Triumfant on Fox Business Opening Bell: Can We Stop Cyberattacks?

Fox_Business.svgTriumfant CEO John Prisco was featured on today’s Opening Bell on Fox Business.  The segment discusses the recent attacks on major healthcare payers and providers and how companies, and individuals, can better protect their sensitive health information from malicious exploits.

See the video here: http://video.foxbusiness.com/v/4121660565001/can-we-stop-cyberattacks-/?cmpid=prn_investors#sp=show-clips

Why PCI Compliance Isn’t Good Enough Security: Verizon’s 2015 PCI Compliance Report

200x150Executive_SummaryThe Verizon 2015 PCI Compliance Report was published this week.  This annual report has become a barometer for payment security compliance and indicator for how organizations are prioritizing customer card data protection.

This year’s findings show that PCI DSS compliance overall is improving, and companies are making data protection more of a priority by investing in their cybersecurity budgets.  The bad news is that ongoing attention is low, and data security overall is still inadequate.  The report highlights a PriceWaterhouse Coopers survey of 9,700 companies detecting nearly 43 million security incidents in 2014, a compound annual growth rate of 66 percent since 2009.  With the attacks coming fast and furious, the stakes involved in protecting payment data have never been higher.  According to Verizon, 45 percent of Americans say they or a household member had been notified that their credit card data had possibly been stolen in a data breach and 69 percent of consumers said they would be less inclined to do business with a breached organization.

The most startling statistic from the Verizon report was the fact that of all the payment card breaches forensics team had investigated over the last 10 years, not a single organization was found to have been PCI DSS compliant at the time of the breach. 

Ongoing security of cardholder data and POS terminals should be the driving objective behind all PCI DSS compliance activities, as opposed to achieving a passing compliance report and then subsequently letting security practices go adrift – PCI compliance is not “good enough” security.  Data security cannot just be an annoying “box you check” once or twice a year.  It has to be a pro-active, all-day, everyday priority.  As the Verizon report puts it, “security is something you do, not something you have.”

Meeting the 12 requirements set by the Payment Card Industry (PCI) Data Security Standard (DSS) is not enough to protect your organization from a major breach. Being compliant doesn’t mean that systems or customer data is protected.  Too many companies fail to make payment security an all-day, every day priority.  Retailers must take a stronger security posture to properly guard against the malicious intent of cybercriminals.  This means ensuring endpoints are monitored and audit ready every day – not once a month or once a quarter.  Too much can happen in the 30-90 days between PCI compliance checkpoints and the risks are too great for retailers not to have instant detection and rapid response capabilities in place.

Join Triumfant and 451 Research on Wednesday, March 25 as we examine how retailers can stay ahead of threats to POS systems and why PCI compliance isn’t a sound defense or “good enough” security. The webinar will address:

  • How to keep your POS terminals safe and running optimally every day – even in between monthly PCI audit intervals and testing
  • Understand the shortcomings of a compliance-based standard like the PCI DSS and how to overcome them; make compliance activities benefit security posture – not just check a box
  • Learn how to respond quickly to sophisticated attacks that bypass traditional defense tools
  • Discover how to monitor the memory of each computer in your network, where most advanced attacks happen and go undetected
  • Better understand the importance of proper incident detection and response strategies

Register today at: https://attendee.gotowebinar.com/register/2832041051534511362

2015 Cyberthreat Defense Report: Attacks on the Rise and Confidence Sinks

The second annual Cyberthreat Defense Report from our friends at CyberEdge Group is out today.   The survey of more than 800 security decision makers and practitioners found that more than 70 percent of respondent’s networks had been breached in 2014 — up from 62% in 2013.  Consistent with the findings of last year’s report, IT security spending is increasing, but confidence is falling, with the majority of respondents expecting to be  breached in the next 12 months despite all of their efforts.

