Month: June 2017

Posted on

Palo Alto Networks Joins the European Commission’s Digital Skills and Jobs Coalition

This month Palo Alto Networks proudly joined the European Commission’s Digital Skills and Jobs Coalition. This coalition brings together European Union (EU) member states, companies, social partners, non-profit organisations and education providers, all of whom are taking action to boost digital skills in Europe. Members of the coalition have endorsed its objectives and principles: to build strong partnerships and work together to reduce digital skills gaps in Europe, including training young people, supporting “upskilling” and retraining of the workforce in technical areas, and modernizing education. Members also can pledge to carry out initiatives to tackle the digital skills gap, an area in which Palo Alto Networks has already been active.

Within the Digital Skills and Jobs Coalition, we will address two important aspects of cybersecurity: providing students with training in technical skills and raising awareness about the importance of cybersecurity at the organizational board and C-suite levels. Both activities are essential for improving cybersecurity, preventing successful cyberattacks and maintaining trust in the digital age. With today’s threats growing in volume and sophistication, it is more critical than ever to arm colleges and universities with the latest cybersecurity curriculum to ensure our future generations have the necessary skills to prevent successful cyberattacks. At the same time, companies and other organisations need to prioritize strengthening their own cybersecurity. This is where boards of directors and the C-suite have a role. Senior executives need to understand and manage cybersecurity risks and guide their organizations – whether in the private or public sectors – to make the appropriate investments in cybersecurity.

Palo Alto Networks commitments within the Digital Skills and Jobs Coalition are encapsulated in two of our signature efforts:

1. Palo Alto Networks Academy Program: Training students with hands-on cybersecurity knowledge

The International Information System Security Certification Consortium, or (ISC)2forecasts an overall cybersecurity skills shortage of 350,000 workers in Europe by 2022. Security professionals across the public and private sectors alike agree that cybersecurity training must be considered a high priority as the sophistication and volume of successful cyberattacks increase, threatening our digital way of life. Palo Alto Networks is committed to equipping this next generation of students with the hands-on cybersecurity knowledge they will need to keep pace with the ever-changing global cyberthreat landscape and learn best practices for preventing cyberattacks. The Palo Alto Networks Academy will provide cybersecurity courseware, certifications, faculty training, instructional resources and next-generation security platform lab technology at no cost to qualified European academic institutions. We will also be actively involved in sponsoring and supporting collegiate and secondary cybersecurity competitions in Europe. The start of this project is scheduled for the third quarter of 2017.

As of June 2017, nearly 40 educational institutions in the EU were members of the Palo Alto Networks Cyber Academy Program. In the 2016–2017 school year, we are training more than 400 students in the EU. Under the Digital Skills and Jobs Coalition, we’ve pledged to train 2,000 students by the end of 2018 and add 80 new qualified European academic institutions to our Authorized Academy Program by the end of 2018.

2. Navigating the Digital Age books: Educating CEOs and boards of directors across Europe on cybersecurity as a business issue

Palo Alto Networks believes cybersecurity is a business issue, not simply an IT issue. Today’s businesses must have the knowledge base, skills and tools needed to mitigate the cyber risks inherent in our digital age. Palo Alto Networks pledges to bring cybersecurity awareness to the European C-suite, in government agencies and in the private sector, by leveraging the European editions of our book series, “Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers.” These books share best practices with chapters authored by European CEOs, CISOs, lawyers and consultants, as well as current and former government officials. Additionally, the books address current cybersecurity issues that businesses must consider, including how to manage strategic cybersecurity initiatives at the boardroom level, as well as how to navigate relevant EU and country-level legislation.

We have launched three European versions to date – FranceUnited Kingdom and Benelux – all of which are available for free online. Under the Digital Skills and Jobs Coalition, we’ve pledged to distribute thousands of additional free copies of the books and hold roundtables and other events on the topics they cover. We would be pleased to join forces with governments throughout Europe to bring these messages to the C-suite in government agencies and the private sector.

Palo Alto Networks welcomes the European Commission’s emphasis on digital skills and education in the EU. As a member of the cybersecurity community, we have a deep interest in promoting and contributing to cybersecurity awareness and education throughout Europe. We are excited to join and contribute to the Digital Skills and Jobs Coalition, and look forward to working with its other stakeholders involved in digital skills development.

[Palo Alto Networks Research Center] 

Posted on

Faces of ISACA: Gerard A. Joseph, CISA, CISSP, CSAM, Ph.D., Independent Consultant

Editor’s note: The ISACA Now series titled “Faces of ISACA” highlights the contributions of ISACA members to our global professional community, as well as providing a sense of their lives outside of work. Today, we spotlight Australia-based consultant Gerard A. Joseph.

Australia resident and ISACA member Gerard Joseph has traveled extensively throughout the United States, as his visits to all 50 US states would attest.

One of Joseph’s can’t-miss US destinations is wherever ISACA’s North America CACS conference is taking place.

Joseph has amassed some serious frequent flyer miles – and drawn his share of quizzical banter from fellow conference attendees – for what has become an annual tradition of trekking to North America CACS all the way from his home just outside Canberra, Australia.

