We’re a week out from McAfee FOCUS 11 in Las Vegas, and the world is still abuzz with talk of infosec – here’s an overview of some of last week’s most talked-about news, blogs and articles.
On the McAfee side, we hosted two FOCUS events in Europe, FOCUS Security Conference London and FOCUS Paris, featuring keynotes from McAfee executives as well as sessions and demonstrations from security professionals from around the world:
And in the broader realm of security news this week:
Dubbed Duqu, a new malware was discovered carrying code from one of the most complex and potentially dangerous cyberweapons to-date. The exploit code, according to McAfee Labs’ Guilherme Venere and Peter Szor, mimics Stuxnet in its encryption keys and drivers. Like Stuxnet, it is closely related to the original Stuxnet worm, but with a different goal – to be used for espionage and targeted attacks against sites such as Certificate Authorities.
Newly-instated U.S. chief information officer Steven VanRoekel discusses his priorities for the federal IT landscape and how technology can enable the government to do more for Americans:
“It [fears about online security] makes a false choice between security and innovation…Security and innovation should dovetail into an opportunity.”
Interesting post by Branden Williams describing a process created by Netflix called the Chaos Monkey, which automatically and randomly shuts down major parts of the company’s tech environment. It’s controlled chaos that in theory keeps employees ready to go in the case of uncontrolled events coming from the outside. He ends by asking what features you would add into the chaos monkey – thoughts?
The American Bankers Association issued a warning on Wednesday about a sudden increase in phishing scams across the country. Businesses in particular are especially vulnerable to spear phishing attacks, aimed at individuals with access to corporate bank accounts.
In a recent survey of 850 executives conducted by Ponemon Institute, it was found that the average time it takes to restore an organizations reputation after a data breach is one year. The average loss in value ranged from a whopping $184M to over $330M, with a minimum loss of 12%.
Thanks for reading, and as always, feel free to leave your comments or suggestions for next week’s Highlights here in the blog, or on Twitter at @IntelSec_Biz.