'IPAS 2018' holds in Tehran

5 emerging security technologies set to level the battlefield

The war between data defenders and data thieves has been described as a cat-and-mouse game. As soon as the white hats counter one form of black-hat malicious behavior, another malevolent form rears its ugly head. How can the playing field be tilted in favor of the infosec warriors? Here are five emerging security technologies that may be able to do that.


1. Hardware authentication
The inadequacies of usernames and passwords are well known. Clearly, a more secure form of authentication is needed. One method is to bake authentication into a user's hardware. Intel is moving in that direction with the Authenticate solution in its new, sixth-generation Core vPro processor. It can combine a variety of hardware-enhanced factors at the same time to validate a user's identity.
ntel has built on previous efforts to dedicate a portion of the chipset for security functions to make a device part of the authentication process. Good authentication requires three things from users: what they know, such as a password; who they are, such as a username; and what they have, such as a token. In the case of Authenticate, the device becomes the what-you-have.


"This isn't new," said Scott Crawford, research director for information security at 451 Research. "We've seen this in other manifestations, such as licensing technologies and tokens."


Hardware authentication can be particularly important for the Internet of Things
(IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it.
However, Crawford noted, "The most immediate application for the technology is for authenticating an endpoint in a traditional IT environment — laptops, desktops, and mobile devices using Intel chipsets."


2. User-behavior analytics
Once someone's username and password are compromised, whoever has them can waltz onto a network and engage in all kinds of malicious behavior. That behavior can trigger a red flag to system defenders if they're employing user behavior analytics (UBA). The technology uses big data analytics to identify anomalous behavior by a user.

"There's a lot of interest in this in the enterprise," 451's Crawford said.

"User activity is the number one concern of security professionals."
He explained that the technology addresses a blind spot in enterprise security. "Once an attacker gains entry into an enterprise, what happens then?" he asked. "One of the first things they do is compromise credentials. So then the question becomes, Can you differentiate between a legitimate user's activity and an attacker who has gained entry, compromised a legitimate user's credentials and is now looking for other targets?"

Visibility into activity that does not fit the norm of the legitimate user can close a blind spot in the middle of the attack chain. "If you think of the attack chain as initial penetration, lateral movement, and then compromise, theft, and exfiltration of sensitive data, the middle links in that attack chain have not been very visible to enterprise security pros, and that's why the interest in user behavior analytics today," Crawford said.

Comparing a user's present behavior to past behavior isn't the only way UBA can identify a malicious actor. "There's something called 'peer analysis'," explained Steven Grossman, vice president for program management at Bay Dynamics, a threat analytics company. "It compares how someone is behaving compared to people with the same manager or same department. That can be an indicator that the person is doing something they shouldn't be doing or someone else has taken over their account."

In addition, UBA can be a valuable tool for training employees in better security practices. "One of the biggest problems in a company is employees not following company policy," Grossman said. "To be able to identify those people and mitigate that risk by training them properly is critical."

"Users can be identified and automatically signed up for the training appropriate for the policies they were violating."



3. Data loss prevention
A key to data loss prevention is technologies such as encryption and tokenization. They can protect data down to field and subfield level, which can benefit an enterprise in a number of ways:

Cyber-attackers cannot monetize data in the event of a successful breach.
Data can be securely moved and used across the extended enterprise — business processes and analytics can be performed on the data in its protected form, dramatically reducing exposure and risk.
The enterprise can be greatly aided in compliance to data privacy and security regulations for protection of payment card information (PCI), personally identifiable information (PII) and protected health information (PHI).
"There's been a lot of security spending over the last several years, and yet the number of records breached in 2015 went up considerably over the prior year," noted 451's Crawford. "That's contributing to the surge in interest in encryption."

However, as John Pescatore, director of Emerging Security Trends at the SANS Institute, points out, authentication plays an important role in data loss prevention.

"There can’t be strong encryption without key management, and there can't be key management without strong authentication."


4. Deep learning
Deep learning encompasses a number of technologies, such as artificial intelligence and machine learning. "Regardless of what it's called, there a great deal of interest in it for security purposes," 451's Crawford said.

Like user behavior analytics, deep learning focuses on anomalous behavior. "You want to understand where malicious behavior deviates from legitimate or acceptable behavior in terms of security," Crawford explained.

"When you're looking at activity on the enterprise network, there's behavior that's not user behavior but is still malicious. So even if it's looking at behavior, it's looking at a slightly different application of behavioral analytics."

Instead of looking at users, the system looks at "entities," explained Brad Medairy, a senior vice president with Booz Allen. "Exact business analytics and recent developments in machine-learning models mean we are now able to look at the various entities that exist across the enterprise at the micro to the macro levels. For example, a data center, as an entity, can behave a certain way, similar to a user."
Use of machine learning can help stamp out the bane of advanced persistent threats, added Kris Lovejoy, president of Acuity Solutions, maker of an advanced malware detection platform. "With its ability to decipher between good and bad software, at line speed, machine-learning technologies will offer a significant boon to security practitioners who seek to decrease time to advanced threat detection and eradication," she said.

Crawford said he expects investments in deep learning for security purposes to continue. He added, however, that "the challenge for enterprises is there are a lot of companies coming to market with similar approaches for the same problem. Differentiating distinctions from one vendor to another is going to be a major challenge for enterprises in the coming year and beyond."


