NIST SP 800-137

From: Softpedia News Release

The operating system is available for download for free

From: Public Contracts Scotland

Notice Details

From: InformationWeek/DarkReading

Advice from a former SOC manager on how to leverage threat intel without increasing the bottom line.  

During my time managing a security operations center at one of the largest defense contractors, executives would constantly scrutinize security budgets, focusing on the areas of security architecture that could be streamlined. The process typically would lead to one burning question: how can security teams leverage threat intelligence to increase ROI without adding headcount or doubling the bottom line? My answer involved five key steps:

From: The Register

Pitch: Bust up the 200 day-long hacker party.

Microsoft’s Advanced Threat Analytics is going general-availability next month, so – as Redmond says – enterprises can more quickly spot intruders in their networks.

Since the last preview version, ATA engineering head Idan Plotnik says the framework has 13 new features to make it more scalable, with improved threat detection.

Read Complete Article

From: eWeek

By Sean Michael Kerner 

Facebook is adding query packs to the open-source osquery security framework that group together common sets of use cases for data analysis.

Facebook is enhancing its open-source osquery security framework with new features that make it easier for users to organize and gain insight from operating system information.

***

The incident-response query pack can also potentially help organizations identify privilege-escalation attacks. Marcos noted that, in order to escalate privileges, one has to perform actions or commands.

Read Complete Article

From: Defense One

From: Control Engineering

As attacks on industrial control systems (ICSs) become more frequent and increasingly sophisticated, defensive strategies must evolve to keep up. Fortunately, the tools are getting better. See related video.

Eric Knapp

***

Understanding risks

The plant floor and process units have become a growing area of concern for cyber security. In much of the industrial base, operations are digitally driven. The era of analog has given way to networks of computers, automated machinery, and ubiquitous sensors. Plants are driven by a digital thread of technical data—product and process information—that can be shared throughout the enterprise and must be protected.

From: WindowsITPro

John Savill

Q. What is Microsoft Advanced Threat Analytics?

A. Microsoft Advanced Threat Analytics (ATA) is based on Microsoft’s Aorato acquisition and provides a solution to help protect your organization from advanced attacks. It uses a number of methods to identify and provide alerting to attacks in your environment before they actually cause any damage. The best analogy I have heard is for credit card companies that monitor your normal usage patterns and alert you for something out of the ordinary. This is what ATA does for your organization’s security. The key methods to detect attacks are:

Editor’s Note: GAO’s testimony, INFORMATION SECURITY: Cyber Threats and Data Breaches Illustrate Need for Stronger Controls across Federal Agencies (GAO-15-758T) is available here.

From: Network World

GAO: Information security incidents reported by federal agencies have risen from 5,503 in fiscal year 2006 to 67,168 in 2014.

By Michael Cooney

When it comes to the government protecting all manner of state and personal information, the feds can use all the help it can get.

Editor’s Note: GAO’s complete testimony (GAO-15-758T) is available here. Below is an excerpt.

From: GAO

Currently, we are reviewing NCPS in response to provisions of the Senate and House reports accompanying the Consolidated Appropriations Act, 2014. The objectives of our review are to determine the extent to which (1) NCPS meets stated objectives, (2) DHS has designed requirements for future stages of the system, and (3) federal agencies have adopted the system.

Our final report is expected to be released later this year, and our preliminary observations include the following: