Episode 2: Lunch Event at the Palms - Nashville, TN
Q: J. Peter, where are you?
A: Greetings! J .Peter here and this week I’m in Nashville Tennessee. When I think of Nashville I think of country music and the Grand Ole Opry. The Grand Ole Opry was founded nearly 100 years ago in 1925 and is a weekly country music stage concert that has hosted all the greats over the years. Did you know it’s the longest-running radio broadcast in US history? It’s also a hotspot for Pokemon Go players. I caught several new ones right in front of the place. But I digress.
Nashville also makes me think of the movie “The Thing Called Love”. A 1993 film about four young song writers trying to get their music noticed. Starred River Phoenix, Samantha Mathis, a young Sandra Bullock and a young Dermot Mulroney.
Q: Why are you there?
A: I’m here in Nashville TN to Keynote a lunch event sponsored by Mimecast. It’s held at the Palm Restaurant in downtown Nashville. I’ve done events at Palm’s before in Orlando, Chicago, Colorado, Atlanta, Las Vegas, and Philly and I’m a huge fan of this location as a venue. Should have about 25 in the audience and I’m looking forward to having a lively discussion about Office 365.
Q: What are you there for?
A: I’m going to discuss with the audience a comparison between the big switch that occurred by in the day with a move to electricity being generated as a utility as opposed to it being generated on-premises and our day, where we are moving from on-prem to the cloud. This comparison was brought to my attention by Nicholas Carr in his book “The Big Switch” and I like to tell the story for the audience. By the end of the discussion we hone in on Office 365 rhetoric vs. reality and I point out several areas where there is a need for enhancements in areas like Security, Compliance and Archiving, and increased availability or continuity. At the end of the event, I answered questions from the audience and then give everyone a copy of the book “Conversational Office 365 Risk Mitigation” sponsored by Mimecast.
One question that came up was “how is Microsoft’s archive solution different from a third-party?” I explained that Microsoft doesn’t have a traditional archive solution which goes beyond eDiscovery and offers user interactivity (aka a read-only archive), nor does it allow for data agility or portability as a separate data bank solution. Rather, it’s simply legal hold on all mailboxes, which does provide for eDiscovery but does not reflect the modern advancements we’ve come to expect from an enterprise-grade archive solution. It was a good question I thought.
Q: Last question, right now Ransomware is a big topic in the news, can you tell me what you’ve heard recently on it?
A: Another question involved how Office 365 handles advanced threats like ransomware. Well… if you have an E5 plan or pay extra for their advanced threat protection, it includes a sandboxing solution that can help against attachments that might include a ransomware attack. Recently a macro-enabled Word document ransomware attack attracted a lot of attention in the news because it made it through Office 365 defenses until they eventually caught it and updated their security solution to spot it. Typically that happens from time to time. Something gets through initially until it’s discovered and blocked. It’s one of the reasons I preach defense in depth. If one solution doesn’t have the fix than the other one might. I also like having solutions that offer different features. For example, Mimecast does sandbox too but first it does document conversion. So a file that comes in with ransomware in a weaponized attachment would have been rendered ineffective due to the document conversion process. That’s something Microsoft simply doesn’t have. So by layering your security approach you have a much better chance of protecting your organization from the modern threats that come our way, whether ransomware, impersonation attacks, spear phishing, whaling and so on.
Hey, I hope you’ve enjoyed following me to Nashville Tennessee
Where am I going next? The ITLA Conference in Washington DC!!!
August 17, 2016
I am in the middle of my second week here at Mimecast and am excited to focus on all things security. The timing of my arrival is good as we just released important new data around malicious insiders. Here’s my take on the topic …
There’s nothing worse than being hit with a surprise attack from behind – especially by a previously trusted person. In the military, surprise rearguard actions can be very effective for the attacker and very debilitating for the defender. In a sense, cyberattacks from malicious insiders are a form of a digital rearguard action.
Today, most IT security defenses are set up to defend against external attackers, be they cybercriminals in search of money, nation states pursuing strategic advantage, or hacktivists with a politically driven agenda. And, this allocation of resources does make some sense, as most attacks do come from outside the organization – but not all. Attacks also do come from the inside. And, these attacks, when originated by trusted insiders, have proven to be extremely damaging.
In one recent example, this past July a Citibank IT engineer was sentenced to 21 months in prison for using his administrative access to wipe out nine of the company’s network routers, bringing down 90% of Citibank’s network. In Mimecast’s new survey 45% of respondents picked “Malicious Insider Attack” as their number-one perceived security vulnerability. Clearly, this is an area deserving greater focus.
Your security program needs to be based in reality. You need to honestly assess both the trustworthiness of your insiders, the amount of damage they could reasonably do if they had both the motivation and opportunity, and how much security controls can be applied given the culture and practices of the organization. Reasonable controls for malicious insiders need to be put in place to reduce the business risk to an acceptable level.
