Month: September 2015

Posted on

Một ngày nào đó bạn sẽ quên, nhưng ký ức vẫn còn luôn theo bạn mãi…

Và đêm nay tôi đã gặp lại ký ức của mình, khi bắt gặp một đứa bé trai lang thang dưới trời mưa như trút nước của Sài Gòn, như một đêm mưa hằng nhiều năm về trước ở Huế. Đứa bé rét run và toàn thân ướt đẫm vì cơn mưa nặng hạt, khẽ đến bên tôi và rụt rè xin ít tiền, khi tôi đang ngồi ăn ở một quán bún bò ở dọc đường. Tôi rút ra một ít tiền lẻ cho nó, rồi lại tiếp tục cắm đầu vào tô bún bò đang ăn dở, nhưng diễn biến tiếp theo đã phải khiến tôi không thể không dõi theo. Đứa bé sau khi cám ơn tôi đã cho nó ít tiền, đã đi đến cạnh cô chủ quán và khẽ hỏi liệu cô có thể bán cho nó một ít bún bò với số tiền lẻ mà tôi vừa cho nó hay không, và dĩ nhiên những gì nó nhận được chỉ là cái lắc đầu. Đứa bé lặng lẽ đi ra và ngồi dưới mái hiên nhà cạnh quán. Và dù dưới tiếng mưa nặng hạt, tôi vẫn có thể nghe văng vẳng được tiếng khóc ấm ức và uất nghẹn của nó. Và ngay lúc đó, ký ức của tôi chợt ùa về một cách mạnh mẽ và bất ngờ. Hình như tôi đang là đứa bé đó, cũng định bỏ nhà ra đi vào một đêm mưa nặng hạt với cái bụng đói meo, bỏ nhà ra đi để không còn phải nghe những lời khinh miệt từ người khác đổ lên đầu nó, lên gia đình nó. Nhưng đứa bé ngày xưa vẫn còn may mắn là nó vẫn còn đó một mái ấm gia đình, để nó khao khát quay về trong đêm mưa lạnh giá. Đứa bé đêm nay, tôi không biết nó có một mái ấm để quay về hay không, nhưng tôi thấy vẫn còn đó đôi mắt đỏ hoe cùng tiếng khóc uất nghẹn, và nước mắt của nó hình như đã hoà lẫn vào cùng với những giọt mưa đang lăn dài trên má. Tôi gọi tính tiền và kèm theo một lời nhắn cho cô chủ quán: “Cô bán giùm tôi một tô bún bò cho cháu bé vừa nãy.”

Tôi bước đến bên cạnh đứa bé, khẽ nói với nó: “Vào ăn bún bò đi cho nóng rồi hãy về nhà, đừng dầm mưa nữa. Chú mua cho cháu rồi.” Nó ngẩng đầu lên, bất ngờ và bối rối, lí nhí nói lời cám ơn tôi, khi những bước chân tôi đã xa dần dưới cơn mưa nặng hạt…

Tôi đã nghe nhiều về việc có những đứa trẻ giả vờ tội nghiệp và đáng thương để khiến người khác động lòng bố thí ở cái xứ Sài Gòn này. Nhưng tôi đã nghĩ, nếu đứa bé tối nay lừa tôi, cùng lắm tôi cũng chỉ mất một tô bún bò. Nhưng nếu không phải thì sao? Ít nhất nó cũng đã có được một tô bún bò ấm lòng lấp đầy cái bụng đói mốc meo kia. Ít nhất nó cũng có được một chút gì đó ấm áp giữa đêm mưa lạnh lẽo này. Và quan trọng hơn, tôi chỉ mong nó sẽ vượt qua đêm mưa, sống tốt và nhiều năm sau nếu nó có gặp một đứa bé khác giữa đêm mưa lạnh giá như thế này, ký ức của nó về đêm nay sẽ sống lại và hy vọng rằng nó cũng sẽ làm như những gì tôi đã làm đêm nay….

Một ngày nào đó có thể bạn sẽ quên, nhưng ký ức vẫn còn luôn theo bạn mãi…

Philip Hung Cao
#tekfarmer
09/2015

Posted on

Vote Now: Palo Alto Networks Nominated for Three 2015 Computing Security Awards

Palo Alto Networks is a finalist for three categories in this year’s Computing Security Awards, and the vote is decided by you:

  • Anti-Malware Solution of the Year for WildFire
  • Advanced Persistent Threat (APT) Solution of the Year for Traps
  • Security Company of the Year

These awards, organized by Computing Security Magazine, were set up to recognize the solutions and the solution providers helping to keep organizations secure.

