Thursday, June 18, 2015

Hack Me Out To The Ballgame. Cyber Attacks a Game Changer.

There is little question that cyber security is more important than people ever imagined it would be. Just a few short years ago, having up-to-date firewalls and anti-virus software was considered more than enough protection for most companies and organizations. Today, however, C-Level Executives are faced with a new, more simplified information security-focused raison d'etre: "Keep us out of the news."
A recent report indicates that cyber-attacks increased by 48% in 2014 alone, and that number has rapidly increased through 2015. In addition, almost every major company (whether in retail, sports, entertainment or even the Federal government) has faced at least one cyber-attack in their past; if successful, those cyber-attacks yield damages in the millions to billions of dollars, as well as create public relations nightmares.  

Hack me out to the Ballgame

The most recent negative headlines involve America’s Pastime. The St. Louis Cardinals, with the best record in baseball this year and a perennial playoff contender, are under investigation by the FBI and Justice Department for hacking into the Houston Astros database (called Ground Control) to garner closely guarded information about the inner workings of the Astros front office, and specifically General Manager Jeffrey Luhnow.
The biggest question is: why would one of the most successful franchises over the past 20 years want to steal information from one of the worst teams over the past 10 years? The answer is Luhnow. He did not come from a baseball background when he joined the Cardinals back in 2003, but his use of analytics in drafting ballplayers figured prominently in the sustained excellence of the organization. After moving to the Astros in 2011, Luhnow built Ground Control to help revamp that struggling franchise. It was from Ground Control that information began to spill out for 10 months until June 2014 when the FBI was called in. While it is still an ongoing story, rumors swirl that the hackers were able to infiltrate by using passwords from the system Luhnow had used in St. Louis, and that the hack was not as much a theft of baseball operations data as it was more of a character assassination attempt on Luhnow.
The Cardinals officials who orchestrated the hack will certainly be prosecuted by the Justice Department, and the team itself will have fines levied and lose draft picks; never mind the public relations hit they will take being branded as cheaters. According to Luhnow, Ground Control’s security has been upgraded. Better training in security, including a greater password creation methodology, might have made this hack a big whiff.

Caveat Emptor

As the 2013 holiday shopping season began in late November, hackers installed malware on Target's Point of Sale (POS) registers that was designed to capture customer contact and credit card information used at their almost 2,000 retail store locations. By December 15th, Target confirmed the data breach had resulted in over 70 million stolen customers information (including name, address, email, phone, etc.) as well as 40 million compromised customer credit and debit cards.
Three days later, CEO Gregg Steinhafel sent the following letter detailing the breach to their customers:
In the weeks that followed, Target, once associated with "quality for less" and praised by Forbes in 2010 for "getting the simple things right (and a lot more)", incurred a constant and sustained barrage of media coverage that resulted in a public relations disaster that brought about a 46% drop in quarterly year over year profits.
On March 4th, Steinhafel, in an effort to restore the company's reputation among wary shoppers concerned about the security of their personal data, announced the resignation of CIO Beth Jacob.  By May 5th, Steinhafel himself was gone, having been forced to resign his positions as President, CEO and Chairman of the Board of Directors.
Steinhafel's ouster demonstrates that cyber-attacks and the damages they inflict place BOTH organizations and their executives (not just Chief Information and Chief Information Security Officers) at risk.
Ultimately, the Target breach was wholly avoidable, as a recent purchase of a $1.6 million dollar installation of FireEye (an advanced persistent threat anti-malware system) would have detected and deleted the malicious software. Unfortunately for Target, they had turned off the feature that would have stopped the attack. The great Target lesson is that company managers need to be armed with the knowledge required to understand the importance of preventing and combating cyber-attacks - as well as the requisite knowledge and training with which to contribute to security policy decision making. All C-Level Executives need to understand more in-depth technological concepts to collectively solve information-security challenges to ensure that their company does not fail both their consumers and shareholders.