“It does kick off the conversation quite nicely, and you can go from there,” Joseph said. “At the conferences, you’re not just talking commercially, but you can mix it with the personal side of things. I guess coming from Australia, it does attract attention to some extent because of the distance. It just helps to cement a nice, easygoing relationship, even if it’s just for a couple of minutes, to talk about where you’ve been and how much of the country you’ve seen.”


Australia resident Gerard Joseph, pictured attending the Alchemy & Ale social event at North America CACS last month in Las Vegas, is a regular North America CACS attendee.

Joseph became an ISACA member in 2006 when he pursued the CISA certification, and, as he learned more about the depth of offerings at North America CACS, he decided it was well worth the time and financial investment to attend. Joseph has attended North America CACS each of the past four years, including the most recent gathering last month in Las Vegas.

Joseph has many friends, business associates and even a daughter in the United States, so he tends to combine his CACS trips with other visits and sightseeing. Besides, journeying thousands of miles is a fact of life for Australians with a taste for travel.

“For Australians and for New Zealanders, really to travel anywhere you’ve got to travel a long way,” said Joseph, who has visited around 35 countries in total. “If we travel, we’re used to traveling a long distance.”

Joseph, a consultant, is a registered security assessor under a program managed by an agency of the Australian Department of Defence. As his career unfolds, he has become intrigued to learn more about trends and best practices in audit and security. That, along with what he called “absolutely enthralling” speakers, quality networking opportunities and an array of exhibitors that “just help you to keep tabs on where the industry is going” has made him a North America CACS loyalist.

Despite Joseph residing in Australia, the conference’s US location might be more of a bonus than deterrent. He has been fond of the United States since he was young – an affinity he and his wife seemingly passed on to their children, one of whom attended Massachusetts Institute of Technology and another who currently resides in Honolulu, Hawaii. Those family visits helped Joseph expand the list of US states he’d visited, and, by 2012, he realized he’d been to 41 states.

“I thought, well, this is ridiculous, I really have to see the other nine,” said Joseph, who did just that, completing his 50-state milestone with a trip to Juneau, Alaska that capped a two-week, eight-state odyssey.

Despite having seen much more of the country than most US residents ever will – for the record, he counts New York as his favorite locale due to its cultural gravitas – Joseph’s wanderlust remains intact. Visiting the remaining 10 state capitals he has yet to see remains a goal.

“Regardless of how much of any country I’ve seen, I always feel I’ve merely scratched the surface and that there is a vast amount left that I’d like to explore, and that is certainly true of the U.S.,” Joseph said.

Along with work and travel, Joseph is passionate about history, classical movies and music, ballet and genealogy. His interests and travel experience supply him plenty of potential ice-breakers with fellow conference attendees, though he might have slightly less time on his hands at North America CACS 2018, set for 30 April-2 May in Chicago, Illinois.

As if making another overseas expedition to attend North America CACS doesn’t convey enough dedication, Joseph has an eye on potentially making his debut as a conference presenter.

“Chicago will be my fifth NA CACS conference so I thought it was time to elevate my participation – and my overall profile in audit and security – by being part of the program,” Joseph said. “Of course, it depends on whether my proposal is accepted, but even if it isn’t, I’ll still enjoy the conference and the networking opportunities it presents.”

[ISACA Now Blog]

Posted on

CrashOverride/Industroyer: Protections for Palo Alto Networks Customers

This week, the Industrial Control System (ICS) community was again abuzz after reports of a new ICS-specific malware researchers are calling CrashOverride or Industroyer. Several reports indicate that CrashOverride or Industroyer could be the tool used in the December 17, 2016 power outage in the Ukraine.

It’s imperative that ICS/SCADA environments adopt next-generation cybersecurity capabilities to prevent and mitigate malware threats such as CrashOverride. Below we describe protections in place for Palo Alto Networks customers.

Protections with Palo Alto Networks

CrashOverride/Industroyer prompts several questions from our ICS user base. Here’s how our customers are protected:

