Threat Intelligence-as-a-Service brings SIEM Within Reach of SMEs

Organizations are being targeted by cybercriminals more than ever. According to the latest statistics from Symantec, 52.4% of phishing attacks in December 2015 were against small and medium-sized enterprises (SMEs). The month prior demonstrated an even bigger spike. The situation is forcing businesses of all sizes to augment their network and mobile security. Topping the list of improvements include the need for better threat intelligence and endpoint security.

Security information and event management (SIEM) systems provide a valuable tool to gather threat intelligence through activities logged from various applications and devices. The logs are then combined to create threat intelligence reports that can identify signs of unauthorized behavior. Because of their complexity, until recently SIEM systems were considered exclusive to those large enterprises with access to the sizeable budgets and resources required to maintain them.

read more

The World after Safe Harbor

In October 2015, the European Court of Justice (ECJ) declared the Safe Harbor Agreement for transferring data to the USA invalid. The decision was based on a lawsuit filed by the Austrian, Maximilian Schrems, who claimed that the data storage practices of Facebook in the USA did not conform to European data protection legislation. After the ECJ upheld the Schrems case, many international companies faced an upheaval to their existing data transfer practices. At the end of the interim period on February 1, they were no longer permitted to share personal data including names, addresses and credit card numbers with subsidiaries in the USA. In principle, this decision could affect all kinds of companies – not just social media platforms such as Facebook or Twitter, but entire sectors including ecommerce and cloud computing. Violations of data protection legislation can incur financial penalties of up to EUR 300,000.

read more

Big Data and IT Security – SIEM as an Analysis Tool

Over the last few years, gleaning useful information from massive amounts of data has also become more difficult for IT security and approaches to Big Data and information analysis are a critical topic in this sector. The number of users, end devices, applications and log files are constantly on the rise. At the same time, attackers are becoming more sophisticated and professional while constantly adapting their strategies. Companies are now facing a completely new level of risks and challenges to their IT security operations.

Frequently companies have more than enough data on security events, including successful penetrations and potential vulnerabilities. Enormous volumes of data are generated by network components, storage systems or applications. Security threats buried among this data must be taken seriously, however attacks often remain unnoticed or they are not discovered in time due to a lack of structured data. Analyzing and interpreting this data and deploying a rapid response is almost impossible without specialist software.

read more

Back to Basics: Tackling the Fundamental Cybersecurity Solutions [VIDEO]

It’s fair to say that organizations, particularly larger enterprises, are making more concerted efforts nowadays to invest heavily and quickly into cybersecurity. Just a few short years ago, businesses were content with treating cybersecurity as something frivolous, an optional add-on; a cyberattack couldn’t possibly happen to you, right? And yet, in a short amount of time, we’ve seen the rate of cyberattacks and data breaches explode, both in frequency and impact. Seemingly no one is outside the firing sights of hackers: enterprises, SMBs, government agencies, individuals; all are fair game and have been targeted without impunity.

That kind of fear has lit a fire under previously complacent organizations now looking to ramp up their cybersecurity game. But not all enterprises – and especially SMBs, which have comparatively fewer IT resources to work with – know exactly how to translate that urgency into action. They know they want solutions that are easy to use, easy to implement and get the job done – but where do you start? What’s ground zero for company cybersecurity?

read more

A Look at BYOD in 2016

Happy 2016! It’s a new year, and a time for fresh resolutions to improve your life over the next 12 months, whether that involves running a marathon, getting a new job or taking that trip abroad you’ve been putting off.

