CISCO to launch iPhone App

CISCO is preparing to launch a new security iPhone App. According to their website, the “Cisco® SIO To Go, an Apple iPhone application that puts the power of the Cisco Security Intelligence Operations (SIO) in users’ hands, giving them real-time access to a wealth of actionable global security information no matter where they are. The Cisco SIO iPhone application enables users to personalize alerts to show only those security threats that could impact their network and provides added assurance that they are being protected by their Cisco security solution.”

Some of their planned alerts include:

• Cisco Product Security Incident Response Team (PSIRT) Alerts
• Cisco Intrusion Prevention Systems (IPS) Signatures
• Cisco Applied Mitigation Bulletins
• Cisco Threat Outbreak Alerts
• And many others

Sounds like an interesting App… 

Update: App is available now…

Printer Diving

I had an interesting conversation this week. A gentlemen told me that he frequently sees things on printers that are of interest to him. It’s understandable that people often print new diagrams, Org charts, or special project material that others may find interesting. Nothing out of the ordinary there… However, he went further and said that many times he has no idea where the items come from or who they belong to, but if they sit on the printer too long he feels that the documents belong to him.

I found this statement quite humorous at first. Actually, I laughed for a few seconds because I thought he was kidding. As it turns out, he was very serious. I thought about it for a while and realized that this is likely going on all the time in large enterprise environments.  A user could print out a sensitive document to a print station, someone grabs it by accident, and then the document owner shows up to nothing at the printer. Thinking that the printer may have malfunctioned, the document owner may re-print it and think nothing else about it. The other person that grabbed it by accident may eventually decide to return the document to the printer. At that point, the document just sits on the printer to be glanced over by anyone using that printer. Someone could then decide to go “Printer Diving” and pick up the sensitive document without a valid need-to-know.

While this may seem a bit trivial since only authorized employees should have access to print stations, let’s not forget about non-cleared visitors, disgruntled employees, competitors, or simply authorized users without a need to know.  In that regard, printer diving can be compared to dumpster diving.

Gone Facebook Phishing?

The folks at Appriver recently reported that attackers have started a serious campaign against Facebook users. According to their reports, the botnet is sending over 500 phishing messages per second. And get this, along with stealing your Facebook credentials, the botnet prompts unsuspecting users to download what appears to be an “update.” What the user really gets is malware crafted to target bank account and other financial information.

For more information on this attack, visit the Appriver blog.

What is ISO 17799?

ISO 17799 is a set of standards created by the International Organization for Standardization.  ISO is responsible for creating numerous standards, including the OSI model. ISO 17799 covers a broad range of information security practices and acts as a framework for an organization to establish and implement a security management program. The ten security domains that make up ISO 17799:2000 include:

• Security policy: This domain provides input into security management from a top-down perspective and the creation of an effective security management program.

• Organizational security: This domain focuses on both internal and external management of operational security. It isn’t limited to technical controls, but also relationship and reputation issues.

• Asset classification and control: This domain focuses on organizations, prioritizing, and classifying information based on sensitivity and need for confidentiality and availability. It also covers the day-to-day use and storage of such information.

• Personnel security: This domain focuses on procedures for hiring, firing, and training of employees. Employees must be screened prior to employment and consent forms need to be addressed and signed.

• Physical and environmental security: This domain covers the protection of assets from damage to its physical infrastructure and providing access controls via cipher locks or other mechanisms. It also covers HVAC and power controls.

• Communications and operations management: This domain covers techniques for ensuring secure communications and providing data integrity through the use of firewalls, AV protection, encryption, and backups.

• Access control: This domain covers access and monitoring controls through the user of discretionary, mandatory, and role based controls. This constitutes authentication and identity management.

• System development and maintenance: This domain covers change management of systems with the advancement of technology to ensure compatibility and overall quality assurance.

• Business continuity management: This domain covers strategies for protecting a business from massive outages and prepares a company for unforeseen circumstances such as natural disasters and impromptu recovery missions.

• Compliance: This domain covers law and legislation from a state, local, and federal standpoint. It goes into protection of trade secrets and intellectual property.

Recently, the standard was revamped and is now known as ISO 270002:2005. In addition to the new version and updates, the domain names are now:

• security policy;
• organization of information security;
• asset management;
• human resources security;
• physical and environmental security;
• communications and operations management;
• access control;
• information systems acquisition, development and maintenance;
• information security incident management;
• business continuity management;
• compliance.

Organizations  should create policies for each domain (unique to their mission and objectives).

Where have I been?

I’ve been poking in and out of this blog for a while now. Why? Well, I’m working on my first book. So in between writing, blogging, working, and life, I’ve been quite busy… Subscribe to my feed for upcoming information on my book.

« Previous Page — Next Page »