Security Roundup: GDPR, Holiday Cybercrime, Exabeam, Oculeus

GDPR's effects, seasonal upticks in cybercrime, improving security analyst productivity and battling telecom fraud.

Edward Gately, Senior News Editor

December 6, 2018

10 Min Read
Security Roundup

It’s now been more than six months since the deadline for compliance with the EU’s General Data Protection Regulation (GDPR), and many U.S. firms that process personal data on EU citizens or residents still are struggling with it.

A recent survey by the International Association of Privacy Professionals showed more than half of respondents still haven’t complied with GDPR, and one-fifth said that full compliance may be impossible. Also, the average organization spent $3 million on compliance efforts.

Since GDPR became law, California passed its Consumer Privacy Act of 2018, India has drafted a data protection bill and a new privacy law similar to GDPR was passed in Brazil.


ValidDatum’s Daryl Crockett

We spoke with Daryl Crockett, president and CEO of ValidDatum, to find out what’s keeping some companies from reaching GDPR compliance. ValidDatum helps clients with data-related project management and services, including data privacy, data security and GDPR compliance.

Many companies remain in denial that the regulations apply to them, she said. But now that the first fines and regulatory actions have started coming out of the EU, the enforcement actions and fines are “really going to increase within North America,” she said.

“What’s happening is they’ve just started to go after the European organizations or companies that these North American businesses are working with, and as these European citizens start to understand they they can flex their data subject muscles, then they’ll be able to exercise their rights against North American companies and this will lead to a lot more class-action suits,” Crockett said. “So what we see are these data subjects starting to ban together … against the corporate world.”

The biggest problem these companies are starting to run into is the amount of time that it takes to respond to a data subject’s access request, she said. A subject access request requires any company to turn over data it has collected on an individual.

Companies are given 30 days to respond to a data subject’s request, “and that’s a pretty short period of time, especially if you haven’t fully mapped out where all your data is and can put your hands on all the data that might be related to a particular data subject,” Crockett said.

“And the number of requests have started to increase, particularly in Europe, and a lot of the American companies obviously have European operations going on,” she said. “So they’re starting to realize the crush of responding to these data requests is just as bad as what they went through for the initial preparation. And companies are still trying to work through what data do they have, where this data is, who this data is about, why they’re keeping their data and who has access to this data.”

Digital companies likely will have an easier time with these requests, as all of a subject’s information is going to be stored in one place, Crockett said.

“But imagine if you’re a bank and you’ve done two or three transactions for a particular data subject over time, maybe over 10, 15, 20 years; you’re holding a combination of electronic records, emails, paper records and phone slips in a box somewhere,” she said. “If these data subjects know that they’ve done three real-estate transactions with you, and know what they should be expecting … and if you don’t provide that because you don’t have any good way of finding out where this data is within that short period of time, then you’ve got …

… a problem and then you’re going to be subject to fines.”

ValidDatum is helping companies understand what their “data universe” is, Crockett said. Once you know what you have, where that data is, who has access to it and who you share it with, the other obligations just become a normal part of your business, she said.

ValidDatum also helps companies set up standard operating procedures with a streamlined and connected process where “everybody within the organization from top to bottom really understands their responsibilities for data privacy and compliance with the law, and what their responsibilities are with regard to handling that data,” she said.

“Like with a lot of the legislation, this isn’t all bad because this is forcing companies to look at the data that they’re having and using, and collecting,” Crockett said. “And when you go through and you troll through those darker corners of a company’s data, you do have the option and the ability now to start to catalog that and let the companies know what data assets they really do have. When we go through and work with these companies, we often find processes that we can improve and we find data that they might find useful to running their organization a little bit better.”

Crockett is hoping to see national legislation with a uniform set of regulations so companies don’t have to worry about staying in compliance with various state data privacy and protection laws.

“Let’s hope that they get their act together and can put something together that makes sense based on the real-life lessons that we’re seeing coming out of the EU,” she said. “And you don’t just comply and you’re done. This is an ongoing process, so any time they bring on a new system, any time they change their systems, anytime they bring on a new employee, that all has to be a continuing process of compliance and it is an ongoing thing.”                

SonicWall: Black Friday, Cyber Monday Brought More Cybercrime

Holiday shoppers set e-commerce sales records on both Black Friday and Cyber Monday, continuing the trend of more online shopping rather than making the trip to the mall. And cybercriminals were out in force to take advantage of that increased online activity.

