News & Press

Check back here for the latest and greatest.

Where do you see cyber security in 5 years?

This article was originally published at:

Cyber security is quickly becoming a part of everyday life. We see data breaches weekly – either reported timely or not – with much finger pointing, and many times, not with many concrete solutions. Education, creating robust strategies and simply talking can be the beginning building blocks to data protection. Here we are building the conversation around the future of cyber security, and predicting and analyzing the best strategies to win this cyber protection ‘game.’ We reached out to cyber security experts in the field to help us get a grasp on our posed question. We asked for them to share important cyber security projections in the next five years. Below you’ll find the responses to the question we posed:

Where do you see cyber security in 5 years?


Dr. Chadd Carr is the Chief Technology Officer (CTO) and Global Lead for Cyber Innovation & Strategy at 6massive Holdings, LLP. Prior to 6massive, Carr was the Founding Director of PricewaterhouseCoopers (PwC) National Cyber Threat Research Center (CTRC). As a former Special Agent and Computer Crime Investigator with the Air Force Office of Special Investigations (AFOSI), Carr’s 18 years’ experience covers cyber security, intelligence, network intrusion investigations, computer forensics, and information operations.

This is where cyber security will be in 5 years…

  1. As society becomes increasingly integrated, especially in the area of IoT (the internet of things), we will see a continued shift away from traditional deterrence and prevention cyber security frameworks towards more modern methodologies emphasizing on containment and remediation.
  2. An increased demand for legislation. Just as those U.S. based companies offering health insurance benefits are required to comply with HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act), companies like Equifax that routinely collect, store, and aggregate subscriber personally identifiable information (PII) will be required to conform to strict federal data retention and incident reporting requirements.
  3. An increase of major breaches as corporations begin to outsource liability and responsibility of fines, fees, and penalties resultant of such breaches in the form of cyber insurance. To counter this trend, these insurance providers will need to price their policies in such a way that the insurance supplements, rather than replaces, robust security frameworks. The inherent challenge of that however is defining what that standard will be. Cyber security, much like life, requires collaboration.

This article was originally published at:

Meet i.Invest Judge and Cybersecurity Expert, Dr. Chadd Carr

This article was originally published at:

