On men named Wolf

Archive for the ‘News’ Category

On men named Wolf

Posted by

A bit of fun…

MEL interviewed Men named Wolf on the Kardashians dragging their good name through the mud. After Kylie Jenner and Travis Scott announced they were changing their baby’s name to something more fitting than ‘Wolf,’ other Wolfs — Wolves? — started howling.

Excerpt:

Goerlich: I think you need to grow into being “Wolf.” You’ve got to be a little bit scruffy, a little bit older, a little bit worn around the edges. Maybe there’s a chunk taken out of your ear — you’ve got to look like a fighter. You’re not going to look like that when you’re young, so I can see why they said, “He doesn’t look like a ‘Wolf’ yet.” But give the kid time. He’ll get there.

Read the full article: https://melmagazine.com/en-us/story/wolf-kylie-jenner-travis-scott-baby-name


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Steps to take when there’s an active adversary

Posted by

CISOs know they must respond quickly and effectively to an incident, yet surveys point to continuing challenges to deliver on that goal. These steps will help you respond quickly, without letting a crisis turn into chaos.

Excerpt from: 12 steps to take when there’s an active adversary on your network

3. Bring in the business

CISOs should be looping in business during the triage process, security leaders say, a point that’s often overlooked during active responses. As part of this, security teams need to immediately identify what impacted components are critical for conducting business, who owns those components and who controls them.

As J. Wolfgang Goerlich, advisory CISO with Cisco Secure, says: “This is a business problem. But in a security breach, a very technical person will be thinking, ‘I have to remediate.’ However, one of the things that CISOs need to remember is that a breach is a business problem not a technical problem. So there should be a secondary process that’s running business continuity and disaster recovery so that the business can keep doing what it needs to be doing.”

12. Stay calm; tend to staff needs

Goerlich says he has seen teams “run themselves into the ground” by working long hours without breaks and even a day or more without sleep. Although that grueling schedule shows a level of dedication, it’s likely to lead to mistakes.

“People get into their zones and work well beyond the times that they should,” Goerlich says, noting that CISOs should plan for clear lines of communications, caps for work hours, staggered schedules, and post-event time off. He adds: “As much as possible, organizations should think out in advance how to handle the human elements.”

Read the full article: https://www.csoonline.com/article/3645690/12-steps-to-take-when-there-s-an-active-adversary-on-your-network.html


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Adoption of hardware-based security keys

Posted by

Google last week revealed that it was coordinating efforts with global partners to hand out free USB security keys to 10,000 elected officials, political campaign workers, human rights activists and journalists, and other users considered to be at high risk of getting hacked.

Excerpt from: Tech giants encouraging adoption of hardware-based auth keys

“Whenever a major organization makes a major announcement bolstering their security controls, it sparks conversation and movement in the broader industry,” agreed Wolfgang Goerlich, advisory CISO at Cisco Secure. “Google’s announcement that it is enrolling 10,000 people in authenticating with strong security keys will make it easier to explain a similar need in other organizations.”

And this isn’t the first such corporate endorsement of hardware-based authentication. Among the companies using FIDO’s standards for Universal 2nd Factor (U2F) authentication keys is Yubico, which like Google has been working with DDC to provide its hardware-based authentication keys to campaigns from both major parties.

Read the full article: https://www.scmagazine.com/analysis/physical-security/tech-giants-encouraging-adoption-of-hardware-based-auth-keys


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Remote Work Drives Continued 2FA Adoption

Posted by

Seventy-nine percent of people used two-factor authentication at least once in 2021, with 72% regularly using the technology, as remote work, social media, and online retail spur demand.

Excerpt from: Security Fears & Remote Work Drive Continued 2FA Adoption

SMS texts continued to be the most-used type of two-factor authentication, with 85% of people using that 2FA technology. Verification emails are the second most common type at 74%, while passcodes issued by mobile authentication apps came in third with 44%.

Companies need to educate consumers more on the pitfalls of SMS text messages as a second factor, Goerlich says. More than half of people surveyed would choose SMS as the second factor for a new account, while less than 10% would choose a mobile passcode application and 7% would use a push notification. SMS tied with security keys, such as YubiKey and other technology, for highest perceived security and topped the list for usability.

“There is a clear mismatch between what the survey respondents are using in terms of security and what researchers have found and identified in terms of security,” he says. “It makes sense that SMS is rated high in usability, and there is a really strong familiarity with the factor, but a lot of issues have been identified by researchers.”

Attempts to educate people on security problems with SMS should be careful, however, not to dissuade them from using two-factor authentication at all, Goerlich stressed.

