Tag Archives: IT security

Careers in Technology: Threat Intelligence

A silhouette of a hacker with a black hat in a suit enters a hallway with walls textured with random letters 3D illustration backdoor conceptI recently came across an interesting New York Times article highlighting the field of threat intelligence. Gartner expects the market for this security service to reach $1 billion next year, up from $255 million in 2013. Surely there must be job opportunities for the person with the right preparation, education, and credentials. I did more research into this technology career and came up with some interesting prospects.

Making Lemonade out of Lemons

In the article, the author cited a case of a family welding shop in Wisconsin that ran a small server for tracking orders, billings and suppliers. Their server was hacked, and they were totally unaware until a Silicon Valley security firm contacted them. The firm noticed that it had become a proxy to get to other vulnerable servers, some from very large companies. The security firm left the server in place but now closely monitors the traffic going in and out of it and can preemptively warn clients when they have been breached or are about to be compromised. Threat intelligence is really about being proactive, as opposed to reactive, and monitoring security issues or paying others to monitor them for you.

Education

For education in this field, it is best to pursue the Certified Information Systems Security Professional designation. This training is available through self study, on-site or online training which prepares you for the mandatory tests. There is even a “CISSP For Dummies” book but I am not sure I would trust my network to someone who chose that route to learn the business.

In addition to the CISSP, there are specialized courses in threat intelligence to augment the CISSP training and certification. These courses take you beyond basic intrusion detection and teach you how to battle persistent threats and how to programmatically counter these threats.

Jobs

There are jobs available in private industry for security firms that do threat intelligence and sell that information to clients. Many major corporations want to build in-house expertise in this area in order to fend off hackers and protect proprietary information. There are also government jobs available from agencies trying to get the upper hand on security threats. This expertise might have prevented the breach of the Democratic National Committee that I mentioned in last week’s blog.

Thoughts

Network and system security is becoming more critical as some of our most valuable assets are the data we store about customers, new products, proprietary processes, and partner agreements. It is essential for firms and agencies to do all they can to protect that data. That means now moving from a reactive approach to the proactive and systematic method offered by the new field of threat intelligence.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

Watergate 2016: The Evolution of Technology

Stylized photo of a hooded hacker at a laptop.The political season in the U.S. is now in full swing and I had to smile at a recent article about a security breach of a Democratic National Committee server and the  alleged theft of background information on the Republican candidate, Donald Trump. For a moment I thought I had slipped back to 1972 when a break-in and attempted wiretap occurred at the Watergate hotel and office complex where the Democratic Committee was headquartered. The more things change, the more they stay the same. In this case though, the technology has evolved from breaking, entering, and wiretapping to sophisticated digital entry to specific servers. Let’s take a look at the evolution of technology in terms of security.

1972

I followed the Watergate scandal closely even though I was only a teenager. Members of the “committee to re-elect the president” were found to have masterminded a break in into the Watergate office building to plant wiretaps on the phones of key members of the Democratic Committee. Several players were indicted and sentenced to prison and President Nixon eventually resigned under suspicion of having authorized the break-in and for keeping secret recordings. When the Watergate burglars were caught, they were found with:

“… at least two sophisticated devices capable of picking up and transmitting all talk, including telephone conversations. In addition, police found lock-picks and door jimmies, almost $2,300 in cash, most of it in $100 bills with the serial numbers in sequence.

The men also had with them one walkie-talkie, a short wave receiver that could pick up police calls, 40 rolls of unexposed film, two 35 millimeter cameras and three pen-sized tear gas guns.”

2016

Fast forward almost 45 years and consider the modern tools of the burglary/cyber espionage trade. No longer is it necessary to even be near a physical building; a lucrative break-in can be done from anywhere. As of this writing, it is believed that hackers linked to the Russian government broke into the Democratic National Committee servers, presumably while in Russia. Whether that can ever be substantiated or whether the individuals behind the break-in will ever be brought to justice is doubtful. Part of the hacking ethos is to cover digital tracks through multiple systems and connections so as to mask the hacker’s identity.