n 2017, Dr. Chadd Carr, Managing Partner, 6massive Holdings, LLP joined i.Invest as a judge and mentor. Bringing with him over 18 years in the fields of cyber investigations and intelligence, Carr has also founded and exited several services and product-based companies. His extensive experience in business development and dedication to youth entrepreneurship has been an asset to helping i.Invest prepare the next generation of business leaders.  
Tell us about your current position, why you do what you do and how it prepares you to mentor youth and youth entrepreneurs?
6massive is a company focused on conceiving, developing, and taking to market those technologies that the world will want tomorrow.  As a Partner at 6massive, I am directly responsible for a portfolio of up to 10 technologies, each with its own development cycle and market strategy, all operating in parallel.  My portfolio ranges from advanced cyber threat intelligence tools, to career apps based on artificial intelligence, to learning and certification services for federal contractors, to socially-driven mobile apps.  Usually, to expedite the go-to-market timeline, we often seek outside investment capital, which means I spend a great deal of my time pitching angel and accredited investors.  I am also a college Professor dedicated to teaching, motivating, inspiring, and mentoring the next generation of industry giants.  I have found success in converting this experience into a roadmap our younger generation can consider as they set out to capture their dreams.
What was the very first business you started and why? 
I’ve been an entrepreneur for as far back as I can remember.  I’m sure my parents can go even further back. From buying a bag of candy and selling handfuls to classmates in elementary school, to borrowing lawnmowers from neighbors and sharing a percentage of revenue with friends who actually cut the grass, to buying and re-selling things on eBay, I’ve always had a passion for entrepreneurship. And it was never (and still isn’t) about how many dollars I could collect that motivated me.  It was the actual process of creating value where value didn’t exist before.  One of my favorite quotes came from one of my favorite TV shows, Discovery’s Gold Rush, is  “You’re already millionaires.  The only thing is, you gotta get it out of the ground.”  With imagination, perseverance, and insane work ethic, there are almost infinite paths to success, however you define it.
What three things should all young entrepreneurs be prepared for before they create a business?
#1 It’s hard work.  Really hard.  Entrepreneur Lori Greiner [from TV Show Shark Tank] said it best, entrepreneurs are “the only people who work 80 hour weeks to avoid working 40 hour weeks.”  It’s a lifestyle, not a profession.
# 2  It can be lonely.  Successful entrepreneurs are the ones trekking paths others don’t see value in.  A lot of what they do doesn’t make sense to others, therefore, a lot of feedback and guidance they receive from others aren’t necessarily positive.  Non-entrepreneurs like to classify outcomes as either a “success” or “failure.” Entrepreneurs typically classify something as “that worked”, or, “it didn’t work… that time.”
#3  Commit to building yourself, before you build your product.  Your best brand–your most important brand–is yourself.  Investors do not invest in businesses or technologies.  They invest in the people behind them.  Build credibility through personal and professional relationships, education, and proven history of hard work.  Those three components provide the nutrients from which your “product” will eventually grow from and thrive.  Also, the product you begin with, most likely, won’t be the same product you will end with.  However, the two constants throughout that evolution, will be your health and your family.  Protect those.  Nurture those. Despite whatever path the product takes, in the end, what you will value above all else, will be those two things.
Tell us about your biggest business failure and success.
I don’t believe in failures.  Even though I’ve had things that didn’t work at a particular time, under a particular set of circumstances, I’ve also walked away smarter and better prepared to tackle the next challenge.  Success… failure… both are part of the journey, but neither are a destination.  My wins are simply byproducts of an amazing, resilient, and incredibly patient family. If I had to name one success, it would be that I’ve been able to strike a healthy balance between my entrepreneurial insanity and helping foster a loving family.
Why is nurturing entrepreneurship important to you?
How does the saying go… in society, 97 percent of people who said it could not be done, work for the 3 percent who said it could be done?  Something like that.  As a father, I’ve always told my kids, “you can either spend your time aiming for the corner office or some fancy title (which someone else has built), or,  you can spend your time creating those corner offices and titles.”  Both paths have their own pros and cons, but I wanted my kids to grow up in a world where both were interchangeable and equally possible.  Only through observable entrepreneurship can that happen.

4 of the Most At-Risk Industries for Cyber Attacks

This article was originally published at:

Reports about large-scale cyber attacks have been peppering our nightly news shows and social media newsfeeds for years now—we’ve heard about retail chain after retail chain falling victim to hacking, coveted hospital information being held for ransom, entertainment industry data breaches leaking spoilers of today’s top shows and even alleged election-related hacks. As a result, information security analyst jobs have seen rapid growth, with the Bureau of Labor Statistics projecting an 18 percent hike in employment by 2024.

In our digitally advanced age, it almost seems that it should be commonplace for organizations to implement the most reliable security measures when it comes to coveted web-based data. But that’s not always the case. “Anyone accepting information online is at a huge risk,” reveals Matt Ferderer, consultant and freelance web developer. “It’s rare for even the top websites to properly set up HTTPS, which is the bare minimum in having a secure website.”

Ferderer goes on to explain that this risk alone can mean that anyone using the same network as you—such as in a café, or at a school, hotel or airport—can intercept and modify any data you transmit or receive from a website. “We’re still in the Wild West of the internet,” he says.

Whether you’re worried about the safety of information sharing within your specific industry, interested in learning which fields may become hotspots for cyber security jobs or you’re simply curious about the general state of things, it’s helpful to know which industries currently face the highest risk of falling victim to cyber attacks. We canvassed a panel of IT experts to get their take on this. Take a look at what they had to say.

