SKYBOX SECURITY: FINANCIAL SERVICE ORGANISATIONS MUST CHANGE APPROACH TO VULNERABILITY MANAGEMENT TO STAY AHEAD OF REAL-WORLD THREATS

Threat-Centric Vulnerability Management identifies the true risk of vulnerabilities, focuses action where it’s needed most and prioritizes imminent threats.

Skybox Security, a global leader in cybersecurity operations, analytics and reporting solutions for major banks and financial institutions including Barclays, Credit Suisse and Standard Chartered, today announced the availability of threat-centric vulnerability management (TCVM) for the Skybox™ Security Suite, signaling a fundamental shift in the approach to managing and prioritizing vulnerabilities.

TCVM changes vulnerability management from an exercise of trying to patch “everything all the time” to focused, intelligent action that considers real-world threats.

At the launch of TCVM, Skybox updated on the major trending event categories impacting organizations including banks, insurers and other financial institutions today: the use of a specific, commercialized set of exploit kits, the rise of targeted client-side vulnerabilities and the continued popularity of Internet of Things (IoT) botnets.

  • A small, targeted number of exploit kits are dominating the dark web. In the first part of this year, five major exploits kits dominated chatter on the dark web, targeting nearly 70 vulnerabilities in Firefox, Adobe Flash, Microsoft Internet Explorer and Edge, Java, Microsoft XML Services and more. These vulnerabilities are known to distribute different malware as payload — for example, popular ransomware and banking Trojans.
  • Threat actors continue to target specific vulnerabilities included in exploit dumps by hacker groups such as The Shadow Brokers. The group, notorious for allegedly leaking the National Security Agency (NSA)’s hacking tools, continues to pepper the dark web with exploit dumps like the major one on April 14 that contained many OS and server-side exploits. These dumps and targeted vulnerabilities impact web apps built with Apache Struts plus VMware, Cisco, Oracle and Microsoft products, to name just a few.
  • Poor IoT security is still vulnerable. Botnets are exploiting vulnerabilities in network devices, gateways, cameras and other internet-connected devices, delivering distributed denial of service (DDoS) attacks through things like the ‘HTTP Port 81 Botnet’ and the Amnesia botnet which is the next generation of Mirai malware after source code was published and shared online.
ALSO READ:
It’s time to bin receipts: ParcelHero calls for an end to wasteful paper receipts

With the Prioritization Center in Skybox™ Vulnerability Control, security leaders at financial and other organisations  can automatically analyze the thousands — even millions — of vulnerabilities in their environment (including cloud and virtual) to pinpoint those that are truly putting their organization at risk. This means narrowing a huge volume of “known” vulnerabilities that are potential threats down to a small, manageable number of vulnerabilities that are identified as imminent threats — exposed vulnerabilities known to be exploited in the wild. In addition, TCVM enables a systematic approach for ongoing, gradual risk reduction of potential threats that could escalate in the future.

Skybox TCVM leverages ongoing intelligence of the active threat landscape produced by the Skybox™ Research Lab. The Lab aggregates information from more than 30 security data feeds along with research of exploits available on more than 700,000 dark web sites and validated by Skybox’s security analysts.

“Security leaders understand that the threat landscape is always changing. The difference now is that we’re seeing the growth of an increasingly commercialized cybercrime market. This is making it easier than ever for threat actors to attack, adjust and attack again until they accomplish their objective,” said Skybox CEO Gidi Cohen. “They tend to aim for the easy targets — and the biggest ROI — by exploiting a surprisingly small number of vulnerabilities, many of which current vulnerability management approaches don’t consider as priorities. This has to change. Security leaders have to be smarter and way more targeted in their approach — aligning it to what’s happening in the real world — if they are to stay ahead of cybercriminals.”

ALSO READ:
What Is An Executive Summary

Skybox TCVM makes focused action possible by combining attack surface visibility, threat-centric vulnerability intelligence and attack vector analytics to identify and prioritize an organization’s biggest risks according to vulnerabilities known to:

  • Exist and are exposed in the network
  • Be actively exploited in the wild; or known to be attacked within a specific industry or geography
  • Have an exploit available, but are not known to be part of an active exploit campaign
  • Exist but are not exposed in the network

Threat-centric approaches to vulnerability management require the use of multiple technologies using several different types of security analytics. Skybox is the only company that brings together and automates the technology stack that makes TCVM possible. Skybox is also the only vendor that correlates network context (using network modeling and attack vector analytics) with real-world threat intelligence.

To learn more about Skybox TCVM and the Skybox Research Lab, click here.