Other key findings include:

  • 52% of respondents believe a successful attack is likely in 2015
  • 61% of IT security budgets are rising in 2015, up from 48%
  • Phishing, malware, and zero-days concern respondents most
  • 59% saw a rise in mobile device threats in 2014
  • Low security awareness among employees is greatest inhibitor
  • 67% intend to evaluate new endpoint security solutions

CyberEdge 2015 CDR Infographic

This complimentary report, for which Triumfant is a sponsor,  provides a 360 degree view of organizations’ security threats, response plans, processes, and investments. Security decision makers and practitioners were surveyed in December 2014 across North America and Europe.  To access the full report click here.

Triumfant Launches AtomicEye — Ends the Global Malware Endpoint Epidemic

atomic-eye logo finalWe are excited to announce the launch of AtomicEye today — the latest version of our endpoint security agent for Windows-based and Mac OS X environments.

Cyber criminals are more persistent and creative than ever, corrupting government and corporate IT systems – resulting in great economic damage to corporations, government agencies, and the global economy.  An alarming 95 percent of all U.S. enterprises claim that they are being successfully attacked today. Those same organizations report an average 200 day latency period between when an attack has occurred and when the breach is discovered – allowing ample time for attackers to extract huge amounts of data as seen with the targeted attacks at Sony, Home Depot and Target.

An epidemic is at hand and the magnitude of these security failings requires a completely new approach: one with a greater dependency on immediate detection and automatic remediation based on deep analytics and an atomic view into machine assets and change behaviors.  AtomicEye’s central purpose is to ensure that once inside a company’s or government agency’s systems, no attacker can leave with proprietary information, damage to enterprise systems is minimized, and critical assets are secured. Check out coverage of AtomicEye appearing in eWEEK.

When high-value assets are at risk, instant detection and rapid response is critical.  AtomicEye achieves this by continuously scanning more machine assets than any other endpoint security product – more than 700,000 assets per protected machine. This atomic view allows Triumfant to see an almost infinite set of machine behaviors and trend anomalies that indicate the presence of advanced malware. AtomicEye’s continuous monitoring permits an unprecedented capacity to detect with certainty, in real-time, and at the point of infiltration, persistent or volatile malware.  No signatures or any other form of prior knowledge is needed. As soon as a change occurs a remediation plan is set in motion, making it impossible for damage to be done and/or assets to be compromised,  Within minutes of an attack, Triumfant AtomicEye goes to work, automatically repairing any damage caused and restoring the compromised machine(s) back to its original, clean state. With AtomicEye there are no interruptions or downtime to the business and no human action or interpretation is required.

John Prisco, CEO of Triumfant recently sat down with Forbes magazine to discuss the sad state of cyber security and Triumfant’s revolutionary approach.  He shares: “There is too much of ‘good enough’ security occurring industry-wide. And ‘good enough’ is not good enough, because you see what’s been happening, Many breaches continue for over 200 days before they are discovered. If you don’t find something quickly, what’s the use of finding it at all?” Check out the complete interview here.

To learn more about AtomicEye,visit http://www.triumfant.com.

Anthem Fails its Security Health Check-Up: 80 Million Affected by Breach

Anthem Inc., the country’s second-biggest health insurer reports hackers broke into a database containing personal information for roughly 80 million of its customers and employees in what is likely to be the largest data breach disclosed by a healthcare company. “Tens of millions” of records have been stolen exposing names, birthdays, addresses and Social Security numbers.  On a positive note, the breach doesn’t appear to involve medical information or financial details such as credit-card or bank-account numbers. Most likely the hackers could have easily taken that information also, but were content to leave with what they could carry.

Anthem is just another example of the magnitude, sophistication and volume of breaches that occur on a daily basis, though most go undetected.  Security is no longer about protecting the perimeter and keeping adversaries out, it needs to be about detecting and minimizing the damage once they get inside — stopping a breach before it becomes a full-scale attack.

data breaches

The security industry is coming from a mindset of “fire and forget” where companies think they are safe because they have a well-known, well marketed, antivirus solution in play.  This attitude and faulty thinking needs to change or companies will continue to fall victim to hackers, criminals and nation-state actors at a cost of $3.5 million per intrusion.

Why Do These Attacks Keep Happening?