4 Industries that are most vulnerable to cyber attacks

“The multi-million dollar ransomware industry has grown and will continue to grow with amazing speed in the years to come,” explains Adnan Raja, vice president of marketing for the web hosting service “This is, in part, thanks to the spread of untraceable cryptocurrency, such as Bitcoin, and the proliferation of ransomware kits on the dark web.” The latter, he adds, allows just about anyone with little-to-no programming skills to orchestrate and reap the financial rewards of ransomware attacks.

The truth is most hackers focus less on targeting specific industries and more on locating vulnerabilities that will allow them to easily receive their sought-after data. “Threat actors use tools they are comfortable with to go after data they know how to monetize. They do this in order to minimize the risk of being discovered while maximizing the likelihood of a return on their activities,” says Chadd Carr, chief technology officer and global lead for innovation and strategy at 6massive Holdings, LLP.

As the founding director of PricewaterhouseCoopers’ National Cyber Threat Research Center, and former special agent and computer crime investigator with the Air Force Office of Special Investigations, Carr has ample experience in cyber security, computer forensics and just about every aspect of information security and intelligence. This has brought him to various conclusions about the nature of cyber attackers, including the following: “They tend to be industry agnostic, gravitating instead toward areas vulnerable to their desired tool set (malware of preference) and abundant with data they seek.”

That being said, there are some industries that will find themselves more at risk than others. The following are some of the top targets:

1. Healthcare

“Ransomware is increasingly targeting organizations within the healthcare industry,” Raja asserts. “These organizations often have thousands or even tens of thousands of gigabytes of patient data they cannot afford to lose. This makes them all the more willing to pay handsomely to get their data back at any cost.”

The sheer volume of healthcare data breaches from 2016 supports this claim, with at least one breach having occurred every single day. This resulted in more than 27 million patient records being affected. In fact, the dark web became so saturated with patient records during this time that the price per record actually dropped significantly.

In addition to harboring coveted patient data, it’s also true that healthcare facilities aren’t always equipped to ward off such attacks, increasing their vulnerability even further.

“Cost-cutting measures have left many healthcare institutions relying on legacy hardware, software or operating systems with unpatched vulnerabilities ripe for exploitation,” explains Brad Shaw, president and CEO of Dallas Website Design.

The healthcare industry is also a likely candidate for another very prominent reason. “It is still transitioning from paper to digital records,” offers Alayna Pehrson, digital marketing strategist at “Cyber security is lacking in this field due to healthcare’s short-term digital presence.”

2. Higher education

The higher education industry is another mecca of personal data hackers are eager to get their hands on. From Social Security numbers, addresses and potential password information to loan and bank credentials, attacks on colleges and universities are becoming more and more common.

In 2015, for example, 1.35 million identities were exposed to higher education cyber attacks. A glance at the decade prior reveals that higher education was actually the industry sector with the highest number of breaches, with a total of 539 breaches involving nearly 13 million records.

Higher education institutions are a near-ideal target for attackers, Pehrson explains, due to the sheer amount of information they store on each student and parent associated with the school.

Consider some of the most recent high-profile cyber attacks within this industry:

  • In July 2015, Harvard University revealed information regarding a data breach that impacted at least eight of its colleges and administrative offices.
  • In May 2015, Penn State informed the public of two distinct breaches of its computer system, which compromised the information of at least 18,000 people.
  • In March 2014, the personal information of nearly 300,000 past and present students of the North Dakota University System was hacked, resulting in compromised names and Social Security numbers.
  • In February 2014, the University of Maryland experienced a massive data breach that impacted a database containing the personal information of every student to attend the school since 1998.
  • Also in February 2014, the Social Security numbers and addresses of 146,000 current and former students of the University of Indiana were compromised in an attack.

