The second edition of Panda Security Summit 2019, held yesterday in Madrid, highlighted the main lines of action that both companies and public institutions need to adopt in order to protect their environments against cyberattacks.

In this sense, threat hunting strategies take on an ever more central role in the approach to security processes, since they imply not only detection, but also analysis, hypothesis formulation and resolution, even before the threat can materialize, as well as the incorporation of the patterns learned into the detection model.

Furthermore, the experts also underlined anticipation and intelligence production as key factors to face up to cyberattackers’ new modus operandi. In this scenario, it is more necessary that ever to apply zero-trust policies.

The day kicked off with Juan Santamaría, CEO of Panda Security, who reminded the attendees that one of the most vulnerable focal points, and one that draws most attention from cyberattackers, are governments and public administrations. Hence the initiative to create an event where the focus is on action strategies and methods to stop attacks that violate citizen security.

Both Santamaría and José Sancho, President of Panda Security, emphasized the trajectory of the company, which grew 12% in 2018, consolidating itself as one of the pioneers in the development of endpoint protection services.

Next, María Campos, KA and Telecoms at Panda Security presented Cytomic, a new business unit that completes the company’s specialization in the enterprise segment. The main differences that Cytomic brings are based on the layers of service, which provide the additional value of the technology-service duality. Campos pointed out that the enterprise segment makes up 15% of the company’s turnover; its aim with Cytomic is to accelerate the current growth to over 40%.

During his speech, Josu Franco, Strategy Advisor at Panda Security made a point of the fact that cyberattackers are using software that is already installed on the endpoint, which means that they don’t need to employ downloadable files. The challenge, said Franco, is detecting threats that stem from the user, who in many instances, belongs to the organization itself. This means that this particular threat requires the sophistication of security analyses. Finally, he stressed that cybersecurity needs to tend towards data science.

From the European Commission, Rafael Tesoro, Programme Officer, highlighted the alarming increase in cybersecurity incidents, which has been facilitated by a highly fragmented European cybersecurity market in which smaller European companies are acquired by large companies from outside Europe. This exacerbates brain drain in the continent, as well as the difficulties in accessing more intuitive, competitive and innovative technologies that adapt to Europe’s own regulation and management models. To face this, Tesoro stressed the relevance of the NIS directive, and how it is working to increase each country’s cybersecurity capacities, European cooperation, and the security models and alerts that are currently being put in place.

Pete Shoard, Senior Director Analyst at Gartner delved into the management models that allow for a balance between machine learning and automated tasks with risk management and monitoring by CIOs and heads of IT. Shoard focused on behavioral analysis when it comes to efficient threat hunting strategies in companies.

Curro Márquez and Jesús Ponce, from Cyberintelligence at Telefónica, emphasized cyberintelligence as a pillar of digital security, since it considers anticipation, protection, detection and response. To optimally carry out and manage cyberintelligence, Márquez and Ponce pointed out that the company must know their own security needs, so that it can use the necessary sources, tools and processes, both their own or third-party, that allow them to carry out quantitative analyses that can be reversed once again and enrich the entire process.

Lucas Varela, e-Crime & Security Analytics Manager en CaixaBank discussed the role of cybersecurity as a previous requirement and an enabler for new financial businesses. He also demonstrated how CaixaBank applies intelligence systems to detect threats, a strategy that includes studying efficiency within Incident Response processes, and studying banking malware.

The speeches finished with Pedro Uría, director of PandaLabs. Uría emphasized the company’s hunting services, and used real cases to demonstrate how to get ahead of new threats with this technique. He also reminded the attendees that malware is no longer a problem, and that the challenge currently lies in increasingly sophisticated targeted attacks that don’t use malware; the only valid approach is a zero-trust policy, in which nothing should be run unless you trust it.

The attendees were able to find out about threat hunting strategies to guarantee the cybersecurity of companies and institutions through two speeches and four immersive workshops run by Panda Security specialists.

#PASS2019 brought together almost 1000 IT professionals from the leading European companies and institutions, in the Coliseum Theater, Madrid.

The post Zero Trust: the only valid approach to stop the latest threats to cybersecurity appeared first on Panda Security Mediacenter.

One of the leading predictions for 2019 in our PandaLabs annual report is the boom of fileless malware.  This can be put down to an increased difficulty in detecting them on the one hand, and on the other hand, to the increased cyberoffensive capacity in the world, both of states, and of criminal gangs, both state sponsored and unaffiliated.

