The National Cyber Security Summit in London last week provided some real food for thought. It’s a conference that we’ve actively supported over the last two years as we passionately believe international collaboration is one of the keys to successfully addressing the challenge of national cyber security.

This year’s stand out speaker was  Major General Jonathan Shaw, head of the defence cyber operations group at the MoD. The MoD have taken responsibility for allocating the UK governments 650 million pound investment in national cyber security infrastructure and are thus under the national microscope.

Two contrasting studies have been published in the last few days that caught our attention

First, The Ponemon Institute published a piece of research that explores the true cost of a data breach, looking specifically at the impact on brands and company reputations. We’ve long been of the opinion that organisations radically underestimate the real cost of data leakage, and as a result tend to under invest in the tools to prevent, identify and remediate security issues, so it was fascinating to see an organisation attempt to quantify ‘true cost’.

We stumbled across an interesting blog post from Brian Krebs (KrebsonSecurity) this week titled APT: Persistence Pays Off that struck a chord with us. The blog argues that the safest way for an organisation to behave in today’s world is to assume that their security defenses have been breached and to operate accordingly. Brian argues that any organisation that doesn’t think that they’ve been breached isn’t paying close enough attention. It’s certainly an interesting perspective.

The article highlights the case of an international hedge fund that discovered (after a phone call from a friendly stranger) that they had at least 15 compromised PCs within their organisation and had absolutely no knowledge or visibility of the highly sensitive information that was leaking. The reality is that any company that has valuable intellectual property is a target for cyber attacks.

We’re delighted today to announce the release of Endace Security Manager 6.0, the latest incarnation of our high-performance Network Intrusion Detection System

ESM 6.0 is an important release and, for the first time, sees SNORT move from being a native feature of OSm (our Operating System for Monitoring) into a virtual container on the Endace System. This means that ESM (which includes the SNORT image) will sit alongside third-party applications hosted in the Endace Application Dock. It of course retains its place as a core feature of our Application Suite which is included as part of the base configuration for all Endace Systems.

Over the last couple of years there has been much debate inside the community about the performance impact associated with ‘virtualising’ SNORT (as opposed to a running it natively) and the engineering team here in New Zealand have worked extremely hard to optimise our implementation. We are extremely pleased with the results and can announce that the impact on SNORT performance is officially ‘negligible’.

The ‘in band’ v’s ‘out of band’ debate continues to rage and we find ourselves discussing the pros and cons of IPS v’s IDS with customers on a regular basis. To this day, we’re still surprised by the number of IPS implementations that we discover deployed in ‘passive mode’, with the engineers responsible admitting to being “too scared to turn blocking on”.

The reality is that IPS and IDS are different horses which are designed for different courses.The debate isn’t IDS or IPS, its actually IPS and/or IDS.  IPS are useful for organisations that don’t have the local resources (typically in the form of a SOC) to manage infections and outbreaks within the network. A high performance IDS is the right solution for those that do. At Endace we think of IPS as a kind of ‘SOC in a box’.

As a nation we’re obsessed by brands. They’re everywhere and whether we like it or not, in today’s ultra-connected world, they matter – government agencies are hiring branding agencies to help them manage their public ‘image’. If you look closely at some corporate accounts ‘brand’ is starting to appear as an asset on the balance sheet. Whether you agree or not isn’t the point, the fact is that they are and that matters.

For purists (like me), brand is really just a synonym for corporate reputation. You can’t buy your way to reputation: you earn it over time. You do the hard yards and you build it piece by piece, customer by customer, recommendation by recommendation.  All the advertising dollars in the world won’t buy you brand equity (they will just buy you brand awareness). If you treat your customers like dirt, your brand will be dirt. That bit at least is very straightforward