While improvements are actively being made to better equip the higher education industry to ward off such breaches of data, the computer systems operated by colleges and universities are designed to embrace accesswith minimum security interference for ease of use for students and parents. It’s also true that top-of-the-line cyber protection can be extremely expensive—something not all institutions have the budget for.

3. Energy

“The energy industry is one of the largest industries at risk of cyber attacks,” Ferderer offers, explaining that they usually have equipment that is separated by miles of empty space. “Hackers can try to tap into energy networks by driving near them, or even from far away.”

Take, for example, the recent instance in which researchers from the University of Tulsa discovered just how easy it is to hack an entire farm of wind turbines. All it took was less than a minute of lock-picking on one unsupervised turbine’s door to gain access to the unsecured server closet within.

From there, the researchers could drive away into the miles of uninhabited, rural fields and use their laptops—which they’d connected to via the server of that singular turbine—to instantly access a list of IP addresses representing every single networked turbine in the field. A simple pick of a lock and some inexpensive equipment was all it took to gain access to networks that would allow them to send commands to entire wind turbine networks, an increasingly popular form of American energy production.

In other instances, hackers can cause widespread power outages to undermine critical defense infrastructure, risking the health and safety of millions of citizens at a time. Some reported breaches have even targeted natural gas pipeline companies in both the U.S. and Canada that manage more than half of all pipelines available in the Western hemisphere.

“The electric power grid and power generation facilities—[including] nuclear power plants—are controlled by technology and communication systems that could be disrupted, hacked or controlled in a cyber attack,” explains Maria Santagati, founder and CEO of Stratball.

The energy sector plays a crucial role in the functioning of a modern economy. When compromised, citizens’ personal data may not be at risk, but the state of our economy is put in grave danger.

4. Small businesses

Many small business owners do not take cyber security nearly as seriously as they should.

“Most large corporations have the infrastructure in place to thwart cyber attacks,” explains Gene Caballero, co-founder of GreenPal. “Small-scale companies either don’t have the proper resources or simply don’t believe they are at risk when it comes to cyber attacks.”

In his time selling security software at a Fortune 50 tech company, Caballero saw far more small businesses get attacked from smaller amounts of ransomware than large corporations.

The statistics support Caballero’s experience. In early 2017, it was reported that approximately 14 million small businesses had been hacked over the preceding 12 months. About half of today’s cyber attacks actually target small businesses—these attacks may not make national headlines, but hackers know a few things to be true: Small businesses are ripe with valuable data, they are less likely to have strict security measures in place and their owners are more likely to pay ransoms to restore their critical data.

It’s also true that it is much more difficult for small businesses to recover from cyber attacks than it is for larger corporations. About 60 percent of small businesses that fall victim to attacks go out of business within six months.

With that in mind, the best thing to do is protect your business before an attack occurs. Cyber security pros suggest performing regular software updates as a general first step. If possible, it’s also smart to enable two-factor authentication, perform regular backups of company data, create strong passwords that you change every couple of months and maintain quality antivirus software on all company computers.

This article was originally published at:

Top Job Habits Every Cyber Security Expert Should Adopt: The Top Experts Speak

This article was originally published at:

When it comes to data security, we’re collectively in the mission of keeping information secure. However with the recent EquifaxYahoo and Disqus data breaches, the role of the cyber security expert is coming into the news. Reports emphasis the need for cyber security professionals in the field, and the lack of individuals currently to fill the job. We’re not here to criticize then, rather we want to help in every way possible to insure their role blooms. To help, we’ve reached out to top cyber security experts in the field to share their view. We asked them to share two important job habits that every cyber security expert should adopt in their workplace. Below you’ll find the responses to the question we posed:

What are two job habits every cyber security expert should adopt?

Chadd Carr is CTO and Global Lead for Innovation & Strategy at 6massive Holdings, LLP. Carr is responsible for overseeing our Cyber Security Labs. Carr has over 18 years’ experience in cyber security, intelligence, network intrusion investigations, computer forensics, and information operations.