SonicWall found that:

  • Small Business Saturday experienced 919 percent more ransomware attacks compared to 2017,

  • The Thanksgiving holiday (Nov. 19-26) saw 889,933 more ransomware attacks than 2017,

  • On Black Friday alone, there were 28 percent more ransomware attacks compared to 2017, and

  • Cyber Monday continued the trend with a 347 percent increase in ransomware over 2017, and nearly 12 million total malware attacks.


SonicWall’s Bill Conner

Bill Conner, SonicWall’s CEO, tells us these waves of attacks have become seasonal and can also move with the ebb and flow of the market. While the effort of these criminals may be seasonal, the damage from these attacks isn’t and can have serious and long-term implications on businesses’ customer trust, brand reputation or even stock value if publicly traded, he said.

“One key takeaway for security providers and the channel is that cyberattackers will continue in their effort to stay one step ahead of security teams,” he said. “In this case, they seem to have targeted much more activity towards ransom-demanding malware than last year. Because it can be extremely challenging to predict where they are going, SonicWall recommends a defense in depth strategy. A tightly coordinated system of next-generation firewalls, full inspection of transport layer security (TLS)/secure sockets layer (SSL) encrypted traffic, robust cloud and on-prem email protection, multi-engine sandboxing, real-time deep memory inspection and …

… advanced endpoint protection is strongly recommended to thwart targeted attacks like this.”

Although the volume of malware continues to decrease, certain types of malware are becoming more lethal, Conner said. Perpetrators are perfecting their ability to target specific organizations and are relying on opportune times like the holiday season to launch attacks, he said.

“The threats that we are seeing today are as likely to target small businesses as they are enterprises, so this granular information gives SonicWall channel partners the ability to assess in real-time the threats their customers face and make sure their protection is up to date,” he said.

Exabeam Debuts Smart Timelines, Single User Interface

Security information and event management (SIEM) provider Exabeam has rolled out two new features, Exabeam Smart Timelines and a single user interface (UI), aimed at improving security analyst productivity.

The additions to its SIEM platform will offer improved detection, investigation and response to threats. The company also announced the general availability of its threat Intelligence service to its customer base.

Smart Timelines stitches together normal and abnormal behaviors for users and devices, as well as a single UI for its platform. This will put an end to “swivel chair incident response,” a common problem for security analysts where workflows require multiple products with different interfaces and credentials, according to Exabeam.


Exabeam’s Trevor Daughney

The launch is an opportunity for Exabeam partners to talk to their customers about augmenting their SIEM, said Trevor Daughney, Exabeam’s vice president of product marketingThey might be using a SIEM already, but they can “now offer them even better security management options,” he said.

“The other is to go in and replace a legacy SIEM and give the customer a whole new way of doing security management,” he said. “Smart Timelines not only helps with threat hunting and investigating, but also the response and remediation of the issue. You can only fix the threats you know of. Smart Timelines leads to fixing more threats in their environment by reducing amount of time, while increasing response rates. They can go in and talk to customers about revolutionary approaches. In both cases, there are service opportunities.”

Oculeus Unveils Telecom Fraud Protection Service

Oculeus has launched a cloud-based enterprise telecoms fraud protection service aimed at allowing enterprises to protect their communications networks against false charges resulting from PBX hacking and toll fraud independent of their telecommunications service provider.

Oculeus-Protect begins providing protection by profiling the enterprise’s communications network and building a baseline of expected telecommunications activities. The technology then continuously monitors the …

… enterprise’s communications network for traffic anomalies and other patterns that are typical of telecoms fraud.

Any suspicious traffic is sent to a fraud detection engine, which is located in Oculeus’ cloud environment, and if confirmed to be fraudulent, is blocked instantly.


Oculeus’ Arnd Baranowksi

Arnd Baranowski, Oculeus’ CEO, tells us the new service will benefit his company’s channel partners and will create new opportunities for them to expand their portfolio of offerings and better serve their customers.

“For example, a telco or managed service provider can partner with us and resell as a value-added telecoms fraud protection service to its enterprise or business customers based on the offering we provide by our Oculeus-Protect service,” he said. “In this scenario, the service can run from one of our existing cloud deployments or from the channel partner’s cloud environment.”

Oculeus’ channel community has been growing steadily, especially in the communications segment, Baranowski said.

“The need for better telecoms fraud protection is clear and our unique approach for reducing the risks of PBX hacking and toll fraud is enabling us to expand our relationships with our telco and MSP partners, and is attracting the attention of PBX vendors,” he said.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like