But for businesses, those New Year’s resolutions should be expressly focused on stronger security. With data breaches, email hacks and password thefts becoming more and more commonplace – and each cyberattack casting wider nets of victims – this is one resolution that can’t be allowed to fall through.

read more

Open Haus: Seamless Roaming [VIDEO]

Imagine this: You’re sitting on the train, trying to get your work done, when your Wi-Fi connection – not always the most reliable on trains – drops out. Maybe you manage to re-connect in a few minutes. Maybe you switch to your data plan to get back online. Or, maybe when the train gets close enough to a station, you can switch to their hotspot, and save some data in the process. Over the course of that trip, you had to cycle through different networks to maintain an internet connection, constantly losing any sessions you had running and forcing any apps you were using to restart. Not only that, but when end users have to switch that often between connections, it can make re-connecting to a VPN slow or frustrating, and they may opt to forgo the VPN altogether if those issues persist. It’s an understandable concern of inconvenience – after all, frequent network disruptions can make working remotely virtually impossible. But indulging in that concern can also dredge up even more problematic security issues. Users shouldn’t have to choose between network convenience and VPN security.   How It Works With NCP engineering’s Secure Enterprise Solution they don’t have to. The on-the-go demands of today’s mobile workers, who need reliable internet connections wherever they may be and also require the secure remote access provided by a VPN, make seamless roaming a prerequisite for how to stay both online and secure nowadays – and it’s a prerequisite built into NCP’s VPN solutions. While users may shift from one connection or IP address to the next, depending on where they are... read more

Endpoint Security: The Cornerstone of the Cybersecurity Puzzle

Some enterprises occasionally fail to realize that many of the differing cybersecurity services available today aren’t optional add-ons but necessary, oftentimes critical, pieces of a complete security strategy. There are a suite of unique security protocols and services that all work together to protect a network and safeguard valuable business data from intrusion. Cybersecurity is a holistic process that requires multiple moving parts working in tandem; failure to do so could leave networks with painful vulnerabilities, not to mention wasted resources. Endpoint security is one such critical piece of the cybersecurity puzzle. While it’s difficult to rank security systems in order of importance, it’s hard to imagine any of the other measures used to secure a network being functional without this one in place. It works like this: Endpoint security is installed on a client/server and may be managed by a central server, or gateway, that runs a security program to verify a network device. VPN and anti-virus software installed on an approved system requires the user to comply with policies before accessing the network. Without the permissions, a user can’t get into the shared network. Without this safeguard in place at the outset of network access, it’s hard to imagine many of the other potential security systems being fully capable of doing their job. Endpoint security is a proactive prevention method, while almost all other security systems are reactive, after-the fact measures. Incident response, for instance, functions as damage control. If endpoint security isn’t in place, the likelihood of a data breach happening is higher all around. An incident response strategy can’t predict a security failure ahead of... read more

Open Haus: Multi-Factor Authentication [VIDEO]

NCP has been present at a number of industry events throughout the year, from it-sa in Nuremberg to SC Congress in New York to INTERFACE in Denver. While these gatherings offer great opportunities for reconnecting with our friends and partners, as well as reaching out to new clients, they also provide an invaluable time for taking the industry’s temperature, so to speak. And if there was one thing we found that was on nearly everyone’s minds this year, it was the growing need for two-factor (or multi-factor) authentication. As data breaches caused by spear-phishing and social engineering tactics have become both increasingly more frequent and more damaging, multi-factor authentication emerges as a common sense solution for reducing the success rate of these cyberattacks. Unfortunately, it’s not as simple as flicking a switch. Cybersecurity budgets may be increasing, but IT professionals are still struggling with the amount of resources they have, and are unsure about where to shift their priorities. How to implement multi-factor user authentication, or how to determine which VPN or defense-in-depth solution offers the best multi-layer fit for your organization, are all pain points for enterprises. How It Works That’s what gives NCP Secure Enterprise Management (SEM) such a leg up on the competition. Unlike other secure remote access VPN providers, NCP’s solution provides integrated multi-factor authentication safeguards to help give your organization greater peace of mind. Protecting login information with just a username and password isn’t safe anymore; it’s all too easy for hackers to guess around these, especially when so many users have simple passwords to begin with. Two-factor or multi-factor authentication setups, instead, require... read more

Stay up to date

Subscribe for email updates

Connect With Us

Contributing Member

Want to contribute?

Want to contribute? Drop us a line at editor@vpnhaus.com