  1. WildFire – As of June 14, our WildFire database had 9 samples of CrashOverride/Industroyer. These samples included payloads covering functionality for various phases of the attack lifecycle including Reconnaissance, Remote Access, Loss of Control (ICS modules), and Destruction (Wiper). All samples were determined to be Malware by WildFire.Bottom-line: if this malware enters a customer’s WildFire-protected network, it will be quickly flagged as malware and new protections for stopping the payload and C2 communications will be created and shared automatically.
  2. Threat Prevention – We highly recommend WildFire for the most rapid network-based protection from zero-day attacks. However, users who don’t have that can use our Threat Prevention service to stop known payloads, exploits, and communications associated with CrashOverride/Industroyer, applying Threat Prevention profiles in firewall policy. Anti-virus signatures are now available for the known variants of CrashOverride/Industroyer and can be applied to provide protections.
  3. AutoFocus – Our threat intelligence tool, AutoFocus, currently has a tag for CrashOverride/Industroyer (“Industroyer”) which includes IoCs from the ESET and Dragos reports. Users of the AutoFocus service will be able to use these tags to quickly correlate their network traffic with the aggregate threat intelligence for CrashOverride/Industroyer in the Palo Alto Networks threat intelligence cloud then prioritize their incident response activities as needed.
  4. MineMeld – MineMeld is an open source tool that allows user to aggregate, enforce and share threat intelligence. For example, some customers aggregate intelligence feeds from E-ISAC, Palo Alto Networks and other third-party intelligence services then automatically update enforcements on the Palo Alto Networks Next-generation Firewall to block known bad IP addresses via Dynamic Block Lists.You can similarly leverage MineMeld to simplify and automate the process of translating future intelligence you get on CrashOverride/Industroyer to enforcement on your security devices.
  5. Traps Advanced Endpoint Protection – If one of the CrashOverride/Industroyer payloads were to somehow make its way directly to the endpoint, say via a USB device or via another host on a flat network, Traps will be able to submit the file to WildFire. Given that CrashOverride payloads have “Malware” verdicts, it will not be executed per the WildFire protection module.
  6. ICS Protocol Visibility and Control – Our next-generation firewall also has the capability to identify and control ICS-specific network protocols via App-ID technology as well as via zone protection profiles. This capability can be used to whitelist and blacklist protocol traffic even to the command level for some ICS protocols. Where relevant, User-ID can be coupled with App-ID to monitor and control role-based access.

To learn more about the Palo Alto Networks platform and its use cases for ICS/SCADA, please take a look at our white paper “Security Reference Blueprint for Industrial Control Systems”.

[Palo Alto Networks Research Center]

Posted on

Collaborating with Girl Scouts of the USA for First-Ever National Cybersecurity Badges!

Professionals of the future will contend with cybersecurity challenges unprecedented in scope and sophistication. Girl Scouts of the USA and Palo Alto Networks recognize that we all must work together to solve these challenges by creating the innovative cybersecurity problem solvers of tomorrow, which means educating today. Building interest in STEM at a young age is crucial. According to the Computing Technology Industry Association (CompTIA), 69 percent of women who do not have a career in information technology cited not knowing what opportunities were available to them as reasons they did not pursue one.

Today we are extremely excited to share that Palo Alto Networks will be working with Girl Scouts of the USA (GSUSA) to deliver the first-ever national cybersecurity badges for Girl Scouts  in grades K–12. Girl Scout badges are insignia Girl Scouts earn and display on their uniforms to demonstrate mastery of a given topic. Working with a panel of expert cybersecurity advisors from Palo Alto Networks and other organizations, GSUSA and Palo Alto Networks are developing a series of 18 cybersecurity badges. We expect to roll out the first of these badges in September 2018.

Our goal is simple: We will provide cybersecurity education to over a million girls throughout the United States while helping them to develop their problem-solving and leadership skills.

For more:

[Palo Alto Networks Research Center]

Posted on

Announcing GlobalProtect Cloud Service: Consistent Protection Delivered to Remote Networks and Mobile Users

Today at Ignite 2017 in Vancouver, we announced GlobalProtect cloud service, a new cloud-based security infrastructure managed by Palo Alto Networks that allows you to deploy consistent next-generation security to your remote networks and mobile users using Panorama management.

The old ways of thinking about perimeter security are just that: old. Organizations often have many remote locations, users are way more mobile, and commonly used applications – formerly located behind the safety of the corporate firewall – have migrated to the cloud as SaaS applications or to such infrastructure as Amazon Web Services and Microsoft Azure. GlobalProtect cloud service addresses all of these fundamental trends.

Typical approaches to securing remote networks and mobile users, such as backhauling traffic to the corporate network or using multiple point products, are difficult to manage, costly and inconsistent when it comes to security policy and protection. Years ago, we began to solve these challenges with GlobalProtect network security for endpoints, which extends the protection of next-generation security to your remote locations and mobile users. Now, GlobalProtect cloud service operationalizes the deployment of consistent security to remote locations and mobile users.

Based on the entire suite of our Next-Generation Security Platform features, GlobalProtect cloud service is managed by Panorama, allowing you to create and deploy consistent security policies across your entire organization. To consume GlobalProtect cloud service, you will use Panorama to onboard remote networks and mobile users, and then create and deploy security policies as needed.

Remote networks will connect to GlobalProtect cloud service via an on-premise IPsec VPN-capable device, or through one of our technology integration partners that support SD-WAN or IPsec VPN connectivity options. Remote networks will have protected access to corporate resources, SaaS applications and other web applications. Mobile users will utilize the GlobalProtect app on their device to connect via an IPsec or SSL VPN connection and be granted similar protected access.

GlobalProtect cloud service uses a shared ownership model in which Palo Alto Networks manages the security infrastructure, and you manage security for your remote networks and mobile users. With GlobalProtect cloud service, you can reduce the operational burden associated with deploying security to remote locations and mobile users, and move your security expenditures to a more efficient and predictable operational expense (Opex) based model – right-fit for the era of cloud.

To learn more:

[Palo Alto Networks Research Center]

English
English
Exit mobile version