Most Read on Global Banking & Finance Review

WHAT YOU NEED TO KNOW TO INVEST IN STOCK MARKET What you need to know to invest in stock market
How to build wealth investing in assets other than stocks Most people aspire to build sufficient wealth so they can lead a happy and comfortable life. One of the best ways to create wealth is by investing in the stock market. The stock market can help one become a millionaire; if not instantly, at least in some years. The problem though with the stock market is the risk involved. When you buy a company’s shares, you would hope the share value shoots up so you can make money. However, it is possible that not only you don’t make money, but you can end up losing the money you invested. This is an inherent risk when you invest in the stock market. The stock market has its ups and downs. You need patience and perseverance to make money from the stock market. It is not for those who panic whenever the market crashes. All those who do not want to invest in the stock market, would have a question – Are there avenues to create wealth other than the stock market? We discuss the answer to this question in this article. Read on to know more. 1. Debt instruments Stocks and shares are equity investments. When you buy stocks, you are buying equity of that company and are becoming one of its owners. Debt investment on the other hand is money that a company borrows from you. Whether it is the Government or a private company, when there is a need for money, they can borrow it from the public. The mode they use to raise this money is referred to as a debt instrument. This includes securities, bonds, and debentures. When you invest money to buy a debt instrument, you are lending money to those offering the debt instrument. In return for your money, they assure you of paying interest. However, the interest offered would be low, it would not be comparable to the interest you get from stocks. The major advantage of debt instruments is that the capital you invest is safe.Even if the company closes down you get first priority to get back your money. You may not be able to earn big money, but this is a modest way of creating wealth whilekeeping your capital safe. 2. Real estate Other than stock, the major asset where you can invest to build wealth is real estate. This refers to property, which could be land or buildings. It could be a residential property or a commercial property. You can invest your money topurchase real estate. There is always demand for land and space is at a premium especially in big cities. Real estate would appreciate in value. You can buy a property and retain it for a few years, until its market value increases. You can then sell it to earn a neat profit. When you own real estate, you can rent it out or lease it and earn money. You can earn regular income in this way and it helps you to accumulate wealth. You can always sell the property anytime and build wealth. There are other ways of using real estate to create wealth. You can buy a property and renovate it, so that its value increases. You can then sell it at a higher rate. This is slightly risky as you are spending a lot of money. In case of a downturn in real estate prices, you may not be able to make a profit. Buying real estate requires a lot of money to be invested. Before you buy real estate, you need to study and understand the market and be able to predict how the market would behave in the future. If you do not have a lot of money to invest in real estate, but want to reap its benefits, you can consider investing in REITs. A REIT is a Real Estate Investment Trust. Here, you buy units of the trust with any amount you want. You would own that many units. The REIT would be listed in the exchange and they would use investor funds to buy real estate. REITs mandatorily have to pay out 90% of their income as dividends. You can earn money from real estate without actually buying property, thanks to REITs. 3. Precious Metals Precious metals are assets that can help you create wealth. These include gold, silver, and diamond. You can buy precious metals and hold them for a few years. Generally, the value of precious metals increases over time. After a few years, you can sell them to make money. This is a physical asset that you actually own and can be kept in your possession. The downside is that there is a possibility of the value of these precious metals declining. Precious metals also need to be safeguarded and there is a risk of theft. 4. Bank deposits Banks collect deposits and use this money to lend to those who need it. In return for depositing money in the bank, you would be paid interest by the bank. You would get a certificate of deposit that you could encash on maturity (a fixed period of time). You can regularly invest in bank deposits and build a deposit ladder. By the time you retire, every year you would have a deposit that would mature and give you money.This would be useful for your retirement or any other purpose. Bank deposits though do not yield high interest. The interest rate is low.Just like debt instruments, it is a safe way of investing money. This is virtually no risk, as the bank guarantees the payment of your money. You may not be able to create huge wealth, but it can help you earn a good amount of money in a risk-free manner. 5. Collectibles Collectibles are physical assets just like precious metals. They refer to collectors’ items like artwork, coins, antiques, etc. When you buy paintings and antique items, they are valuable assets. You invest money and buy the assets that you can own and display in your home or office. Collectibles usually increase in value in the course of time. When you needmoney or when the value of the collectibleshas risen sufficiently, you can sell them to make a good profit. Collectibles are a good way of creating wealth. You have would read about rare coins and paintings that have been bought by collectors for millions. If you are lucky, you can earn big through collectibles. Even otherwise, they are valuable assets that can fetch your money. The risk though is you need to have a knowledge of the subject to be able to know which collectible item is of value. Without proper knowledge, you can end up buying something that may be a dead investment. 