5. The cloud
"The cloud is going to have a transformative impact on the security technology industry generally," Crawford said.

He explained that as more organizations use the cloud for what has traditionally been the domain of on-premises IT, more approaches to security that are born in and for the cloud will appear. On-premises techniques will be transitioned to the cloud. Things such as virtualized security hardware, virtualized firewalls, and virtualized intrusion detection and prevention systems. But that will be an intermediate stage.

"If you think about what an infrastructure-as-a-service provider can do on a very large scale for all of its customers, there may not be the need to pull out all the defenses you need on-prem," Crawford said. "The infrastructure-as-a-service provider will build that into their platform, which will relieve the need to do that for the individual cloud customer."

SANS' Pescatore added that government agencies and private industry have increased the security of their data centers by using IaaS services such as Amazon and Firehost. "The GSA FedRAMP program is a great example of 'certified secure-enough' cloud services that make it easier for the average enterprise to have above-average data center security," he said.

These five should help out the infosec warriors get the upperhand. Any we missed? Which technologies do you suggest will move the needle on information security? Weigh in via the comments below.

Why is CCTV Camera Cloud Storage the best storage option when it comes to security systems ?

While devising a great security system, so much thought goes into choosing the right camera model that often critical factors related to backup storage system are over-looked leaving cracks in the system.  Just as there are innumerous cameras available in the market, there are also various CCTV storage options available. Here we try and tackle the cloud based CCTV storage system.


After creation of cloud, storing and backing-up huge amounts of data became very easy and affordable. With the ever increasing crime rate, security systems are now a requisite for any business/home. And thus keeping in mind that a good backup storage is the backbone for any security system, we bring you answers to WHAT, WHEN, WHY and HOW pertaining to Cloud Backup System for Security Cameras.


WHAT  is cloud storage?

Cloud refers to the technology of saving data virtually over the internet so that it is easily stored, accessed and shared at any point of time. More specifically, a cloud is a network of servers connected together so that it  allows centralised data storage and access to it remotely. You might be using services like Google drive, dropbox, to upload, store and retrieve data, without realising that this is basically cloud storage. There are many kinds of clouds, but they can be broadly classified into two categories: private and public. While setting up a network or security system a Network Attached Storage(NAS) is installed. A NAS device acts as a central secure location where you can backup or store and access your files. You can connect a variety of devices such as media players, gaming consoles and smart TVs with the NAS device. A full featured operating system is not needed to use a NAS device and hence a simpler OS that focuses on doing a small subset of tasks as efficiently and securely as possible is installed. The streamlined OS in a NAS unit  makes the device easy to set up, and it’s flexibility allows for a wide variety of activities. A NAS device provides only file-based data storage services to other devices on the network. A NAS unit can be installed for setting up a private/personal cloud, hence giving you the control over bandwidth and the device’s physical location.


WHEN should you opt for CCTV cloud storage?

* If the security system is to be set up at multiple sites or on different LAN networks, then using the cloud for IP CCTV cameras is the best option.

*This storage is also preferred on sites with more than 2-3 cameras.
WHY is cloud storage a better solution?

*Remote Access: Cloud systems have easy remote access, i.e. the CCTV/IP camera footage can be accessed in real time and/or later from anywhere using any PC/ laptop/ tablet/ smartphone.

*Cost Effective:Since for more than one site/ location, only a common storage is used, the installation or setup cost is reduced and hence this is becomes a more cost effective option.

*Adaptive:As and when the CCTV storage requirements change the storage plans for cloud can also be easily altered, by increasing or decreasing the storage and bandwidth as needed.

*Security:During a break-in the system/ hard drives storing the security footage are at equal risk of being stolen, rendering the footage unreachable and therefore unusable. This risk is not present in the case of cloud systems.


However, the cloud is vulnerable to hackers but this can be prevented by taking proper security measures and putting firewalls in place.

China’s AI-powered CCTV camera makers just got $1.6 billion in funding

The maker of China's 170 million AI-powered CCTV cameras is a hot property among investors the past few months.


SenseTime has secured $620 million in fresh funds from investors Thursday, adding to its previous $600 million raised in April. The company is now valued at $4.5 billion.
Chinese e-commerce giant Alibaba became the largest single investor in the company during the first round of funding, but it is now on more equal footing with new investors including Qualcomm, Fidelity International, Hopu Capital, Silver Lake and Tiger Global.


The funding will accelerate "the development of a global footprint with a larger ecosystem incorporating both domestic and overseas partners," said Li Xu, SenseTime co-founder and chief executive officer, in a press release. "The funding will also help us widen the scope for more industrial application of AI, thus increasing the value of SenseTime's global ecosystem."


SenseTime is the largest AI company on the world's stage, not only dealing with car company Honda, graphics card maker Nvidia, social media platform Weibo and Asia-based phone companies Huawei, Oppo, Vivo and Xiaomi, but also China's CCTV AI-powered surveillance system.


Its partnership with the government sees it process data captured by China's 170 million CCTV cameras and smart glasses worn by police officers on the street. The government aims to use this data to help assign each of its 1.4 billion citizens a personal score, based on how they behave, by 2020.