Read the full article: https://www.darkreading.com/authentication/security-fears-remote-work-drive-continued-2fa-adoption


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Has Covid-19 killed the password? 

Posted by

The pandemic has shone a spotlight on the weaknesses of the most common form of digital authentication.

Excerpt from: Has Covid-19 killed the password?

It is also important to remember that biometric devices have advanced significantly over the past decade, says Goerlich. Continuing to enhance these features – for example, by making it standard to make access to a system contingent on normal user behaviour patterns – will prove essential in shoring up public trust in the technology.

“Some of the set-ups that I’ve seen, a criminal would have to steal your fingerprint, steal your phone, steal your laptop, log in from a region that you’re usually working at… and then start accessing applications that you normally access,” says Goerlich. “That’s a lot of complexity and a lot of hurdles for a criminal to jump through.”

Even so, the end is far from nigh for the password itself. For one thing, upgrading corporate infrastructure to support passwordless authentication remains a gargantuan task. “You’re going to have this really long tail, which could go on [for] years, if not decades, of legacy systems that we’re going to continue to maintain, and we’re going to continue to maintain because they still provide business value,” says Goerlich.

Read the full article: https://techmonitor.ai/cybersecurity/has-covid-19-killed-the-password


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Killing Passwords with Infosecurity Magazine

Posted by

Back in September, Gartner detailed its top eight security projects for the coming year. Among those was the concept of ‘passwordless’ authentication, where a second factor such as a known asset like a phone, tablet, keyfob or smart watch can be used instead of a password.

Excerpt from: Interview: J Wolfgang Goerlich, Advisory CISO, Duo Security (Cisco)

Speaking to Infosecurity, Goerlich cited a talk at the 2004 RSA Conference, where Bill Gates said that the password is dead, and Goerlich commented that “16 years later we’re still trying to kill it.” He said that to enable a passwordless strategy, you need both the equipment and technology to enable it, but mostly you need “to have momentum in the organization and a reason to do it.”

However, now that everyone carries a biometric authenticator in their pocket, has hardware in place and given the fact that security wants to enable users, why do passwords still exist? 

Read the full article: https://www.infosecurity-magazine.com/interviews/interview-wolfgang-cisco-duo/

Wolf’s Additional Thoughts

What leads one innovation to succeed? What leads another innovation to stall? We need standards, infrastructure, and critical mass. But these come often out of order and require a spark to bring it all together. Sixteen years after Bill Gates declared the password dead, we’ve reached the inflection point. It’s about to get exciting.

The final thought in the article is “He concluded by saying that increasing trust in authentication is vital for passwordless to succeed, as today’s good factor is bypassed tomorrow. “

My strong recommendation is pairing passwordless with additional anti-fraud measures. Include the device identification in the authentication. Include behavior analytics (where, when, how) to further bolster trust in the authentication. We can predict criminals will work around these authentication methods, so let’s move now to put in place compensating controls to detect and prevent their next move.


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

Verizon Taps Cisco, BlackBerry for Internet Security

Posted by

Verizon’s new Business Internet Secure bundle for small businesses taps Cisco and BlackBerry security services to help protect customers’ routers and connected devices. A recent Verizon Business survey found 38% of small businesses moved to remote work because of the COVID-19 pandemic. 

Excerpt from: Verizon Taps Cisco, BlackBerry for Internet Security

To support this transition, Verizon Business Internet Secure protects against threats at two points where attacks typically occur: employee devices with BlackBerry and the internet with Cisco Umbrella.

Even pre-pandemic, small businesses faced the same threats and potential damages from an attack, according to a Cisco security report based on a survey of almost 500 SMBs. The report also found that these companies take security preparedness every bit as seriously as their larger counterparts. And this matters because the security industry has traditionally been biased against SMBs, perpetuating the myth that they don’t prioritize cybersecurity, the report says.

“SMB executives, IT executives, security executives in these businesses have done their best to address the problem,” said Wolfgang Goerlich, advisory CISO at Cisco Duo in an earlier interview. What this means is that SMB IT and security leaders now have to ask themselves what’s next, he added. “Where do I go from here?”

Read the full article: https://www.sdxcentral.com/articles/news/verizon-taps-cisco-blackberry-for-internet-security/2020/11/


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

TechRepublic: Four ways CISOs can move enterprise security into the new normal

Posted by

Security is changing rapidly, and the COVID-19 pandemic hasn’t helped. A Cisco roundtable of chief information security officer advisers plotted the course for a secure future.

