Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Profile

Archives for October 2014

Why Enterprise Snare Agents

by

In 2001, the developers of the Snare Product Suite, developed a system to capture the event data as required by Trusted Computer Systems Evaluation Criteria or C2. While the C2 is considered one of the lowest acceptable levels of security, the C2 System must be able to:

  • provide system level audit trail
  • audit the use of identification and authentication mechanisms
  • audit file access (open, close, read, write, create) and program initiation
  •   audit file/object deletion
  • audit administrative actions

The Snare Product Suite started with the Linux agent, specifically for use within the defense industry, and later the suite was expanded to the Windows and Solaris agent. The agents, which were originally provided through the Open Source community became hugely popular for organizations that were attempting to meet C2 Audit Levels.
Of course back in 2001, logging event data was much more simplistic than it has evolved to today, and now there are multiple regulatory reasons to implement an SIEM, SIM, SEM or Event log management solution. The debate seems to rest with should an organization use agents or not to forward the event log data to a collector.

See complete post on our snare.solutions website

Most businesses do not understand risks of data breaches, study finds

by

Warwick Ashford Tuesday 28 October 2014 10:35 – Posted in ComputerWorld

More than 70% of executives say their organisations do not understand fully the risks associated with data breaches, a Ponemon Institute survey has revealed.

Less than half of top executives, including board members, are kept informed about the breach response process, according to the 2014 Executive Breach Preparedness Research Report, commissioned by HP.

Of the nearly 500 senior executives polled in the UK and the US, only 45% said they were accountable for the incident-response process.

The survey on the importance of senior executive involvement in breach response found that while 79% of respondents said executive-level involvement is necessary to achieving a successful data breach response, only 70% believed board-level oversight was also crucial.

The survey also revealed that only 45% of executives considered their own enterprise’s incident response process as either proactive or mature.

Read the complete article

Cyber Attacks On US Companies in 2014

by

By

The spate of recent data breaches at big-name companies such as JPMorgan Chase, Home Depot, and Target raises questions about the effectiveness of the private sector’s information security. According to FBI Director James Comey, “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.”

A recent survey by the Ponemon Institute showed the average cost of cyber crime for U.S. retail stores more than doubled from 2013 to an annual average of $8.6 million per company in 2014. The annual average cost per company of successful cyber attacks increased to $20.8 million in financial services, $14.5 million in the technology sector, and $12.7 million in communications industries.

This paper lists known cyber attacks on private U.S. companies since the beginning of 2014. (A companion paper discussed cyber breaches in the federal government.) By its very nature, a list of this sort is incomplete. The scope of many attacks is not fully known. For example, in July, the U.S. Computer Emergency Readiness Team issued an advisory that more than 1,000 U.S. businesses have been affected by the Backoff malware, which targets point-of-sale (POS) systems used by most retail industries. These attacks targeted administrative and customer data and, in some cases, financial data.

Read Full Article – >

Cyber Attacks Article

New Sophos iView Reporting

by

Extend the UTM’s on-box reporting to provide consolidated and compliance reporting and much more.

Sophos iView is a dedicated reporting appliance that extends and enhances the UTM’s on-box reporting helping customers meet compliance reporting requirements, providing consolidated reporting across multiple UTMs, nearly limitless views and customization options, and a convenient backup and long-term storage solution for all your UTM reporting data.

Read More ->