Thoughts

Catching five burglars with wiretapping equipment in an office building was a piece of cake compared to what law enforcement faces today. The stakes are higher in terms of the information stores that we keep and the break-in methods are much more sophisticated. The tools needed to track and prevent a strike are complicated and require advanced education and skills. As long as we continue to have security breaches, both in politics and business, organizations of all types will seek qualified professionals. The more things change, the more they stay the same.

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

The Consumerization of IT

In a recent post on TrendMicro blog, Cesare Garlati likens the IT consumerization trend to an iceberg. The visible evidence of personal devices being brought to work (i.e tablets and smartphones) is only 10 percent of the problem. The other 90 percent of the problem lies under the surface and represents the hidden problems of company data leaving the company and potential viruses coming into the environment. The lines between consumer devices and work devices have blurred significantly over the last ten years but as IT professionals we often have not kept up on the problem of security. That security extends to our infrastructure and our networks.

History

In the early days of computing, there were no personal computers except for maybe the do it yourself Heathkit. Once personal computers came into fashion, there was minimal networking available, so it was a stand-alone device that transferred data back and forth with disks. As networking became more mature, we worked our way through dial-up modems, LAN cables, and then finally wireless networks which are fast becoming ubiquitous. The differences between a consumer device and a work device are quickly disappearing. Is your organization ready for this new reality?

Devices

As mentioned above, devices have essentially become smaller and much more sophisticated over the last thirty to forty years, accelerating in the last ten years. Often, employees are asked to carry a device for work so that they can check on work status or to keep in contact with customers and vendors. Increasingly, these are handheld devices, often a smartphone. Where is the line between a company device and a personal device? Applications increasingly have web interfaces so why can’t a person use their personal smartphone to access customer data and then download the latest version of Angry Birds? In the future, as devices continue to become smaller, an astute IT worker won’t even be able to tell when a consumer device comes in the door.

Networks

Networks today are becoming ubiquitous and increasingly user friendly. With the advent of 4G networks and widespread wi-fi, many are connected 24/7, no matter where they go. In a recent article, a partnership between Google and Raven Industries is set to launch helium balloons equipped with network equipment to provide connectivity to rural areas in the US and particularly in developing countries. The combination of smaller consumer devices and ubiquitous Internet connectivity is destroying the old command and control mentality of IT departments. No longer do they have the luxury of denying access to a particular device or class of devices. The prudent IT group will work to mitigate any risks involved in unsecured devices and work to educate employees.

Thoughts

Some organizations are now giving a stipend to employees to purchase their own computer. This of course makes it harder to maintain patch images for every make and model under the sun but, if executed correctly, IT does have a say in the security components that are installed.

How does your organization handle consumer devices in the work place? Do you embrace them, tolerate them, or fear them? Let me know your thoughts.

 

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional, adjunct faculty for the University of Oregon, and academic director of the UO Applied Information Management Master’s Degree Program. He writes about IT topics that keep him up at night.

The Dark Side of IT

There has been a lot in the news lately about spying and the associated technologies used to aid said spying. Because of a leak by a contractor, it has been revealed that the US National Security Agency (NSA) has used a number of different technologies, including e-mail and phone surveillance, to spy on enemies of the state as well as regular citizenry identified as potential terrorists.

Technologies

In a recent New York Times post, author Vikas Bajaj suggests that “consumers have traded convenience for privacy”. We have the technology already to track the Internet activity of an individual. This includes e-mail archives and digital phone records, including conversations. With the advent of digital consumer technology, storing 1’s and 0’s is easy and increasingly more affordable with efficient data storage. The tools around big data make it easier to sort and pinpoint a particular thread. It is easy to capture, easy to store, and easy to sort. As an Internet consumer, is there more that we should know about these tools to be informed of our privacy and dealings?

Responsibility

When it comes to digital surveillance, what is our responsibility as a consumer? What is our responsibility as an IT practitioner? As a consumer of all things digital, I think it is our responsibility to understand the extent of which our presence is being tracked and understand that our activity on the Internet is not as private as we think. Think before you share all of your deepest, darkest secrets on Facebook. The old adage applies—“never do anything you wouldn’t want your mom to read about in the morning paper.” As IT practitioners, we may be called upon to gather data or turn over records to comply with a subpoena or court order. It is our responsibility to understand to what extent our customers and employees are protected in terms of privacy. Do you understand your company’s privacy policies? Are your customers and their records protected to some extent?