Most security programs don’t sufficiently factor in controls for the malicious insider. This is unfortunate as there are some basic ones which are cost-effective and also helpful when it comes to protecting against malicious insiders and even those who are non-malicious insiders, as well as external attackers.
Here are four tips to help reduce the risk of a malicious insider attack:
- Use role-based access management, in particular on critical systems and for highly privileged users, such as IT administrators. This approach limits the ability of malicious actors to do damage.
- Don’t make it easy for the malicious insider to steal your data. Monitor and block the movement of sensitive data outside the organization via email, ftp, and via the web.
- Train employees – regularly. The more eyes you have on this area of risk the better. Help your team understand that “if they see something, say something.”
- Update your incident response plan to include how to guard against and respond to malicious activities by insiders. This will definitely need to involve more than just your IT and Security departments – include HR, legal and PR.
August 10, 2016This past week Mimecast had the pleasure of attending the Black Hat Event in Las Vegas, NV. The atmosphere was energetic and our booth, although small, was mightier than any other booth on the floor. The Mimecast team varied members from marketing to sales and soared through engaging everyone at the event. With a “#MimecastBHAT giveaway” grouping to dazzle the masses, we gave away a Mini-Segway and some fabulous Bose ™ headsets.
Below is a small recap of what happened, so you can feel like you were able to attend. Let us be the eyes and ears for an event that truly thrilled the masses.
Arriving in Las Vegas, NV around 5:30pm, the Mimecast team was just in time to make it to a great party that was at Red Square in the Mandalay Bay Resort and Casino. It was here where we announced some big news with PhishMe, take a look here.
Lights, camera, action! What a moment, our very own Cyber Security Strategist, Bob Adams, was able to kill it in his interview with Dark Reading, click play to watch the full interview below.
Full house, no problem. Bob Adams, yet again, drove the Mimecast message to the audience on how important understanding email attacks are. “Ransomware is occurring more and more and we need to do something to stop it, educating others is the first step,” said Bob. Stay tuned, as we will update shortly with his impactful presentation.
Back in the booth: Mimecast shares the love on the tradeshow floor. Interested in seeing all of the people who entered our #MimecastBHAT contest, click here. We gave away Bose headsets and a grand prize of a Mini-Segway!!!
Who doesn’t like working on solving problems with clients? At the event, we got to see so many customers and meet many new prospects. Thank you to everyone who stopped by booth 1366. We really loved getting to know you just a little bit better.
Time to announce the winners of Day Two of the Selfie contest, we had some great entries, but in the end, these three took home some great swag.
After an amazing few days, a few cold beers and lots of entries it came down to the top “Selfie” taken and it went to @SecuritySean. Congrats to all who entered. And get ready for our next event. We will see you all at Microsoft Ignite next month.
Episode 1: Microsoft Worldwide Partner Conference in Toronto, Canada
Q: J. Peter, where are you?
A: Greetings! This week I’m in Toronto Canada. Toronto is an interesting place to visit. Whenever I visit a city I like to do a couple of touristy things. Here in Toronto I went up the Toronto CN Tower, visited the aquarium, and went to Casa Loma (which, if that doesn’t ring a bell, it’s a huge castle-like house built in 1914 and, most importantly, it has been used in the XMen movies for Xavier’s School. One other cool thing about Toronto is that it’s only 1 hour and a half from Niagra Falls, which is an amazing place.
One cool geeky note is that Nikola Tesla and George Westinghouse created the first major AC current hydroelectric power plant in Niagra Falls in 1895 and there is a statue of Tesla right near the falls on the Canada side.
Q: Why are you there?
A: This week I’m at the Microsoft Worldwide Partner Conference here in Toronto Canada. It’s completely booked out with partners and attendees. The vibe is positive and upbeat although there is a slight tension due to world events with an added layer of police protection.
Microsoft is not oblivious to the times and the Keynote was kicked off by a singer and poet named K-naan with his song “Waving Flag”. He was joined on the stage by a group of children from all parts of the globe singing the song beautifully in acapella at the end. I think I saw a few tears… or maybe I shed a few tears. Hey… no judging.
Q: What are you there for?
A: I’m here at the Microsoft Worldwide Partner Conference in Toronto Canada for several reasons. First off, I’m here to cover the event as a journalist for InfoWorld. I write the Enterprise Windows column. Second, I’m here to gain insight on the future goals of Microsoft, especially with regard to the cloud and Office 365. I can use that insight in my writing and speaking engagements, and it’s especially helpful when I travel and speak for Mimecast about developments on the Microsoft side with Exchange and Exchange Online.
Typically when I attend WPC I attend the Keynote and then spend most of my time talking to vendors in the expo to see what they’re working on, what they feel is important and what is the overall focus on the floor. It’s a good show. Very different from others I typically attend like Ignite or Techmentor where the vibe is more IT admin focused. WPC is more business and partner focused.
Hey, I hope you’ve enjoyed following me to Toronto for WPC 2016.
Where am I going next? Nashville Tennesee!!!