The Intelligent MSSP

Thursday, June 15, 2017

During years, Managed Security Services (MSS) have been the most effective strategy to tackle the increasing and changing threat landscape. Otherwise, some disruptive factors are compelling a new approach for corporate information security. Specifically, we refer to technology factors, such as the blurring of the organization’s boundaries or the explosive growth advanced threats, operational factors like the increasing complexity of the organizations processes and business ones, for instance, the compulsory requirement of implementing an efficient risk management to invest the precise budget in security, no more, no less.

How to address these requirements keeping in control the complexity of a Managed Security Service?
This article identifies which are the compelling factors and proposes a layer-framework for MSS that ensure the right coordination among technology, operation and business to protect the organizations of the future.

ElevenPaths and BitSight deliver enhanced visibility into supply chain risk with continuous monitoring

Tuesday, June 13, 2017

Security Ratings Market Leader Expands Global Reach with New Strategic Alliance

CAMBRIDGE, MA—June 13, 2017. ElevenPaths, Telefónica Cibersecurity Unit specialized in the development of innovative security solution, and BitSight, the Standard in Security Ratings, have announced a new alliance that will enhance visibility into supply chain risk for Telefónica customers worldwide.

The agreement between ElevenPaths and BitSight provides Telefónica customers with access to the BitSight Security Ratings Platform for security benchmarking and continuous supply chain risk management. This new offer will be part of CyberThreats, 11Paths’ threat intelligence service, delivering:

  • Objective, outside-in ratings measuring the security performance of individual organizations within the supply chain.
  • Comprehensive insight into the aggregate cybersecurity risk of the entire supply chain, with the ability to quickly generate context around emerging risks.
  • Actionable information included in Security Ratings that can be used to communicate with third parties and mitigate identified risks.

Wannacry chronicles: Messi, korean, bitcoins and ransomware last hours

Monday, June 12, 2017

It is hard to say something new about Wannacry, (the ransomware itself, not the attack). But it is worth investigating how the attacker worked during last hours before the attack. It does not let us uncover the creator, but for sure makes him a little "more human", opens up a question about his mother language, location and last hours creating the attack.

Wannacry (the ransomware again, not the attack) is a very easy to reverse malware. No obfuscation, no anti-debugging, not a single mechanism to make life harder for reversers. Aside from the code, some companies have even tried linguistic analysis (it has been widely used recently) to try to know where the author comes from (although it turns out to be from China, "more than often"). Result is usually "maybe English native speaker, maybe not, maybe native Chinese trying to mislead analysis..." who knows. But one thing we may know for sure: he likes football, is not greedy and usually types in Korean language.

Metadata to the rescue

It has been proved, during recent years, how useful is to analyze and extract metadata and hidden information from files. Data is the new oil. Not only sensitive information about the user or organization, software, emails, paths... but others like dates, titles, geopositioning, etc. We have heard about spying, politics scandals because of altered documents, insurance frauds..., and everything revealed thanks to metadata.