Solutions

The first solution is mentioned above and that is: be a smart consumer. Understand your presence on the Internet. Understand which sites provide a basic level of security and understand how your information moves about the Internet. The second is to understand and employ encryption techniques. This is especially important when handling customer personally identifiable information or PII. Make sure that this data is encrypted within your systems and while traveling across the network. Keep your own personal information secure and encrypted as well. Also, as an IT professional and a citizen of the cloud, you need to understand some of the techniques for preserving data such as private networks and private cloud computing.

Thoughts

Be aware before you share. Of course, all of the technology in the world is not going to stop your information from being extracted via a court order and, hopefully, you are never in that situation. For us upstanding citizens, it is imperative that we know how we are protected and how private and confidential our conversations and data really are or are not.

Do you stop to think about your privacy? Let me know your thoughts.

 

Author Kelly BrownAbout Kelly Brown

Kelly Brown is an IT professional, adjunct faculty for the University of Oregon, and academic director of the UO Applied Information Management Master’s Degree Program. He writes about IT topics that keep him up at night.

To BYOD or not to BYOD

shutterstock_128593868Bring Your Own Device or BYOD is a hot topic these days, but what’s the big deal? It seems that everyone has their own smartphone/pocket computer. We learned to deal with the Blackberry years ago. Why not blur the lines between consumer technology and business technology? Can’t we all just get along? While it may seem that your IT department is the very embodiment of Dilbert’s Mordac, The Preventer of Information Services, there is a very good reason why they are cautious and you should be too.

Security

The device belongs to the employee but the data belongs to the company. Mobile devices are great for extending our workflow, our workday, and for keeping us in constant contact. In the midst of all of this work, wherever it may happen, an employee will most likely pass company data through their mobile device, either for viewing, editing or storing. Company confidential information is worrisome enough but what about personally identifiable information (PII) belonging to your customers? Is every mobile device protected by a PIN? Is data encrypted on your device while at rest? Is data always encrypted while transiting over the network? How are employees sharing data? Over the cloud? Whose cloud? There is a lot to think about when deciding on a BYOD policy and deciding whether to allow personal devices to access your network. Bill Ho, president of Biscom has created a list of security items to consider when creating a BYOD security policy.

Platform

As the number of IT personnel has shrunk through cost cutting and rightsizing, the number of smart devices and platforms has exploded. Blackberry used to be the only game in town, but now we have Apple iOS, Android, Windows Phone, WebOS and other platforms with fun version names like Ice Cream Sandwich and Jellybean. Further up the stack, there are apps that have their own security issues. The sheer combinatorics of it all would cause any IT professional to run screaming for the network closet. To do justice to a solid BYOD policy, an organization would need at least one full time person to monitor platforms and applications that are accessing the enterprise systems. Do you have that kind of manpower? Is there a middle ground without compromising information security mentioned above?

Compatibility

Another consideration is the compatibility of all of these different devices and platforms and mobile applications and your corporate applications. Will X always talk to Y? Does it cause the IT department to scramble to get your unique permutation working for you? Is it worth the effort for your personal productivity?

Good News

There is a lot to consider when deciding to embrace BYOD. On the upside, it can extend the productivity of employees as long as security and compatibility concerns are adequately addressed. The good news is that there are tools available to help you manage mobile devices. You can find solutions from IT service providers such as IBM and Dell or from security providers such as Symantec and others. These applications can help you reach the right level of availability, convenience, and security in order for your employees to maximize their productivity and help you sleep at night.

Do you have a comprehensive BYOD plan? Is it working? What keeps you up at night?

 

About Kelly Brown

Kelly Brown is an IT professional, adjunct faculty for the University of Oregon, and academic director of the UO Applied Information Management Master’s Degree Program. He writes about IT topics that keep him up at night.