Saturday, June 01, 2013

Parts is parts!

I spoke today with an Infosec guy from one of the global restaurant chains. The chain has restaurants in over half of the countries around the world. It's one of the big ones.

While duly impressed with the alliance, portal, comms, and the fusion reports, he says to me at the end of the demo 'you don't seem to have any other companies like ours in the Alliance'. Then I thought... so let me take a crack at understanding your concerns as an Infosec guy in a big company...
  1. You probably handle a ton of card transactions and are worried about even small losses caused by card fraud and theft.
  2. You're probably worried about losses of ACH transactions destined for your supply chain.
  3. You're probably worried about online e-commerce transactions (in fact, this company is at the top of the charts when it comes to online ordering!) 
  4. Last, you're probably worried about shipping and logistics, with the right stuff ending at the right place, every time. 
So, do we have other restauranteurs in the alliance? No, but let's think about this for a moment.
  1. Our members process a very high percentage of all credit card transactions in the world (and they understand the treats to payment systems companies!).
  2. They transfer huge numbers of ACH transfers, from and to, nearly every country in the world (as does every company in the alliance today).
  3. Every one of our companies relies on the internet. While perhaps not relying on the net for the number of transactions, they all rely heavily on e-commerce. 
  4. And shipping and logistics? Every company that I work with today picks something up somewhere, and puts it down somewhere else.
Regardless of industry, all of our members have these four things in common. Add to that targeted attackers aggressively chasing them, and competitive pressures of both legitimate competition and economic/corporate cyber espionage. All of the stories are true. These guys are busy. They're all in the same boat, and beyond chasing espionage threats to intellectual property, they ALL chase (big) cyber threats to (big) money movement, supply chain, logistic losses, and automation and supply chain movement of something.... every single one.

So tell me, do you worry about these issues Mr. Restauranteur? What about you Ms. Retailer? Mr. Attorney? I kinda joke.. when we're all standing around with our pants down, at least half of us are going to have the same parts. Sizes, shapes and colors may differ, but parts is parts.

BT BT

There's a ton of stuff happening around Red Sky Alliance these days. 

  • This week we released our 49th Fusion report detailing a new malware variant from a known actor. Analysis of the related infrastructure revealed two hosting networks which have been linked to a variety of APT activity. 
  • On the portal side, things are looking up; our user adoption rate peaked last week with the participation level reaching an all-time high! Additionally, we're getting inputs from non-members who are experiencing APT events. Our referral rate is growing too!
  • We authored and published our 10th intel report this week, detailing activities of another group of actors (no, not APT1.. that's been done already).
  • Last, our CIO attended the NIST framework discussions in Pittsburgh all week. He's coming home spent, but says it was a productive week.
And in the Lab? 

Until next time, have a great week!
Jeff