Posts

What Do Data Breaches Really Cost? Let’s Break It Down.

This is part 1 of a 4-part series examining data breaches, what they cost, why they are increasing in frequency, and what you can do about them.

By just about every measure, 2015 was a record year for data breaches, and 2016 is on pace to beat it. Not only is the number of breaches increasing, but so are the costs. The Ponemon Institute’s 2016 study of 383 organizations worldwide found that the average cost of a data breach rose from $3.79 to $4 million over the previous year. If numbers like that make your eyes glaze over, let’s break them down into components any business can relate to: what really constitutes the cost of a breach?

Read more

Infection Monkey Is on the Loose!

Today we are releasing the Infection Monkey, our inhouse tool for testing a data center’s resiliency to perimeter breaches and internal server infection. The Infection Monkey is a new open source security testing tool that we’ve developed at GuardiCore to test the resiliency of modern data centers to attack. Being good sports, we are sharing it with the security community. Just pick a random machine, release the Infection Monkey and see where it ends up. Use our Monkey to test whether your security systems can detect, stop and contain real threats. The monkey is benign and does not pose any risk to your network.

In our Black Hat 2016 session we will show how using the Infection Monkey for in-house penetration testing can be of great value to security teams, explain why this tool is important and present some use cases on how to use the tool in real-world security testing scenarios.

Read more

Why Vinod Khosla Got It Wrong about Cyber Crime?

In a recent piece in Forbes following the Anthem data-security breach, legendary venture capitalist Vinod Khosla wrote “There’s a universal truth regarding every cyber-attack: attack behavior never appears normal”.

While Mr. Khosla is a maverick in many fields I believe this time he got it wrong. Please allow me to explain.

Let’s consider a different example, the recent Carbanak cyber crime campaign, through which over 100 global banks were robbed of an estimated one billion dollars. The technology aspect of the attacks got the most media attention. However, in reality the technology was not nearly as advanced as state-of-the-art technology used by some intelligence agencies around the world (e.g. Stuxnet, Flame or the Equation Group). Read more