"Angelina Jolie is a minimally-talented spoiled brat - between you and I"

While it is an unfortunate reality that there are new stories of cyber-attacks coming out all the time, perhaps the most embarrassing in recent memory is the Sony Pictures breach from late 2014. During that attack, (which had been going on for possibly a year prior to being found out) hackers were able to access everything from how much Sony was paying actors in their movies (and private email correspondence between Sony executives about what they really thought of certain actors, such as Angelina Jolie), the raw video footage of upcoming movies (including The Interview, which was originally supposed to be a holiday tent pole for Sony), and countless documents about internal business operations. While experts still aren't sure exactly how much the Sony breach will ultimately cost, estimates have already exceeded $100 million (and counting). However, perhaps even more important than the monetary cost (or at least as important) is the damage that Sony's reputation has suffered.
Perhaps the biggest loser from the breach was Sony Pictures co-chairwoman Amy Pascal. The release of her private emails gave intimate behind-the-scenes access of Sony Pictures day to day operations but the back and forth emails between her and other high profile Sony and Hollywood players her which derided not only actors, but also President Obama. These emails subsequently led to her stepping down from her co-chairwoman position in May.
Again, the ultimate cost to their reputation has yet to be determined, but it isn't difficult to envision actors and actresses that are reluctant to trust Sony with salary and other sensitive information, at least until Sony can prove that they have completely revamped their cyber security protocols. 

Even the Feds aren’t secure

Large for-profit corporations aren't the only entities at risk of cyber-attacks. Just in the past few days, it was announced that servers of the United States Federal Government (specifically the Office of Personnel Management) were hacked over a 5 month period, with as many as 14 million former and current civilian employees' Social Security numbers, birth dates, job assignments, training records, and benefit selection decisions being stolen.
According to an assistant inspector general (Michael Esser) of the Office of Personnel Management testifying before the House Committee on Oversight and Government Reform, the agency has persistently failed to meet basic computer security standards- as Katherine Archuleta, the head of the OPM faces congressional pressure to step down. Esser stated that many of the people hired to run the agency’s IT department had no computer experience, and that the agency itself did not discipline its employees after it failed several security audits. Archuletta, according to lawmakers, was told by the inspector general on multiple occasions to shut down the hacked system, but ignored those warnings, exposing the information. Committee Chairman Jason Chaffetz, R-Utah, said that the OPM’s security strategy was on par with leaving its doors and windows unlocked and trusting nothing would be stolen, and called on Archuletta to step down.
As a response to the OPM hack, Federal Chief Information Officer Tony Scott ordered government agencies to beef up their network security by launching the “Cybersecurity Sprint”, a 30 day program to implement better cyber security protocols. The fallout from this hack remains to be seen; will this information be used as leverage to force OPM employees to spy for foreign services? Will better training shore up our porous cybersecurity defenses? Will anyone’s head roll?

How industry is reacting to the new realities of cyber security compared to how they SHOULD be reacting

It should come as no surprise that the cyber security industry has started to grow rapidly as a result of these new realities. While the global cyber security industry is expected to grow to an impressive $106.32 billion in 2015, that number will shoot up to an estimated $170.21 billion within the next 5 or so years. 
The most important thing that companies and government entities should do is ensure that they have talented individuals working on their cyber security. This either means hiring and developing experts directly, or contracting the work out to a reputable IT company that has a proven track record of being ahead of the curve with regards to cyber security. 
It is also important for companies to secure critical company data on proven enterprise-grade platforms. While "cloud" platforms are a viable option, these platforms require even stronger assurances that data is secure (since a hacker breach can result in a complete loss of secured data). 
To stay ahead of rapidly evolving threats, companies, contractors, and government agencies alike must move aggressively to recruit, educate and train a cyber-workforce for the future, with the skills we need to tackle this problem in the years ahead.  Industry certification programs like (ISC)2's Certified Information Systems Security Professional (CISSP) provide both a path to skills competency and a means to evaluate proficiency in this increasingly visible field.
Christopher D. Porter is the Chief Executive Officer of Training Camp, Inc.  (http://www.trainingcamp.com).  Training Camp (TC) is a leading provider of information technology and security training courses. Founded in 1999, TC has successfully trained nearly 100,000 certification candidates worldwide. 