Two job habits every cyber security expert should adopt:

  1. Practice what you preach. Often times, the most security-savvy individuals are the biggest culprits relative to failing to observe proper cyber hygiene. Whether due to elevated risk tolerance stemming from constant exposure in dealing with cyber threats, probability numbness, or simply mental fatigue, sometimes those tasked with securing our valuable data are the largest vulnerability.
  2. Remember your audience and stick to the basics. In today’s highly dynamic environment, it is easy to become over reliant on technology (behavioral analytics, smart intelligence, etc.). Safeguarding data should begin and end with people. Training is perhaps the most referenced, however, under-valued form of cyber security. Cyber security, much like life, requires collaboration.

This article was originally published at:

Supply Chain Cybersecurity: Experts on How to Mitigate Third Party Risk

This article was originally posted at:

23 information security experts provide tips for securing data across business partners, suppliers, and other third parties.

When companies think about security, they most often think of securing their networks, software, and digital assets against cyber attacks and data breaches. But the supply chain – whether a traditional manufacturer or service provider’s supply chain or the “data supply chain” relied on by most large companies – is also vulnerable to security risks, as has been seen in a litany of major data breaches via third parties.

Practically every company has a place in the supply chain, and supply chains are evolving to be as much about the flow of information as they are about the flow of goods and services. Thus, it comes as no surprise that supply chain security is a highly complex, evolving function, and it’s one that security pros and business executives are giving more attention as the risks facing information throughout the supply chain become increasingly obvious.

Supply chain security is every company’s responsibility. The supply chain as a whole is only truly secure when all entities throughout the supply chain carry out effective, coordinated security measures to ensure the integrity of supply chain data, the safety of goods, and the security of the global economy. To find out what tactics and methods companies can utilize to enhance the security of their supply chains and contribute to global supply chain security, we asked a panel of security experts and supply chain professionals to answer this question:

“What steps should companies take to secure their supply chains against cyber attacks/data breaches?”

Chadd Carr is the Director of PricewaterhouseCoopers (PwC) National Cyber Threat Research Center. As a former Special Agent with the Air Force Office of Special Investigations, Chadd has over 18 years’ experience in cyber security, network intrusion investigations, computer forensics, and information operations expressly related to the financial services sector. As a Director with PwC, he oversees PwC’s Cyber Threat Intelligence services, servicing both national and international clients, throughout all sectors.

“There are a few steps steps should companies take to secure their supply chains against cyber attacks and data breaches…”

1. Companies should consider defining reasonable levels of security and associated controls; requiring sub-contractors, vendors, and critical supply chain partners to meet or exceed those standards as terms and conditions of established business agreements.

2. Companies should consider adding vendor-identifiable information to any existing cyber threat intelligence activities to identify instances of emerging threats or active attacks. Threat actors may compromise a lesser-defended vendor network identified as having access to the principal enterprise network. Awareness of these activities would allow the parent company to initiate countermeasures before the threat actor has the opportunity to move laterally onto their network. Cybersecurity, much like life, requires collaboration.

This article was originally posted at:

Why you need to be proactive against data scraping

This article was originally posted at:

DATA is the currency of the modern business. For organizations big and small alike, data now plays a big part in ensuring that a business can optimize its operations, correctly target its marketing, properly engage its customers an enable employees to collaborate. With the prevalence of mobile data connections, the Internet-of-Things, connected workflows and social networks, organizations are now more capable of building actionable intelligence around customer and operations data.

With such access to data, however, there is always the concern about security – in particular about the integrity of corporate and user data. According to a 2015 study by the Ponemon Institute and IBM, businesses incur an average cost of US$154 per record lost or leaked, up 6 percent from the previous year. For an enterprise of scale, such costs also grow as your database size increases – which can run to the millions of dollars. For a small business, any data leakage might result in a breach of customer confidence.