6.Lending money to others If you have cash on hand, you can lend this money to others and earn interest on it. Lending money is a good way to make money, as interest rates offered by private lenders are high. The risk though is that you can have problems collecting your money. If the person who borrowed money from you defaults, then you would be in trouble and have to go to court to file a suit to get back your money. Of late, peer-to-peer lending platforms have become popular. These platforms act as a forum for lenders and borrowers to come together. A borrower can find a lender who can lend money at the best possible terms. This can be beneficial as you offer money on loan using this platform and find borrowers who would pay you regular interest. You can evaluate the borrowers and lend to the one whom you are comfortable lending. You can sign a contract before lending money. The major advantage of these lending platforms is that you can diversify your lending. Instead of lending 10,000 to one person, you can lend 500 to 20 persons and thus diversify your risk. Even if two or three of them default, you can still earn good returns from the others. 7. Investing in a business The top wealthy people in the world (other than monarchs) have all made money by creating brands that have grown and become top corporations. Investing money to start a business is a great way of building wealth. Of course, you need to have knowledge about the products/services that you are planning to sell. If you do not have sufficient money, you can find a partner with whom you can work to start a business. As the business grows, you would be able to earn profits from your business. If you can successfully build your brand, you can hope to become rich beyond your dreams. Thanks to the growth of venture capitalists, it is very easy to get funding for any amount. All you need is an idea and a clear plan on how you can monetize this idea. If you have a workable idea, you can convince investors to invest big money in your business. In return, they would own a part of your company. There are many stories of entrepreneurs who have become millionaires and billionaires by starting a business that provides something of value to customers. As the owner of a business, you would own assets of value and would also have the satisfaction of contributing to the economy. This is a good way of investing money to build wealth. The only risk is that if your idea fails, you can end up losing money. 8. Starting a franchise business Starting a new business requires many years of hard work in building its reputation, so that it can help you earn profits. If this sounds like a difficult proposition for you, then you can consider investing your money to start a franchise company. Franchising is where an established brand allows you to start a business in their name. Top brands like McDonald’s, Pizza Hut, 7-Eleven, Snap Fitness, Baskin Robbins, and many others invite franchisees to open their branches/outlets across the world. You can start a business in the name of the reputed company. The advantage is that you need not worry about building a brand, as the company in whose name you are running a business is already well-known. It is thus easy to market their products/services. They would also help in managing the operations. In return, they take a percentage of your earnings. This is a good proposition but would call for investing sizeable money.You would need to convince the brand to grant you a franchise license. 9. Doing business online The growth of the internet has led to many opportunities. You can start an online business without having to invest much money in buildings and office space. The beauty of an online business is that it can be run from your home or garage. All you need is a computer with internet connectivity and products/services that you can sell. You can also register your products for sale on popular e-commerce portals like Amazon. They would take care of even storing and delivering your product. All you need is a product that customers would be interested in. 10. Invest in yourself Yes! You can invest in the most important asset that is yourself. You can invest time and money in learning new skills, acquiring an additional qualification, or getting certifications that can help you in your line of work. Investing in yourself allows you to become a valuable asset for the company where you work or for the customers who work with you. This can help you earn more money and grow in your career. Improving your personality and enhancing your skills can help you achieve great success in your career. This is a sure fire strategy to build wealth. It is possible to create wealth without the risk of investing in the stock market. With a little amount of research, you can invest your hard-earned money in a systematic way in any of these assets and look forward to building wealth over a period of time. How To Build Wealth Investing In Other Assets Besides Stocks?
How the big banks have maximised the Open Banking opportunity How the big banks have maximised the Open Banking opportunity
Millennials: they don’t just want a paycheck; they want a purpose
The Future is here- AI and Machine Learning in Financial Services The Future is here- AI and Machine Learning in Financial Services
10 Skills That Aren't Being Automated 10 Skills That Aren’t Being Automated
Brian Harris The three biggest Fintech challenges facing the industry right now
How Social Media is influencing purchasing decisions How Social Media is influencing purchasing decisions


More From Global Banking & Finance Review

Boost your chances of getting a top financial position with these tips
The Human Touch: Biometrics Yesterday, Today and Tomorrow The Human Touch: Biometrics Yesterday, Today and Tomorrow
Africa has all the ingredients of replicating the Asian success story with the right policy initiatives Africa has all the ingredients of replicating the Asian success story with the right policy initiatives
The Power of AI and Big Data The Power of AI and Big Data
Latin America: An e-commerce continent on the rise Latin America: An e-commerce continent on the rise
Digital Assets and Banking: Who Will be The Winners and Losers in the Knowledge Economy
The Nasdaq Index is now worth double the value of the Dotcom boom – How long before the bubble bursts?
Financial services firms and innovation : How thinking small can pay off
Global Banking & Finance Review small logo
Global Banking & Finance Review® is a leading financial portal and Print Magazine offering News, Analysis, Opinion, Reviews, Interviews & Videos from the world of Banking, Finance, Business, Trading, Technology, Investing, Brokerage, Foreign Exchange, Tax & Legal, Islamic Finance, Asset & Wealth Management. Copyright © 2010-2019 GBAF Publications Ltd - All Rights Reserved.