"Week 03 #NCSAM: Recognizing and Countering Cyber Crime"

Editor's Note: National Cyber Security Awareness Month (NCSAM) is hereand we are enablingorganizations to make this most of October. Every Monday, we areposting a new blog on how to make the most of NCSAM and the NCSAM Planning Kit. The planning kit is everything you need for a successful October, to include daily activities, resources … Continue reading Week 03 #NCSAM: Recognizing and Countering Cyber Crime

from lspitzner

"Why Bruce is Wrong About \"Fixing\" the User"

  Recently Bruce Schneier posted a blog titled "Security Design: Stop Trying to Fix the User". As usual, Bruce raises some interesting points that are well thought out. What is unusual in this case is I strongly disagree with him. I've known and respected Bruce for over 15 years now (he was one of … Continue reading Why Bruce is Wrong About "Fixing" the User

from lspitzner

Understanding the geography of malware

Threat patterns are constantly shifting, and our latest security intelligence report zeroes in on some of the world’s malware hot spots. For more than 10 years, Microsoft has carefully studied the evolving cyber threat landscape and shared findings with the wider security community.  We base our analysis on one of the most complete security data sets in the world, which includes data gathered from more than 600 million computers worldwide.

Microsoft collects, analyzes and reports detailed data related to exploits, vulnerabilities and malware twice a year in our Security Intelligence Report (SIR). We determine malware infection rates using the computers cleaned per mille (thousand) formula. This method represents the number of computers cleaned for every 1,000 executions of the Microsoft Malicious Software Removal Tool (MSRT), a free tool distributed by Microsoft that removes more than 200 highly prevalent or serious threats from computers.

As in the previous years, during the second half of 2015 we saw uneven rates of infection around the globe. Iraq, Libya, Mongolia, Pakistan and the Palestinian territories had the highest infection rates overall. In contrast, Denmark, Finland, Iceland, Norway and Sweden have been among the healthiest locations in the world with regard to malware exposure — the infection rates for these locations were typically about half of the worldwide average.

Infection rate information can help provide a broader picture of the threat landscape by offering perspectives on how threats propagate and computers become infected.

Defend your organization against escalating risks

Worldwide, the malware infection rate increased in the final quarter of the year, from 6.1 computers cleaned per mille in the third quarter of 2015 to 16.9 in the fourth quarter. Our research reveals the increase during 2015 was largely due to Win32/Diplugem, a software family that modifies web browsers so that users see extra advertisements while browsing. When calculating these rates, only computers whose users have opted in to provide data to Microsoft are considered.

Microsoft strives to make the SIR one of the most useful sources of information about cyber threats and mitigation. Systematic analysis and comparison of areas highly impacted by malware against those least affected can help uncover the various technical, economic, social and political factors that influence regional malware infection rates.

It’s our belief that informing policymakers and IT professionals about malware trends will help them understand and manage risk better, both regionally and worldwide. I encourage you to use the report to assess your own situation and help defend against the most significant risks to your organization.

To understand security threats in your region or view the current or previous editions of the SIR, visit www.microsoft.com/security/sir.  For more information about Microsoft Security products and solutions – visit us at Microsoft Secure

from Microsoft Secure Blog Staff

"Less is More: How to Optimize Your Security Awareness Training"

It's Thursday and Sue, a 15 year company veteran, sits down to take yet another mandatory training program before the Friday deadline. She's calculated that over the course of her career she has completed hundreds of hours of training. Even though she wants to do the right thing and make the company more secure, her … Continue reading Less is More: How to Optimize Your Security Awareness Training

from Securing the Human

"Week 02 #NCSAM: Creating a Culture of Cybersecurity in the Workplace"

Editor's Note: National Cyber Security Awareness Month (NCSAM) is coming up and we are enablingorganizations to make this most of October. Every Monday, we will be posting a new blog on how to make the most of NCSAM and the NCSAM Planning Kit. The planning kit is everything you need for a successful October, to … Continue reading Week 02 #NCSAM: Creating a Culture of Cybersecurity in the Workplace

from lspitzner

NSA Chief Says U.S Needs To Upgrade To Fight Against Cyber Threats

USA needs to change its strategy to protect against cyber warfare

NSA Chief outlined that U.S needs to upgrade their cyber security systems to fight rising cyber threats.

He said that the United States will need to rethink its strategy and use a combination of strategies to fight back the rising risks of foreign countries attacking our computing networks.

He gave this speech during a visit to a packed room at the Kennedy School on Wednesday.

He also outlined the daunting challenges of defeating cyber threats of foreign countries and independant cyber criminals.

In order to confront cyber attacks, he said that the U.S needs better network protection.

Read more details http://news.harvard.edu/gazette/story/2016/10/u-s-needs-upgrade-against-cyber-threats-commander-says/

The post NSA Chief Says U.S Needs To Upgrade To Fight Against Cyber Threats appeared first on Cyber Security Portal.

from Gilbertine Onfroi

"The Psychology of Information Security Culture - At The European #SecAwareSummit"

Editor's Note:Leron Zinatullinisauthor of The Psychology of Information Security.Heis one of the speakers for the upcoming European Security Awareness Summit in London 11 Nov. Below hediscusses histalk on positive ways to get your employees on board with information security. In order to reduce security risks within an enterprise, security professionals have traditionally attempted to guide … Continue reading The Psychology of Information Security Culture - At The European #SecAwareSummit

from lspitzner