AV vendors are developing products in a vacuum — they simply don’t address the sophistication of today’s adversary, but they continue to sell huge amounts of product. Organizations then fall prey to the marketing hype and market share of antivirus solutions that don’t work. Traditional security products are easy for hackers to circumvent because they aren’t rigorous.  To be rigorous you must collect enormous amounts of data on each protected machine to find where malware hides.  You must be able to scrupulously monitor the memory of each computer in your network (most advanced attacks happen in-memory and go undetected). And lastly, you need a solution in place that can rapidly detect suspicious activity and create a machine-generated response vs. alerting a team of people that get to the fire too late (as in the case of Target, Sony and probably Anthem).

Triumfant is rigorous.  It continuously scans more than 700,000 assets per protected machine.  Triumfant’s memory process scanner is capable of detecting malware in memory or on the hard drive.  Triumfant detects the presence of malware and automatically builds a remediation plan and repairs the machine, and any collateral damage, within minutes of an attack – not hours, days or weeks.  And, no human intervention is required.  As we see time and again, security teams can’t detect or react fast enough to advanced attacks with alert-driven tools.  Triumfant emphatically closes the breach detection gap, enabling organizations to thoroughly detect and respond quickly to sophisticated attacks that bypass traditional tools.  Anthem and others – take note.

Endpoint Security Becoming a Hot Ticket Item in the Enterprise

laptop and shield antivirusEnterprise Strategy Group (ESG) has published new research on the endpoint security market that indicates a changing landscape.  In the report, The Endpoint Security Paradox, ESG surveyed 340 IT and information security professionals representing large midmarket and enterprise-class organizations in North America in order to accurately assess organizations’ endpoint security technologies, policies, and processes.  As we well know, existing security tools are primarily designed for “set and forget” or alert-driven usage, they do not have sufficient security monitoring, detection and response capabilities.  CISOs are realizing that these legacy security methods are no longer enough to keep pace with the sophistication and elusiveness of today’s adversaries.  The limitations of traditional AV are causing companies to rethink, and reinvest, in endpoint solutions:

  • Two-thirds (66%) of organizations have rethought their endpoint security tools and processes with the goal of creating a stronger endpoint security strategy.
  • More than half of organizations have purchased new endpoint security solutions in addition to the tools already in the environment.
  • Nearly three in five (57%) organizations have increased their budget for endpoint security and associated activities.

As Triumfant has always said, organizations must align endpoint security with their overall enterprise, or defense-in-depth security strategy. As ESG suggests, this will require an integrated architecture where endpoint security interoperates with network security, threat intelligence, and security analytics.

Triumfant’s scalable platform picks up where the vast majority of prevention tools stop – effectively closing the gaps left by firewall, antivirus, sandbox technologies and IPS.  Triumfant can easily integrate with third-party SIEM tools, trouble-ticketing applications, network forensics applications and services to complete an organization’s defense-in-depth strategy and detect, stop and automatically remediate advance threats that evade other security defenses.

Don’t let your next breach become a full-scale attack.  Contact Triumfant today.

National Standard for Reporting Data Breaches: Good or Bad Idea?

20150112_obama_idfraudThis week, President Obama outlined a proposal that would require companies to inform their customers of a data breach within 30 days of discovering their information has been hacked. The plan is intended to unify nearly four dozen disparate state data breach disclosure laws into a single, federal standard. Good idea, right?  Yes, in theory.  In practice, sharing threat data has a shelf life and expiration comes quick. Targeted attacks are custom and therefore don’t lend themselves to repeat usage making the shared information obsolete before it ever has a chance to be seen, digested or acted on.

The more helpful information would be for companies to share how they were breached – anonymously, of course.  As an industry, we hear about credit card breaches on a weekly basis, but we know very little about how these retail establishments were breached in the first place.  While forensics firms are called in to investigate, sometimes they are unable to precisely pinpoint the cause of a breach.  A mandate for sharing the how (if known) in a timely and centralized fashion would go a lot further in helping companies and the government prevent and properly respond to cyber threats than the what and when.

Follow

Get every new post delivered to your Inbox.

Join 646 other followers