88 comments :

  1. Agreed, cyber security is essential for modern enterprises like traditional security is. What is interesting is that data loss may cost more than for instance all the office equipment. That is why companies are ready to pay for quality data room m&a services in order to keep their data safe.

    ReplyDelete
    Replies
    1. Great Article Cyber Security Projects projects for cse Networking Security Projects JavaScript Training in Chennai JavaScript Training in Chennai The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

      Delete
  2. Each one of us is a piece of this cyber world, straightforwardly or by implication, since PCs and web are currently a basic piece of our own and expert life.BestSecurityPlace

    ReplyDelete
  3. Establishment is a breeze. Distinctive models accompany diverse mounting frameworks however few require costly apparatuses or master information. BestSecurityPlace

    ReplyDelete
  4. Great post, it was nice to see this article. It was really appreciable. Thank you so much for sharing such an informative article. Checkout here more info about i need a hacker urgently

    ReplyDelete
  5. Every business process has become online and almost every industry is turning out to be more techno oriented. cyber security course in hyderabad

    ReplyDelete
  6. Thumbs up guys your doing a really good job. It is the intent to provide valuable information and best practices, including an understanding of the regulatory process.
    Cyber Security Course in Bangalore

    ReplyDelete
  7. Very nice blog and articles. I am realy very happy to visit your blog. Now I am found which I actually want. I check your blog everyday and try to learn something from your blog. Thank you and waiting for your new post.
    Cyber Security Training in Bangalore

    ReplyDelete
  8. I will really appreciate the writer's choice for choosing this excellent article appropriate to my matter. Here is deep description about the article matter which helped me more.
    Best Institute for Cyber Security in Bangalore

    ReplyDelete
  9. Three are usually cheap Ralph Lauren available for sale each and every time you wish to buy. poker indonesia

    ReplyDelete
  10. I will do whatever it takes not to put a great deal of logical wording with the goal that a typical man or lady could comprehend the substance without any problem.cyber security training in hyderabad

    ReplyDelete
  11. A person found guilty of cyber crime shall be punishable with imprisonment for a term which may extend to three years or with fine or with both.it support services

    ReplyDelete
  12. In fact, the Air Force Academy offers a degree in "computer science-cyber warfare" and Naval Academy has made a course in "cyber security" mandatory for Freshman.How to hire a cybersecurity expert

    ReplyDelete
  13. Thank you for sharing such a Magnificent post about Information Technology. I found this blog very useful for future references. keep sharing such informative blogs with us. Best Information Technology Company

    ReplyDelete
  14. Excellent post. I was always checking this blog, and I’m impressed! Extremely useful info specially the last part, I care for such information a lot. I was exploring this particular info for a long time. Thanks to this blog my exploration has ended. traffic secrets

    ReplyDelete
  15. I am glad that I came to see this, I really loved it your writing way about cyber attack. Thank you for sharing it. I have bookmarked your page, excited to see more of it! Oracle Apps Training

    ReplyDelete
  16. That appears to be excellent however i am still not too sure that I like it. At any rate will look far more into it and decide personally! sviluppo siti web Milano

    ReplyDelete
  17. Email is essential part of communication on the Internet. Most web hosting companies out there will give you more email addresses and more space to hold email messages than you will ever need. ssd vps hosting

    ReplyDelete
  18. I agree with you -- and your points are absolutely correct Drug treatment centers in New Orleans

    ReplyDelete
  19. I read this article, it is really informative one. Your way of writing and making things clear is very impressive. Thanking you for such an informative article.Cheap VOIP Phone system

    ReplyDelete
  20. For example you might qualify for a specific level of service while your next door neighbor doesn't. Not all Internet service providers will offer the same terms and conditions, so you will also have to shop around before you make the final decision. 198.168.0.1 Admin Login

    ReplyDelete
  21. i never know the use of adobe shadow until i saw this post. thank you for this! this is very helpful. https://everlighten.com/

    ReplyDelete
  22. I want to leave a little comment to support and wish you the best of luck.we wish you the best of luck in all your blogging enedevors.
    data science course fees in bangalore

    ReplyDelete
  23. Superbly written article, if only all bloggers offered the same content as you, the internet would be a far better place..cyber security

    ReplyDelete
  24. For individuals, small business, or enterprises, it is essential to learn about cyber security in order to prevent potential threats and secure their information. As a fellow cyber security company in India, I am glad to come across this. Thank you for sharing your valuable experience. Great blog.