Do you like our technology? Do you think Palo Alto Networks should win? Our fate is in your hands, so please vote now.

[Palo Alto Networks Blog]

Posted on

From the Top—Keys to Cyber Risk Management for the Executive

Chances are your organization is either working feverishly to field a cyber risk management program or improve your current program to make it more efficient. The recognition of the importance of risk-based security appears consistent across organizations. A 2013 Ponemon and Tripwire study reported that 81 percent of security and risk professionals in the US said their organizations had a significant or very significant commitment to risk-based security management. Unfortunately, the same study said that only 29 percent of those respondents felt their organization had a formal security risk management strategy that was applied consistently across the enterprise.

There are many challenges with implementing a cyber risk management program. These challenges may differ if the organization is starting a program from scratch, working to incorporate cyber risk into an already established risk program or perhaps working to transition from a compliance-based security program. No matter where your organization sits in this spectrum, there are some key actions that can be taken to strengthen an organization’s risk posture.

Incorporate cyber risk into the organization’s existing risk program
Although many organizations already have an existing risk program, it is not uncommon to find a cyber risk program started and managed external to that structure. Often times this is due to the cyber risk effort evolving from the organization’s cybersecurity program. This does provide the benefit of a great deal of technical expertise but at the detriment of risk and line-of-business expertise. The result is misunderstood or poorly developed risk tolerances that do not align with business objectives and the organization’s inability to properly prioritize risk mitigation actions across the organization.

The key here is to arrive at a structure that has, or at least is based upon, a single, common language, risk tolerance criteria and risk catalog/register. The structure needs to include risk managers, security managers and business unit executives. Organizing the cyber risk program at this higher organizational level and out of IT can also aid in developing a cyber-aware culture in the organization.

Focus on the correct assets
The first major component of any risk methodology is identification. An organization’s specific risk methodology may refer to this step as resource profiling, information system categorization, identification of IT services or something else entirely. The goal, however, is the same—identification of those information assets that must be secured to meet business objectives. If you do not know what is important, not only will you not know what to focus your defenses on, but you will have a harder time justifying a risk assigned to an asset. This discussion should not start with routers and servers, but with the information and services upon which the business depends. Once those are defined, prioritized and agreed upon, then IT can begin cataloging the relevant critical hardware and software. Few organizations have sufficient resources to implement all desired security practices.  Identifying critical assets first focuses your risk program and your scarce resources. Doing this wrong could mean cyber risk ends up being defined in terms of compliance and will impact criticality of the asset at risk.

Expand the use of non-technical controls
On one hand, it only makes sense that technology seems to have become the default answer when protecting information assets. The variety and effectiveness of technical solutions available for consideration have never been greater than they are today. Unfortunately, this focus has come at the cost of neglecting the human layer of our information systems.  Focused, recurring awareness training and exercises, behavior management, and incentivizing desired actions can build an organization’s workforce’s ability to prevent, accurately detect, and quickly react to cyber incidents.

I have only just begun to touch on these considerations for more effective cyber risk management. I will be diving deeper and looking forward to the dialog during my presentation at the CSX North America 2015 Conference. Hope to see you there.

Douglas Rausch, CISSP
President, Aurora CyberSecurity Consultants, Inc.

[ISACA Blog]

Posted on

Here Are 5 Things Your Cybersecurity Team Must Do

Cybersecurity is a hot topic these days. Corporate breaches in the headlines have turned hackers into the new super villains. “Revenge of the Nerds” is alive and well, and hacking is their super power. It’s no wonder that every customer meeting I attend starts with a concerned voice: “what can we do to protect ourselves and our customers” from these new super villains? Secretly, they’re wishing to hear about a shiny new product that will solve all of their security problems, providing new protection for every new attack.

We all want our data and networks to be secure, with no effort or risk, but there are no shortcuts to success in the territory of cybersecurity.

As surprising as it may sound, these villains’ new tactics are not as new as you might think; in fact, many of the so-called new attacks could have been prevented by correctly using existing security technologies as part of an end-to-end cybersecurity plan.

What is the plan? Think like a hacker.

  1. Change the way you approach protection, what would you steal?

Start by thinking about what you need to protect, not about protecting the road to it. In other words, build protection to match your data and your processes, not just the network architecture. Learn about your business’s unique patterns of people-data interaction; what and how it needs to be protected, who needs access to it and when, and what is the expected interaction they will have with the data. Only then can you start building your data-centric security.