According to EMC, China leads the way in the number of businesses that rank ahead of the curve in the data maturity matrix, at 30 percent. However, a vast majority of businesses, at 87 percent, rank in the bottom two categories, which means that most businesses globally are not yet prepared to properly manage and secure their data.

What is data scraping?
Data scraping involves gathering either structured or unstructured data from digital sources – such as the web, databases, or other digital repositories – for the purpose of incorporating these into another database or other ends. For example, you might have data published on your website, and other parties can easily pull out this data and publish this as their own.

This usually involves bots that crawl websites or databases and parse it into their own content. While content scraping might be straightforward, some scrapers are capable of going deeper and scrape content from supposedly private databases through security flaws.

Why it’s becoming a serious concern
The rising popularity of cloud platforms and distributed infrastructure brings about increased difficulty in mitigating risks that can arise from data being transported across both encrypted and open networks. This primarily emanates from the nature of enterprise collaboration today. For example, popular BYOD policies in businesses might result in corporate data leaking through personal devices or personal connections.

Social engineering attacks are another potential vector, which can lead to attackers gaining access to business data through a legitimate user’s credentials. Data can then be scraped piecemeal and then reconstituted later on.

The obvious repercussions here involve other parties gaining access to possibly confidential or proprietary content. For example, a competitor might gain hold of your customer list or other proprietary data. However, malicious entities can also take your data hostage, sell it to another party, or leak it to the public. Take for example the Sony Pictures leak in 2014, which resulted in millions of customer and employee records leaked, along with email messages that led to a costly PR nightmare for the entertainment company.

According to Juniper Research, cybercrime will cost businesses a whopping US$2.1 trillion by 2019, mostly from attacks orchestrated by organized cybercrime groups. In fact, such activities are becoming more and more profitable for cybercriminals, given the importance that businesses place on data today. Hacker groups can either sell the data or hold it ransom, using the prospect of leakage to blackmail businesses into paying huge fees, or even simply locking down data on a user’s computer in exchange for payment.

How should I address data scraping?
Perhaps the most straightforward way to protect one’s data would be to harden the infrastructure to protect against unwanted data extractions while allowing legitimate scrapers to access your content. For example, you can filter scrapers at several levels, which can prevent these from reaching your database. However, you will need to let legitimate bots through, such as Google’s search crawlers.

This will involve an approach based on analytics – how does your system know whom to block and who to let through? Some solutions would involve using a challenge-based approach in blocking traffic, and some would use heuristics – analyzing bot behavior to determine their intent.

Another potential solution is to establish safeguards in your network topology so bots don’t ever get to reach your database. Such edge-based blocking like content delivery networks, reverse proxies and web application firewalls will also help protect against network overloads or even DDoS attacks, to some extent.

The emerging trend in data leakage prevention is shifting from manual prevention towards automatically mitigating breaches even before they happen. Chad Carr, director of Cyber Threat Detection at PriceWaterhouseCoopers, says that this will involve automation: “Integrated intelligent platforms designed to mimic the training, capabilities, and methodologies of security professionals and threat actors alike – capable of fusing end-to-end intelligence (external-to-perimeter-to-end point), all tipping-and-queuing each other, and feeding logic into active control defenses; essentially removing the human from the action loop.”

The takeaway
The key here is to be proactive against data scraping, leakages and loss. If you have any data to protect, you should not be passive and simply react when an incident occurs. Don’t wait for an attack to happen before acting on protecting your enterprise assets. Instead, you will need to harden your infrastructure, establish policies for ensuring data integrity, and use intelligence and analytics to your advantage.

This article was originally posted at:

Baltimore Cyber Security Director Brings Safe Resolutions to Clients

This article was originally posted at:

For Chadd D. Carr, director of cyber threat intelligence and response services at PricewaterhouseCoopers, his passion for cyber security started at a very young age. Throughout his career, he has held a number of positions, including serving as a federal agent and computer crime investigator with the USAF Office of Special Investigations.

