October is National Cyber Security Awareness Month – So where’s all the security?

October is National Cyber Security Awareness Month (NCSAM) but it appears that nobody has noticed based on the number of breaches we have witnessed since the beginning of the month. Let’s take a look at some of the most recent breaches that have garnered attention so far in October and what John Prisco, our CEO and President here at Triumfant, had to say about them:

  • Dairy Queen – On Thursday, Dairy Queen confirmed that nearly 400 Dairy Queen locations (and one Orange Julius location) were compromised by Backoff malware in August. When news of a potential breach first broke in August, Dairy Queen denied the breach initially but then began an investigation. Customers’ names, card information, and expiration dates were all accessed in the breach. Dairy Queen now believes that the malware has been contained, and the company’s website lists all affected stores as well as the dates of the attack. John spoke about the breach saying: “Would you like a breach with your sundae? Dairy Queen is another example of a company that is easy pickings for cyber criminals. There are a thousand more unprepared companies that will grace the front page of our newspapers over the next year. I scream, you scream, we all scream…pay with cash!”
  • JP Morgan Chase – While the story of this breach started in September, last week JP Morgan Chase confirmed that 76 million households and 7 million small businesses were impacted in a data breach in June and July. JP Morgan says that financial data—including account numbers, passwords, dates of birth, Social Security cards—was not accessed in the breach. Customers who use Chase.com, JPMorganOnline, Chase Mobile or JPMorgan Mobile may have had their contact information accessed, including names, addresses, phone numbers and email address. John spoke with eSecurity Planet on this matter: “Gone are the days when a tool like anti-virus was a good enough security solution and hopefully this serves as a proper wake-up call to the industry.”
  • AT&T – Also last week, Reuter’s reported that an employee at AT&T accessed personal information belonging to approximately 1,600 AT&T customers in August. AT&T informed these customers in a letter that their Social Security numbers, driver’s license numbers, and internal AT&T information were all potentially compromised by the employee, who has since been fired. AT&T is offering free credit monitoring services to customers, and recommends they change their account passcodes. After hearing about this, John said, “Anomalous behavior software is required to discover when an insider, while working on an endpoint computer, is ‘acting’ out of the norm. Until this type of defense is more broadly deployed, expect to keep seeing these headlines.”

While every month is National Cyber Security Awareness Month for us here at Triumfant, we think it’s an important initiative by the government and the security industry to work together to promote and spread awareness to those who may not be as vigilant about cyber security as they should be.

Even when we are not directly connected to the Internet, our critical infrastructure—the vast, worldwide connection of computers, data and websites supporting our everyday lives through financial transactions, transportation systems, healthcare records, emergency response systems, personal communications and more—is at risk. That’s why we are happy to support efforts to spread the word on helping us all becoming safer and more secure cyber-citizens.

For more information on National Cyber Security Awareness Month, visit Stay Safe Online.

Join Us at the Gartner Security & Risk Management Summit

The Gartner Security & Risk Management Summit is just around the corner, June 23-26 in Triumfant’s backyard — National Harbor, MD.  As one of the industry’s most exclusive events, we’re pleased to be a part of the annual gathering and exhibition.  Touted as  helping CISOs and security professionals balance security and opportunity and guide the enterprise quest for risk mitigation, Triumfant will be there to demonstrate its unrivaled approach to advanced threat detection and rapid remediation on the endpoint.

The cost of security intrusions are escalating year-over-year.  The average cost of a data breach is $3.5 million, up 15% from a year ago according to Ponemon Institute’s 2014 Cost of a Data Breach Global Analysis.  As security departments remain short staffed, and traditional signature-based defenses continue to let advanced malware through, companies need Triumfant to know, with certainty, that an attack has happened and to swiftly patch, isolate or remediate the infected machine — in just minutes, without any disruption to the business.

We’re pleased that Gartner agrees, including Triumfant as one of the vendors named in the “Market Guide for Endpoint Detection and Response Solutions” published May 13, 2014 by analysts Peter Firstbrook and Neil MacDonald. 

If you’re a large enterprise struggling to keep ahead of advanced threats and quickly prevent loss when inevitable attacks happen, we’d encourage you to stop by the Triumfant booth or schedule one-on-one time with executives during the show by visiting the landing page here:

Watch for product news from Triumfant coming out of the show — follow @Triumfant and #GartnerSEC

 

 

The Verizon 2014 Data Breach Investigations Report is Out

This week Verizon issued the findings of its annual Data Breach Investigations Report (DBIR).  To no surprise, after analyzing 10 years of data researchers shared: “we realize most organizations cannot keep up with cybercrime — and the bad guys are winning. But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effectively and strategically.”  We at Triumfant couldn’t agree more.

Triumfant’s big data and patented analytics approach to breach detection is rooted in its ability to continuously scan more than 500,000 granular state attributes on every machine. This scan is truly continuous – not weekly, monthly or quarterly. Triumfant collects and maintains the most comprehensive repository of state data available, providing organizations a clear, complete, and current view of the endpoint population. Triumfant can then detect and evaluate alterations to the machine to identify changes that are anomalous in the context of the population. The raw state data is translated into real, actionable information about the configuration and health of every machine.  As a result, organizations can identify machines that are open to exploit because of newly identified vulnerabilities or machines that are non-compliant to configuration and regulatory policies.  Triumfant can also pinpoint missing patches on a given machine where infiltration can occur. 

The 2014 Verizon DBIR identified nine basic threat patterns that make up 92% of security incidents.  Out of the 1,367 confirmed data breaches analyzed, the cyber espionage pattern accounted for 22% of the attackers recorded by Verizon and its partners, while point-of-sale (POS) intrusions made up 14% of the breaches in this year’s report.Still, Web app attacks were far and away the most common threat type, with 35% of all confirmed breaches linked to Web application security issues.

As the report suggests, no one is immune from a data breach and its taking longer to identify compromises within an organization — often weeks or months, while penetrating the organization can take only minutes or hours.  Triumfant emphatically closes the breach detection gap with its rapid detection and response capabilities. Triumfant detects breaches in real-time at the point of infiltration, generates a comprehensive and actionable analysis within minutes of the attack, and builds a situational remediation that stops the breach and repairs all of the primary and collateral damage to the machine within five minutes.

The 2014 Verizon DBIR once again underscores the importance of deploying a more focused and effective way to fight cyber threats.  You will be breached, you are not prepared, and the adversary is taking advantage. A new approach is needed — the endpoint is your last line of defense.