    ReplyDelete
  25. Do you have absolute trust in your lover or husband?
    We all know, reading other people's messages is an illegal act. However, here, in some force majeure cases, you have to do this to protect your rights and interests and find out the secrets that are being hidden.

    ReplyDelete
  26. fundamentally makes the overlaid secure of the board which is actually similar to some sort of terrible. This material has normal shade. printed circuit board assembly manufacturer

    ReplyDelete
  27. I am thankful to this blog giving unique and helpful knowledge about this topic. Sophos Partner Brisbane

    ReplyDelete
  28. I am glad to discover this page. I have to thank you for the time I spent on this especially great reading !! I really liked each part and also bookmarked you for new information on your site.
    Data Science Course Syllabus

    ReplyDelete
  29. It's very nice of you to share your knowledge through posts. I love to read stories about your experiences. They're very useful and interesting. I am excited to read the next posts. I'm so grateful for all that you've done. Keep plugging. Many viewers like me fancy your writing. Thank you for sharing precious information with us. Best hire a hacker to change school grades service provider.

    ReplyDelete
  30. This comment has been removed by the author.

    ReplyDelete
  31. Extremely useful information which you have shared here about Commercial Security systems West Midlands. This is a great way to enhance knowledge for us, and also beneficial for us. Thank you for sharing an article like this.

    ReplyDelete
  32. Thank you so much for sharing this blog with us. It provides a collection of useful information. You obviously put a lot of effort into it! Best i need a hacker for hire service provider.

    ReplyDelete
  33. toptan iç giyim tercih etmenizin sebebi kaliteyi ucuza satın alabilmektir. Ürünler yine orjinaldir ve size sorun yaşatmaz. Yine de bilinen tekstil markalarını tercih etmelisiniz.

    Digitürk başvuru güncel adresine hoşgeldiniz. Hemen başvuru yaparsanız anında kurulum yapmaktayız.

    tutku iç giyim Türkiye'nin önde gelen iç giyim markalarından birisi olmasının yanı sıra en çok satan markalardan birisidir. Ürünleri hem çok kalitelidir hem de pamuk kullanımı daha fazladır.

    nbb sütyen hem kaliteli hem de uygun fiyatlı sütyenler üretmektedir. Sütyene ek olarak sütyen takımı ve jartiyer gibi ürünleri de mevcuttur. Özellikle Avrupa ve Orta Doğu'da çokça tercih edilmektedir.

    yeni inci sütyen kaliteyi ucuz olarak sizlere ulaştırmaktadır. Çok çeşitli sütyen varyantları mevcuttur. iç giyime damga vuran markalardan biridir ve genellikle Avrupa'da ismi sıklıkla duyulur.

    iç giyim ürünlerine her zaman dikkat etmemiz gerekmektedir. Üretimde kullanılan malzemelerin kullanım oranları, kumaşın esnekliği, çekmezlik testi gibi birçok unsuru aynı anda değerlendirerek seçim yapmalıyız.

    iç giyim bayanların erkeklere göre daha dikkatli oldukları bir alandır. Erkeklere göre daha özenli ve daha seçici davranırlar. Biliyorlar ki iç giyimde kullandıkları şeyler kafalarındaki ve ruhlarındaki özellikleri dışa vururlar.

    ReplyDelete
  34. I want to leave a little comment to support and wish you the best of luck.we wish you the best of luck in all your blogging enedevors.
    business analytics courses

    ReplyDelete
  35. Thanks for sharing it will help every reader Devops training

    ReplyDelete
  36. Hey what a brilliant post I have come across and believe me I have been searching out for this similar kind of post for past a week and hardly came across this. Thank you very much and will look for more postings from you Best professional hacker for hire service provider.

    ReplyDelete
  37. Thank you so much for taking the time to share this blog with us. It has a wealth of important information.