Carr holds a Bachelor of Science in information systems management from National Louis University, a Master of Science in information technology from the University of Maryland University College and a Pd.D.c in cyber security from Northcentral University.

What are the responsibilities of your current role?

“As director, I oversee both our breach response and cyber intelligence services, although the latter consumes most of my day-to-day. I focus on three areas: pre-attack posturing, generating intelligence on emerging cyber threats and performing breach indicator assessments for our clients to help defend against cyber threats; steady-state activities, ensuring our client information systems are safeguarded effectively and post-attack, conducting computer network forensics and remediation activities in the event of a data breach or theft of intellectual property.”

What is your favorite part about your daily duties?

“Every day brings with it new challenges. Our industry really has no checklist. It’s really about pulling together a group of highly skilled professionals to resolve problems real-time as they happen. PwC employs the best and the brightest, and with that comes a never-ending opportunity to grow, both professionally and personally. The best part of the day is definitely working alongside great people.”

How has your education/training prepared you for your current role?

“Education is critical, both in terms of knowledge and all the peripheral things you learn along the way such as prioritizing tasks, time management, self-sacrifice, commitment and goal setting. Education is good, but it’s the application of what you learned that makes you intelligent. I’m a lifelong student who believes that the moment you stop learning is the moment you become irrelevant.”

What do you do to continue your education/training?

“I always try to be enrolled in at least one continuing education course at any given time, whether it is a college course or industry certification. If my employer has funding for tuition assistance, you can be pretty sure I’m going to maximize it!”

Do you have any advice for others looking to enter this field?

“Cyber security is a highly dynamic and constantly evolving field. If you approach it as a hobby, you will miss way too much to make a difference. It’s a lifestyle. You have to live it day in and day out. It’s also an industry that calls upon your reputation, or brand, daily. You have to go to school. You need certifications. You need to get a Bachelor of Science and eventually a Master of Science in a computer-centric field. I fell in love with both school and computers, so a doctorate was a natural evolution because I also have a strong passion to share knowledge with others.”

This article was originally posted at:

Experts on the Data Loss Prevention (DLP) Market in 2016 & Beyond

This article was originally posted at:

With the number of high-profile security breaches on the rise, such as the massive healthcare data breaches at Anthem and Premera, the hack and ensuing data breach at the U.S. government’s Office of Personnel Management, Sony’s multiple hacking incidents in recent years, the highly publicized Target breach, and many others, industry analysts have noted a massive resurgence in demand for data loss prevention (DLP) solutions. But how will today’s trends impact the DLP market in 2016 and beyond, and what changes looming on the horizon will cause DLP solutions to evolve to accommodate the increasingly complex data protection needs of modern organizations?

To find out how today’s security experts see the DLP market evolving in the coming years, we asked a panel of leading cybersecurity experts to answer this question:

“Where do you see the data loss prevention (DLP) market going in 2016 and beyond?”

Chadd Carr is the Director of Cyber Threat Detection and Response Services for PricewaterhouseCoopers (PwC). As a former Special Agent with the Air Force Office of Special Investigations, Carr has over 18 years’ experience in cyber security, network intrusion investigation, and information operations expressly related to data breaches and data loss. As a Director with PwC, he oversees both the Incident Response and Cyber Threat Intelligence services, servicing both national and international clients, public and private, throughout each of the 16 critical infrastructures. Data loss detection and prevention is one of many threats he identifies, counters, and remediates daily. Furthermore, as he is a management consultant as opposed to a tech consultant, he maintains awareness and expertise across a wide range of data loss prevention technologies in order to present the best cyber security solution to clients.

“The new paradigm around cybersecurity, specifically data loss prevention and identification, will certainly be…”

Centered around data fusion with a particular focus on minimizing the time to identify, validate, and remediate incidents of exposure. This will most likely come in the form of integrated intelligent platforms designed to mimic the training, capabilities, and methodologies of security professionals and threat actors alike – capable of fusing end-to-end intelligence (external-to-perimeter-to-end point), all tipping-and-queuing each other, and feeding logic into active control defenses; essentially removing the human from the action loop.