  1. Look for the gaps – what is the easiest way to get your data?

All networks are built to provide a service that is dependent on multiple systems both internally and externally. Hackers look for gaps, the path of least resistance. Why break down the front door, if you can easily get in through an open window? Your security solution must prevent as much as possible across multiple phases of the cyberattack lifecycle.

2.1 When you think about gaps, look at the borders of your systems and processes internally and externally, as gaps have more to do with interoperability and less with physical objects (Internet of Things). Work to close those gaps and think outside of the security box. Your inventory list should include computing, storage and network equipment.

2.2 The human factor: social engineering attacks are rising, with high success rates. Training and education is the key to defending on this front. Adding tools and scripts to catch users’ mistakes can help reduce the risk.

  1. Uncover deception – what and whom do you trust?

Your answer should be nothing and no one. Look to uncover and inspect as many compression and encryption protocols as possible, making sure that the data entering your network is what you expect it to be, and from whom you expect it to arrive. You must detect new unknown attack components across all traffic.

  1. Look holistically, what are your blind spots?

As you plan to add new products or processes, strive to reduce complexity and keep it simple: simple to manage, simple to monitor, simple to update, and simple to control. Any blind spot or unattended system can and will be used against you, especially in multi-step attacks. Keeping it simple is probably the most challenging aspect of this process. It is a daunting task. As you look under the hood of many customers’ networks, most have been built over long periods of time with highly heterogeneous platforms, languages and tools. Remember that you have more than one environment to manage, as mobile devices and public/hybrid cloud infrastructure are two of the biggest attack vectors. Your solution should detect new, unknown attacks across all traffic.

  1. Keep getting better – how can you be even more secure tomorrow?

New security protections can become outdated quickly, if they are not attended to and updated regularly. Threats are constantly changing, requiring continuous monitoring, tracking and assessments in order to keep your security up to date. Timing is everything. You must be able to turn detection data into prevention very quickly.

Sun Tzu and his “The Art of War” guidelines are more relevant than ever. In order to beat cybercriminals, you need to understand the battlefield, know the enemy and know yourself. Build a security ecosystem designed to fit your unique data mix and data consumption patterns, predict the enemies’ next move, counter it, and strive to be one step ahead of them.

Learn more

[Palo Alto Networks Blog]

Posted on

ISACA Blog: My Journey to Passing the ISACA CGEIT Exam

While my preparation time for the exam was relatively short, I had been building up experience over the past seven years, which significantly contributed to passing this exam. Being a person who is constantly trying to change my perception regarding the “why” of IT, I came across ISACA and its certifications. Certified in the Governance of Enterprise IT (CGEIT) seemed to be the best fit for my career. Here are a few of the things I learned on my journey to the CGEIT exam.

  • Take time to select the right certification for you:  To achieve this I engaged in some research and brief reading on the various certification tracks, I spoke to persons who were already certified by ISACA and assessed my job critically. By doing this, I was comfortable I had made the right choice of track for me—CGEIT.
  • Become a member:  Signing up for membership provides you discounts and benefits, which are very valuable.
  • Get the official material:  I got the official material as a base to work with, which helps in setting a benchmark to begin the journey to the exam.
  • Assess where you are honestly:  I started off with the practice test first and my results were horrible. At one point I was asking myself, am I crazy to pursue this? But, that is actually what helped me understand that I had a lot of work to do and exactly how much I had to cover.
  • Do some reading:  I read the books and discovered interesting things you sometimes take for granted simply because you may not be consciously aware of its impact. After reading a majority of the material, I redid the practice test and my results were still scary, but I was now in a good position to develop my own personal learning strategy to get me up to exam readiness.
  • Develop a learning strategy:  The same things will not work for everyone, so you have to get creative to design learning habits that work best for you. I ended up breaking down the practice questions and book chapters into smaller groups. I read, engaged questions and before I answered, I linked mentally to my job function/experience so I could see it in proper context. With that, my practice test scores skyrocketed and I could safely narrow down answers to two choices and then analyze further to arrive at the best answer.

Finally, it was time toface the exam.  The exam was well written and even enjoyable.

Now with a successful exam result, what is left to do is to apply for certification, which I am looking forward to doing. Good luck to all aspiring candidates. For even more tips, read my post here: http://bit.ly/1E0Vqce.

Ammett Williams, CCIE
Telecommunication Team leader at First Citizens, TT

[ISACA Blog]

English
English
Exit mobile version