    Know more about German Language

    ReplyDelete
  38. This website was... how do I tell it? Relevant!! I finally found something that helped me. Thanks a lot! Good post. Thank you very much .. It is quite easy to get a Turkish Visit Visa. All you have to do is apply online for the e Visa of Turkey for which the form is easily filled.

    ReplyDelete
  39. You have shared a lot of information in this article about Hire Hacker For Email Password. I would like to express my gratitude to everyone who contributed to this useful article. Keep posting.

    ReplyDelete
  40. Appreciate for this post.. US citizens who wish to travel to Azerbaijan need to apply for Azerbaijan visa for US citizens through online visa application with 24/7 customer support.

    ReplyDelete
  41. Thanks for your blog, i followed your tips given in this blog, very useful to me and i also post regular blogs on cyber security if you want to read about Big Data Analytics and how to prevent cyber security attack visit my official blog page.


    ReplyDelete
  42. I am glad to discover this page. I have to thank you for the time I spent on this especially great reading !! I really liked each part and also bookmarked you for new information on your site.
    Data Science Course in Gurgaon

    ReplyDelete
  43. You are providing good knowledge. It is really helpful and factual information for us and everyone to increase knowledge. Continue sharing your data. Thank you. Read more info about Trusted Website Hackers For Hire

    ReplyDelete
  44. I am glad to discover this page. I have to thank you for the time I spent on this especially great reading !! I really liked each part and also bookmarked you for new information on your site.
    Data Science Course in Delhi

    ReplyDelete
  45. Thanks for such a valuable post. I am waiting for your next post, I have enjoyed a lot reading this post keep it up.
    카지노사이트

    ReplyDelete
  46. Thank you for sharing this useful article. Keep it up! Regards!
    온라인카지노

    ReplyDelete
  47. Excellent Blog! I would like to thank you for the efforts you have made in writing this post.
    스포츠토토

    ReplyDelete
  48. Shop from a wide selection of mens jackets star lord jacket and coats. Free shipping and free returns on eligible items.

    ReplyDelete
  49. I really like your blog site.. excellent shades & style. Do a person pattern this excellent website oneself or even have people hire an attorney to make it happen available for you? Please answer while I!|m seeking to style and design my very own blog as well as would wish to learn where u obtained this specific out of thanks a lot 야한소설

    ReplyDelete
  50. Hi 대딸방, I think that I saw you visited my weblog thus I came to “return the favor". I am trying to find things to improve my website! I suppose its ok to use some of your ideas!!

    ReplyDelete
  51. I think this is one of the most significant information for me. And i am glad reading your article. But want to remark on some general things, The website style is perfect, the articles is really great : D. Good job, cheers 스포츠마사지

    ReplyDelete
  52. Great article! We will be linking to this particularly great article on our website. Keep up the good writing.

    출장마사지

    ReplyDelete
  53. Extraordinary data partook in your article about the Cyber Attacks. It is an interesting article and exceptionally simple to peruse. I making the most of your article. Hire A Professional Hacker.Kindly continue to post this sort of good article.

    ReplyDelete
  54. Shop from a wide selection of mens jackets halloween costumes and coats. Free shipping and free returns on eligible items.

    ReplyDelete
  55. Writing a blog post is really important for growth of your websites.Thanks for sharing amazing tips. get one of the best professional security guard course. then visit our website.

    ReplyDelete
  56. I just stumbled upon your blog and wanted to say that I have really enjoyed reading your blog posts. I hope you post again soon. Big thanks for the useful info. Cyber Security Services Companies

    ReplyDelete
  57. Attractive component of the material. I just stumbled across your web site and accession capital to say that I really enjoyed your site. With just a few clicks, foreign nationals can apply for a Kenya online visa application from their home. Fill the form with accurate and complete information about the passenger's data.

    ReplyDelete
  58. Thanks for publishing such great information. You are doing such a great job. This information is very helpful for everyone. Keep it up. Thanks. Read more info about Hire A Professional Hacker

    ReplyDelete
  59. You wrote this post very carefully.security bank application The amount of information is stunning and also a gainful article for us. Keep sharing this kind of articles, Thank you.

