes to next generation threats including targeted attacks, in-memory attacks, and zero day threats. These are issues that are not only producing big headlines, but also having a big impact on companies’ bottom lines. According to the Ponemon Institute’s 2014 report, the average cost of a data breach is $3.5M, which is up 15 percent from a year ago. With IT being asked to do more with less headcount and budget, enterprise security teams are struggling to protect network borders, endpoints, and other organizational assets.

Some of the specific points that John and the other panelists will be covering at the event on October 23 are:

  • Is the talk about increasing sophistication of malware real or hype?
  • How are you dealing with latest generation malware? How do you stay current?
  • Is detection the new prevention?
  • How do you explain malware risk to business management?
  • Does your company have any liability if your environment is compromised by malware that could have been detected?

Sound like an interesting roundtable topic or think your company may benefit from attending? Register here!

October is National Cyber Security Awareness Month – So where’s all the security?

October is National Cyber Security Awareness Month (NCSAM) but it appears that nobody has noticed based on the number of breaches we have witnessed since the beginning of the month. Let’s take a look at some of the most recent breaches that have garnered attention so far in October and what John Prisco, our CEO and President here at Triumfant, had to say about them:

  • Dairy Queen – On Thursday, Dairy Queen confirmed that nearly 400 Dairy Queen locations (and one Orange Julius location) were compromised by Backoff malware in August. When news of a potential breach first broke in August, Dairy Queen denied the breach initially but then began an investigation. Customers’ names, card information, and expiration dates were all accessed in the breach. Dairy Queen now believes that the malware has been contained, and the company’s website lists all affected stores as well as the dates of the attack. John spoke about the breach saying: “Would you like a breach with your sundae? Dairy Queen is another example of a company that is easy pickings for cyber criminals. There are a thousand more unprepared companies that will grace the front page of our newspapers over the next year. I scream, you scream, we all scream…pay with cash!”
  • JP Morgan Chase – While the story of this breach started in September, last week JP Morgan Chase confirmed that 76 million households and 7 million small businesses were impacted in a data breach in June and July. JP Morgan says that financial data—including account numbers, passwords, dates of birth, Social Security cards—was not accessed in the breach. Customers who use, JPMorganOnline, Chase Mobile or JPMorgan Mobile may have had their contact information accessed, including names, addresses, phone numbers and email address. John spoke with eSecurity Planet on this matter: “Gone are the days when a tool like anti-virus was a good enough security solution and hopefully this serves as a proper wake-up call to the industry.”
  • AT&T – Also last week, Reuter’s reported that an employee at AT&T accessed personal information belonging to approximately 1,600 AT&T customers in August. AT&T informed these customers in a letter that their Social Security numbers, driver’s license numbers, and internal AT&T information were all potentially compromised by the employee, who has since been fired. AT&T is offering free credit monitoring services to customers, and recommends they change their account passcodes. After hearing about this, John said, “Anomalous behavior software is required to discover when an insider, while working on an endpoint computer, is ‘acting’ out of the norm. Until this type of defense is more broadly deployed, expect to keep seeing these headlines.”

While every month is National Cyber Security Awareness Month for us here at Triumfant, we think it’s an important initiative by the government and the security industry to work together to promote and spread awareness to those who may not be as vigilant about cyber security as they should be.

Even when we are not directly connected to the Internet, our critical infrastructure—the vast, worldwide connection of computers, data and websites supporting our everyday lives through financial transactions, transportation systems, healthcare records, emergency response systems, personal communications and more—is at risk. That’s why we are happy to support efforts to spread the word on helping us all becoming safer and more secure cyber-citizens.

For more information on National Cyber Security Awareness Month, visit Stay Safe Online.

CEO John Prisco to Talk Cybersecurity at Summits This Week

This week, our CEO John Prisco is making two stops on the East Coast to speak to the financial sector at the Billington Cyber Security Summit on Sept.16, 2014 in Washington D.C. at the Capitol Hilton and the Wall Street Journal Cyber Security Summit on Sept.18, 2014 in New York City at the New York Hilton.

At the Billington Cyber Security Summit on Sept.16, John will participate as a panelist on “Breakout 4: Finance Sector and Cyber Security,” from 1:30-2:20 p.m. ET. Along with experts from Goldman Sachs and Northern Trust, he will be sharing his expertise on the latest cyber-threat intelligence sharing in the financial services industry and how the financial sector is coping with mobile and cloud security and the Internet of Things (IoC).

On Sept.18 at The Wall Street Journal Cyber Security Summit, John will speak from 4:30-5:15 p.m. ET on a panel titled “Threats Facing Financial Institution & Global Markets.” The session will review ways to prevent and recover from serious attacks, protect private and confidential data and the emerging dangers organizations face as hackers are adapting and growing more dangerous.

We hope to see you there if you’re attending one or both of the summits!


Get every new post delivered to your Inbox.

Join 626 other followers