Excerpt from: Four ways CISOs can move enterprise security into the new normal

It’s time for collaboration, not control. CISOs can’t simply dictate security policy and expect users to fall in line. Not only will workers not fall in line with top-down security directives, they’re also likely to intentionally subvert them to get what they want out of the tech they use at work. “The more constraints placed on users, the more creative they become,” Goerlich said. Savvy users, Goerlich said, can be an asset to a cybersecurity team, helping to secure networks by collaborating with CISOs instead of working against them.

AI and machine learning: CISOs are right to be skeptical. “Training an AI model can take months,” Goerlich said, adding that a rapid change like the kind encountered with stay-at-home orders can throw machine learning models out the window. There were countless alerts and false positives thrown by AI-powered security software at the start of the pandemic, Goerlich said. 

It’s time to embrace a passwordless future. “Passwords have had their time. Nowadays attackers don’t break in, they log in,” Archdeacon said. Goerlich said the transition will be driven by two things: What users expect from consumer devices (e.g., FaceID, Microsoft Hello, etc.), and new security standards like FIDO2 that make passwordless security practical.

Read the full article: https://www.techrepublic.com/article/four-ways-cisos-can-move-enterprise-security-into-the-new-normal/

Wolf’s Additional Thoughts

I’ve taken to calling what happened in March and April as “the Spring when the AIs went insane.” Everyone shifted from working from the office to working from home, and then some shifted back when many were returning to the office. This occurred in three months. Typical general purpose UEBA takes 6-months or more to train. The result was a significant increase in false positives as the human response to the pandemic outstripped the UEBA AI/ML ability to learn. Everything was unusual. Everything was a threat. Everything generated an alert. In other words, the AIs went insane.


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

CSO: Threat Hunting Explained

Posted by

With attackers lurking undetected in systems for months at a time, threat hunting is becoming an essential element of security.

Excerpt from: Threat hunting explained: Taking an active approach to defense

The goal of the security team has, of course, always been to stop bad things from happening as early as possible, whether that has meant shutting down an attempted hack from the outside or thwarting risky employee behavior.

Enterprise security teams often struggle to keep up, says Wolfgang Goerlich, advisory CISO for Duo Security, a Cisco business unit, which has offered workshops on threat hunting. SOCs are inundated with alerts about possible problems — so much so that they can’t possibly investigate each and every one. Cisco’s 2020 CISO Benchmark Report, in fact, found that 41% of organizations get more than 10,000 alerts a day.

Alert fatigue sets in and can keep security teams from being as effective as they could be. “If you’re constantly getting pinged, you can never think deeply and you can never think broadly,” Goerlich says.

He also points out that alerts generally indicate active attempts to attack and are not necessarily effective in finding threats that are either waiting for an opportune time to attack or are new and thus unknown to the monitoring systems.

Goerlich says he has seen how an overload of alerts coupled with a strictly reactive approach can leave an organization exposed. He led a red team simulating attacks on a company to test its security posture, using various tactics to try to get into the company’s systems. The security team did indeed identify the individual pieces of the attack, with monitoring systems alerting the SOC to phishing emails and malware. But while the security team successfully stopped individual attempts from exploding into full-blown events, they failed to see the big picture that there was an ongoing, multi-pronged coordinated attack.

“When you’re closing tickets in a fast manner — as you should be doing — you miss the full scale of what’s happening,” Goerlich explains.

But threat hunting, with its proactive approach and its focus across the IT stack versus alerts, helps security teams spot such activity.

Read the full article: https://www.csoonline.com/article/3570725/threat-hunting-explained-taking-an-active-approach-to-defense.html


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.

BizTech: Securing Remote Work in a Transformed World

Posted by

“Now that everyone has shifted to work from home, it’s as if we’ve got 10,000 branches,” Goerlich said. “So the techniques we use aren’t scaling, the approaches we use aren’t scaling, we don’t have the manpower, the technology to possibly secure 10,000 branches.”

Excerpt from: Securing Remote Work in a Transformed World

That added complexity means security approaches that once defined work styles for decades now have to be reconsidered or retired — which means the moat needs a rethink.

“We start to talk about traditional IT as being this environment that had a hard-candy shell around it, or a castle with a moat,” said Kevin Swanson, a Microsoft Surface Specialist. “And you protected all of these outside threats from the things that were important to your business on the inside.

“That dynamic is changing.”

Read the full article: https://biztechmagazine.com/article/2020/08/cdw-tech-talk-securing-remote-work-transformed-world


This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.