Why focus on identification as opposed to prevention? Since the first truncated transmission traveled between the University of California and the Stanford Research Institute in 1969, our society has become increasingly integrated. Specific to data loss, this integration has enabled access to networked resources, the tools/knowledge needed to nefariously exfiltrate data they contain, and a way for threat actors to monetize it. The previous barriers of entry into this market (software, technical training, methods, etc.) have gone away, attracting a wide group of actors including hackers, hacktivists, and advanced persistent threats (APTs). Although motivation may be used to differentiate these groups, the primary delineators of these are technical expertise and access to resources. Ultimately, there are too many exfiltration points to monitor effectively. By searching for hives of data across the surface, deep, and dark webs, organizations are better positioned to contain exposure.

In the meantime, organizations need to remain vigilant and committed to a defense-in-depth framework. No one single solution is capable of defending against all variety of data exfiltration. Security-savvy or threat-aware organizations understand that sound cyber security is much like physical fitness in that it is a lifestyle, and any plan that forces users to deviate too far off of their normal behaviors will not endure. The trick is to achieve balance between security and usability and trade-off between threat probability and threat ramifications.

This article was originally posted at:

Cyberthreat intelligence: A call to evolve beyond the feed

This article was originally posted at:

Threat intelligence has come a long way from its humble beginnings, and none too soon. The nature and number of cybercriminals have expanded greatly, their methods are multiplying and their potential harm continues to increase. For those of us on the front lines, it sometimes feels like we’re running out of thumbs to plug the dike. To change this dynamic, we have to take threat intelligence even further, going beyond rapidly identifying and validating potential threats to making the steps to take action against those threats more immediately available.

The novelty of “dark web” visualizations and data feeds is tapering off as executives begin to realize that eye-catching graphs and expensive —but often poor quality —data feeds are largely ineffective when they overwhelm intrusion analysts with false positives and provide no context as to why a specific domain or IP address has been flagged as malicious. Intelligence that is not actionable is, for all practical purposes, simply a distraction. Indeed, it’s all well and good to identify exfiltration of sensitive consumer data or theft of intellectual property—it’s clearly better to know than not—but the end goal must be to stop cybersecurity incidents and prevent recurrence in real time.

To be sure, the private and public sectors are taking a number of steps to make progress on this front. For example, new Information Sharing and Analysis Organizations (ISAOs) hold the promise of rapidly accelerating the sharing of actionable intelligence and broadening the scope of those who receive it. But companies should not put all their eggs in one or two baskets. Organizations should make sure they have in-house or external expertise in four areas:

The ability to surface meaningful, validated intelligence;
The ability to assess and assign the organizational impact of that intelligence;
The ability to identify what actions to take to mitigate the threat; and
The ability to take technical, legal or operational action.

These are four distinct skill sets and as such require a multidisciplinary team. For example, an intelligence-aware organization might pull together a fusion cell that is assembled with the express mission to receive, review and execute cyberthreat intelligence. The fusion cell often consists of a lead intelligence analyst, legal counsel, a risk manager, a Security Operations Center (SOC) representative (if available) and a network security professional. Collectively, this group can determine if a threat merits action and execute a tailored response. If severe enough, the fusion cell should have an established path to escalate a recommendation of specific action to the CISO.

The cyberthreat equivalent of the question “What keeps you up at night?” is whether you’re capable of and prepared to take action. If the answer is “No,” and your organization cannot act organically, ensure your service provider has the technical and legal expertise required to fill the action gap.

This article was originally posted at:

Farm Credit Council (FCC) Services

I had a great time chatting about “Cyber Security and the Directors Liability” with Directors and Executive Staff from Farm Credit Council (FCC) Services in Colorado Springs, CO.

Scroll to top