    ReplyDelete
  60. Thanks for shared that blog with us. If anyone here searching buy antivirus then visit K7 Computing.

    ReplyDelete
  61. Extremely useful information which you have shared here.Trusted Website Hackers For Hire This is a great way to enhance knowledge for us, and also helpful for us. Thankful to you for sharing an article like this.

    ReplyDelete





  62. It’s great to come across a blog every once in a while that isn’t the same out of date rehashed material. Fantastic read.Best hire a hacker for social media service provider

    ReplyDelete
  63. You composed this post amazing about this topic. I got data from your article, it is precious for me and furthermore for other people. Continue sharing this sort of information. Hacker For Spy Services Online

    ReplyDelete
  64. Thank a lot. You have done excellent job. I enjoyed your blog . Nice efforts data science training in noida

    ReplyDelete
  65. Thanks for sharing this! All the best!

    ReplyDelete
  66. The CCNA certification course, which is taught mainly at secondary and post-secondary levels, features the following modules: Networking Basics, Routers and Routing Basics, Switching Basics and Intermediate Routing, and WAN Technologies. CCNA Classes in Pune

    ReplyDelete
  67. Thanks for sharing the info. I located the information very useful. That’s a brilliant story you posted. I will come back to read some more. Feel free to visit my website; 토토사이트

    ReplyDelete
  68. Simply desire to say your article is as amazing. The clarity on your post is just excellent and that i can think you’re knowledgeable in this subject. Fine together with your permission allow me to grasp your RSS feed to keep updated with impending post. Thanks one million and please continue the rewarding work. Feel free to visit my website; 카지노사이트

    ReplyDelete
  69. You are terrific. You’re actually like an angel that composed this remarkable things as well as composed it to your visitors. Your blog site is best, consisting of material format. This ability resembles a professional. Can you inform me your abilities, as well? I’m so interested. Feel free to visit my website; 카지노사이트

    ReplyDelete
  70. This is very interesting, You're a very skilled blogger. I've joined your feed and look forward to seeking more of your great post. Also, I have shared your web site in my social networks! Feel free to visit my website; 배트맨토토

    ReplyDelete
  71. I read this article, it is really informative one. Your way of writing and making things clear is very impressive. Thanking you for such an informative article.fortinet network access control service

    ReplyDelete
  72. I read your post and got it quite informative. I couldn't find any knowledge on this matter prior to. I would like to thanks for sharing this article here.Cyber Security Course Online In Canada

    ReplyDelete
  73. I admire this article for the well-researched content and excellent wording. I got so involved in this material that I couldn’t stop reading. I am impressed with your work and skill. Thank you so much.Cyber Security Course Online In Canada

    ReplyDelete
  74. You seemed to have gone to great lengths to get a vacation from blogging. Next tune just say you are taking a break. ;) I do wish you a speedy recovery. I hope you feel like Casement Doors and Windows sharing all. I will miss you while you are recovering. Take care.

    ReplyDelete
  75. I have been searching for such an informative post for many days and it seems my search just ended here. good work. keep posting. If you want to get Information about Hire A Cell Phone Hacker visit our website.

    ReplyDelete
  76. Great article this is really informative and innovative: with new updates.with new updates. It was really valuable. Thanks a lot.Indian Business Visa is an electronic business travel authorization. Foreigners who want to come to India for business purposes like: business, attending technical meetings, setting up industrial/business etc. You can apply through the India business visa site.

    ReplyDelete
  77. Share great information about your blog , Blog really helpful for us . Hosted Phone Systems

    ReplyDelete
  78. Muhammadi Exchange is one of the fastest growing money exchange companiesin Pakistan, providing services such as foreign exchange, money transfer and payment solutions to thousands of customers
    western union locations

    ReplyDelete
  79. This article you've just presented is appealing. I'd like to learn more about these types of blogs. Thank you so much for sharing this blog.Cybersecurity News Headlines Today Canada

    ReplyDelete
  80. I love to read this, thank you... Getting an Indian visa online is easy. You can apply via evisa India website online fully securely.

    ReplyDelete