|
| |
Issue
December 2008
Welcome to the latest edition of BH
Consulting's Security Watch Newsletter. In this month's issue we
provide some updates to what has been going on in BH Consulting,
review the recent launch of Ireland's first National CERT and provide you with some updates on the latest
news happening in the world of information security.
Christmas Wishes
To all our customers, readers of our
Security Watch Blog and
newsletter we at
BH
Consulting wish you all a very happy and peaceful Christmas and a
happy New Year.
Nollaig Shona daoibh go léir agus Athbhliain faoi shéan is faoi mhaise daoibh,
agus go mba seacht fearr sinn go léir ag an am seo ar an bhliain seo chugainn!
As part of our
Community Responsibility Programme,
this year BH Consulting is not sending out
Christmas cards or gifts this year, instead we have
sponsored a star on the Focus Ireland Christmas Tree.
Focus Ireland aims to advance the right of people-out-of-home to live in a place they call
home through quality services, research, and advocacy. The objectives of
Focus Ireland are to respond to the needs of people out-of-home and those at
risk of becoming homeless, through a range of appropriate high quality services,
to provide emergency transitional and long-term accommodation for people
out-of-home, to campaign and lobby for the rights of people out-of-home
and the prevention of homelessness. No sum is too small and all is
put to excellent use so please consider
donating to this worthwhile cause.
If you have found our Security Watch newsletter or our
Blog to be of
use or of interest, we ask you to
make a donation to
Focus Ireland. No sum is too small and all is
put to excellent use.
About BH Consulting
BH Consulting was founded in answer to demands for an independent consulting
firm to assist clients gain a competitive edge by achieving IT Operational
excellence in deploying, managing and securing their IT infrastructure. With
over 20 year’s experience, we provide you with access to in-depth expertise,
experience and technical know-how. Backed with our quality processes and
commitment to deliver, BH Consulting provides clients with quality solutions at
cost effective rates.
BH CONSULTING NEWS
Brian Honan Addressed the ICS
Privacy Forum
The
Irish
Computer Society’s
Privacy Forum is a platform to
enable IT professionals to learn
about the latest best practises in
data protection and privacy. Our
Principal Consultant, Brian Honan,
addressed the
forum
on October the 16th on
the topic of managing a data breach
in your organisation. Brian's
presentation is available from the
ICS website
here.
Irish CERT Goes Live
Those of you who are long time
readers of this newsletter know that
one of the projects BH Consulting
has pursued over the past number of
years is the establishment of a
Computer Emergency Response Team for
Ireland. We are happy to say that in
November the Irish Reporting &
Information Security Service (IRISS)
was launched. IRISS is a not for
profit company that aims to assist
businesses, organisations and
individuals to better protect their
computer and network systems from
threats posed by Internet attacks,
hackers and computer viruses. The
Irish Reporting & Information
Security Service (IRISS) provides a
range of free services to Irish
businesses and consumers in relation
to information security issues to
help counter the security threats
posed to Irish businesses and the
Irish Internet space. These
services include;
-
Alerts and warnings for new
threats such as viruses,
vulnerabilities and critical
updates
-
Alerts and warnings on new
threats specific to Ireland
-
Research into security threats
and trends specific to Ireland.
-
Sanitised notifications about
active attack(s) occurring in
other organisations such as
Phishing attacks specific to
Irish organisations.
-
Providing best practise guides
in securing networks and
computers
The
above range of services are built on
the
WARP (Warning Advice & Reporting
Point) model. The service
is provided free of charge to the
Irish Internet community by a
dedicated core of volunteers drawn
from Ireland’s top experts in the
field of information security to
whom we are very grateful. We
would also like to extend a thanks
to those who have helped sponsor the
initiative and without whom this
would not be possible. in particular
we would like to thank
The
SANS Institute for their support
and guidance.
Remember the services provided by
IRISS
are free and will help you better
protect your organisation’s network
infrastructure and ultimately that
of the Irish Internet space so don’t
hesitate to
sign up and take advantage of
the facilities.
Brian Honan Has the Last Word.
Microsoft released an Out Of Cycle
Patch for a critical vulnerability
in Microsoft Internet Explorer on
December 17th. The
Microsoft
Security Advisory 961051
contains details on the patch.
Many media outlets were recommending
that people migrate to a different
browser. Brian Honan was
interviewed on the Last Word Show on
Today FM by Matt Cooper. A
podcast
of the show is available here, with
Brian's interview approximately 5
minutes from the beginning.
Brian was also
interviewed by
the Irish Times on this
issue.
The 4th Annual Privacy & Data
Protection Ireland 2009 Seminar
The
4th Annual Privacy & Data Protection
Ireland 2009 seminar is due to
be held on the 18th and 19th of
February 2009. Brian Honan will be
giving and Interactive case study on
Identity Theft using his experience
in stealing Marie Boran’s, from
the SiliconRepublic.com,
identity which she wrote
up and we
discussed on our Security Watch
Blog about earlier. There are a
number of other interesting talks
lined up for the event so it should
be an interesting seminar. Booking
forms and more information is
available at the
seminar’s website. Note if
you book before January 2nd 2009 you
can avail of the pre-press
discounted rate.
