Cyber Security Trend Week in Review: Healthcare Insecurity, External Threat Management, SIEM

By Peter Bernstein
Senior Editor

Unfortunately as the headlines screamed all week from LinkedIn (News - Alert) revealing the extent to which it had been compromised and a host of other high profile breaches, Cyber Security has moved from the realm of technology coverage to the general press.  And, as member of the Cyber Security Trend Community are painfully aware, that is not a good thing. 

Rather than dwell on the widely covered news, there were a series of other things of interest regarding both reports on threats and some advice that should resonate with readers.

One of the focuses of major concern right now is protecting healthcare records.  As we have seen in recent weeks the healthcare sector has become a prime target of hackers with ominous overtones as to how such information once stolen is used by bad actors to build comprehensive profiles on people for employment for things like ransomware in general and the compromising by rogue states of key private sector and government officials.   How prepared the healthcare industry is to deal with protecting the personal data they are entrusted with is thus a major concern, and the recent study by the prestigious Ponemon Institute (News - Alert) of its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data paints bleak picture.

Special guest contributors Elias Manousos and Gary Fish, CEO and co-founder for RiskIQ, CEO and founder for Fishtech Labs have a really interesting piece that provides recommendations on the four key elements to consider in deploying a successful External Threat Management (ETM) system.  Given the consequences of the problems external threats pose, being about to use a state-of-the-art ETM has huge benefits that are worth reviewing.

The third item this week is the first in a two-part series by special guest Dr. Partha Bhattacharya, Chief Technology Officer, AccelOps on the need to upgrade your Security Information and Event Management (SIEM) capabilities. Entitled, Why SIEM Appliances Are So 8-Track Tape, the first in the series looks at the state of the SIEM market and parameters to consider before selecting a SIEM solution for your network. Next week Dr. Bhattacharya will dig into the notion of cybersecurity through visibility and how threat intelligence integration, advanced threat detection and other factors can make or break your SIEM strategy.

Getting ahead of the curve is critical for IT professionals, and having a head’s up on what is in the works is of value.  It is why the contributions by ApacheCon North America, MIRACL, NTT (News - Alert) Innovation Institute Inc., and NTT Labs of security and authentication code to Apache Milagro, a new open source project within the Apache Incubator, is of interest. This announcement establishes an internet security framework called Distributed Trust Authorities. The goal is to move from a single, monolithic hierarchy of trust to one where publishers of enterprise, web and mobile apps can decide on, and provide, security, and taking the open source route to gain the wisdom of the crowd is a logical way to incubate and ultimately disseminate such capabilities. 

Weekend Reading

The Cyber Security Trend home page has links to valuable resources to enable community members to stay on top of industry best practices and career advice. Resources include white papers and profiles for of certifications that can help you keep up with the bad guys and advance your career.  Two resources I recommend are,  Official (ISC)² OnDemand Training and The Rise of the Cloud Security Professional Whitepaper .  You also may wish to check out on our companion Cloud Security Resource site, the article about the new 2016 Cloud Security Spotlight Report, is one to download and add to your reference library.