Brian Honan to Chair the 5th
NITES Seminar
The
5th National
IT & eSecurity Summit (NITES)
2009 is scheduled for the 24th of
February 2009. Our Principal
Consultant Brian Honan will be
chairing the event. Brian will
also be taking part in a debate on
whether or not Ireland should have
mandatory data breach disclosure
laws. More details on the
seminar are available
here.
Identity Theft: A Real World Example
Marie Boran from the
Siliconrepublic.com challenged Brian
Honan to steal her identity by using
only information publicly available
on the Internet. Brian was not
allowed to break any laws, could
only use information gleaned from
online sources and could not contact
or collaborate with any of her
friends or colleagues. By the end of
the exercise Brian had gleaned
enough information to steal Marie's
identity. Marie has provided a
write up of the challenge on
The
SiliconRepublic.com.
BH CONSULTING WEBSITE UPDATE
We strive at BH Consulting to provide information that is
relevant and useful in securing and running your business. To this end we
provide a range of free whitepapers available for download
free from our
white papers page.
Don't forget to visit our
Security Watch Blog to keep up to date with the latest information
security news.
LATEST THREAT LEVELS
Get more information on the latest updates on current threats at
our online resources page;
FEATURES
SANS Training Coming To Dublin
SANS is returning
to Dublin in March 2009 to provide three training
courses.
SANS Dublin 2009 will run from the 9th of March
until the 14th of March, finishing up just in time
for St. Patrick's day. Not only is the quality of
the training superb, the networking opportunities to
meet with information security professionals from
all around Europe, and indeed the World, are
fantastic.
SANS Dublin 2009 should be even better, and We
are also pleased to announce that we are able to
offer a 10% discount to the readers of Security
Watch. To avail of this offer simply email us at
info@bhconsulting.ie and letting us know which
course you wish to attend. |
Irish Cyber Crime Survey Results
Some of the results from the 2007 Irish Crime Survey were revealed in
the SiliconRepublic.com.
The survey was compiled by the Irish chapter of the
Information Systems Security
Association (ISSA) and
University
College Dublin’s Centre for Cybercrime Investigation. The survey
looks at attacks and intrusions at both public and private organisations
during the course of 2007.
What is interesting is that 1 in 4 organisations surveyed admitted to
having experienced an external intrusion into their systems. While 30%
stated they experienced denial-of-service (DoS) attacks. In
addition, only 14% of those surveyed were concerned about employees
accessing data they should not, and only 8% rated internal intrusions in
their top three security concerns.
The full report is available from the
ISSA Ireland website.
Institute of International &
European Affairs Launches "The Next
Leap: Competitive Ireland in The
Digital Era"
The Tanaiste, Mary Hanafin, launched
the
Institute of International &
European Affairs' report "The
Next Leap: Competitive Ireland in
the Digital Era". This
report has been collated based on
the input of many of Ireland's
leading technology insiders,
including our own Brian Honan, and
is aimed at providing the Government
with insight into emerging trends
the future digital trends and how
Ireland can capitalise from the
opportunities presented by those
trends. The report also
highlights the need for a Computer
Emergency Response Team and
references the setting up of the
Irish
Reporting & Information Security
Service. The report is
available for download from the
institute's
website.
ENISA Release New Position
Paper
The
European Network and Information Security Agency have
recently released their latest position paper on “Security
and Privacy in Virtual Worlds and Gaming”. The paper
looks into the risks users of virtual online worlds and
gaming platforms face from issues such as malware attacks,
phishing and privacy issues
Safer Internet Day to Stay
The European Parliament have voted in favour of continuing
the
Safer Internet
Day initiative for another five years. Safer Internet
Day aims to make children, teenagers and young adults more
aware of the dangers they could face when online. BH
Consulting have been supporters of Safer Internet Day and we
are delighted to hear that it will continue on. Next year’s
event will happen on February the 10th and we plan to be
involved in it again.
The following actions are planned in
Ireland to mark the day:
- The Office for Internet Safety, the
National Centre for
Technology in Education, the
National Parents Council
(Primary),
Childline, and the
Hotline will host a joint Safer Internet Day event
in Dublin.
- An online quiz quest competition for
young people aged 10 to 15 years on both internet safety
and different aspects of European culture is currently
running; a prize giving ceremony will take on 10th
February 2009.
- A TV and online awareness raising
campaign focusing on the issue of cyber bullying will be
launched.
- The
NCTE will publish the findings of the
Webwise 2008 Survey
of Children’s Use of the Internet.
FREE SECURITY SCAN
In partnership with
Qualys, BH Consulting
are offering a free Network Security Scan so you can check how healthy
your network is. To find out more about what this service can do for you, visit
our free
Network Security Scan.
Alternatively contact
us or visit our website to get more details on our
risk assessment service.
This issue of Security Watch is being brought to you by BH Consulting.
If you have found this issue to be of use please support our drive to raise funds
for
Focus Ireland.
Each
Security Watch eNewsletter, and the special Security Alert issues, are produced
independently by the Windows IT Pro Custom Media Group and is distributed by
various Microsoft security partners. Each eNewsletter contains up-to-date
information about security strategies, technologies, and alerts. Each Security
Alert contains the latest information about security threats.
Additional news courtesy of
Silicon Republic,
Cnet,
Silicon and
Zdnet
To update your subscription to our newsletter
click
here. To unsubscribe click
here
|