To deal with an attack that is so difficult to detect, it is necessary to employ more complete and advanced techniques. Malware is no longer the main challenge for companies that have advanced cybersecurity capacities; the challenge is now to detect suspicious behaviors from users, machines, and processes. It is for this very reason that threat hunting is now so important in the current cybersecurity landscape; proactively searching for threats is the best way to ensure total security against hackers who are increasingly professionalized.

Threat Hunting Report 2019

The annual Threat Hunting report from Cybersecurity Insiders reveals some highly relevant statistics about the integration and awareness of this technique in the corporate cybersecurity world, and sheds some light on the challenges that cybersecurity professionals have to face.

The challenges

46% of companies have experienced an increase in the severity of cyberattacks, a fact that serves to underscore how important it is to employ more advanced techniques to stop their advance. Cybersecurity professionals know this all too well: in the sector, there is increasing awareness of the importance of proactively searching for threats. According to the report, 77% of these professionals have a moderate or high degree of knowledge about threat hunting, a 4% increase compared to last year.

But what are the security challenges that these professionals have to deal with? The main challenge for 55% of companies is the detection of advanced threats. Other important challenges include wasting too much time on false positives, and a lack of expert security staff to mitigate threats.

The goals

The main goal of threat hunting is, generally speaking, to protect the company and to secure the company’s assets and its information. On this point, cybersecurity professionals agree; for 58% of these professionals, the goal of their threat hunting activity is to reduce exposure to external threats. Among the other goals mentioned by professionals are improving the speed and accuracy of threat responses (53%) and reducing the number of breaches (52%).

With such important goals for corporate security, it is no wonder that 83% of professionals believe that threat hunting should be the most important initiative for the early detection of threats.

Frequency of Threat hunting

Something that highlights the shortage of expert threat hunting professionals is the amount of time that is invested in these activities: on average, cybersecurity professionals spend 62% of their time reacting to threats, and only 38% proactively searching for threats—the key to this technique.

Another revealing statistic is the frequency with which companies carry out threat hunting. Only 32% of companies perform threat hunting continuously, while 40% only threat hunt when it is necessary. Since threat hunting itself is a proactive technique, employing it reactively significantly reduces its effectiveness.

Threat hunting methods

Efficient threat hunting requires a wide range of data sources to detect anomalies and suspicious activities as soon as possible. The majority (66%) of companies prioritize system logs as the most important data source, followed by firewall/IPS denied traffic, and network traffic.

There are multiple datasets that can be investigated during a threat hunting process. The best option is to gather, normalize, and analyze data from all possible sources in order to get a more complete and accurate idea of what has happened.

Along with a comprehensive vision of the data, another vital step for threat hunting is to understand IoCs (indicators of compromise) to be able to develop effective methods to defend against future problems. Knowing what IoCs they have to look for helps cybersecurity professionals to classify and remediate threats. The IoCs that cybersecurity teams most often investigate are behavioral anomalies (69%), suspicious IP addresses, and denied/flagged connections.

As for the capacities needed to hunt threats, the most important for 64% of professionals is threat intelligence.

The advantages of threat hunting

Using this technique clearly has many advantages in a corporate environment when it comes to keeping systems safe by providing protection against the most advanced threats. In this respect, professionals agree: 62% believe that the detection of advanced threats is the most important advantage provided by threat hunting. Other important advantages include reducing investigation time, saving time by not having to manually correlate events, and creating new ways to discover threats.

The solution

A lack of expert professionals is evidently something that can hinder threat hunting operations in a company, while time investigating false positives can slow down the work of cybersecurity professionals.

To find out how to carry out an effective threat hunting process, don’t miss the product technology news that we’re going to present on May 23 at the Panda Security Summit, the most important European cybersecurity event. Register now and come and talk to our experts!

More information and registration

The post PASS2019: how to deal with malwareless attacks appeared first on Panda Security Mediacenter.

On May 23, the Coliseum Theater, Madrid, will become the European Cybersecurity Hub, a meeting point for IT professionals and partners, where they will be able to discover the latest cybersecurity innovations. Proactivity in the search for advanced threats, such as the threat hunting process, which reaches places that traditional tools can’t, will be one of the central topics of PASS2019.

These days, companies have security solutions to protect against malware. However, the challenge now lies in detecting anomalous behaviors, both from users and from processes and machines. Rather than waiting to be attacked, companies need to get ahead of threats and protect themselves. This is where threat hunting comes in. And to protect organizations from new hacker behaviors, at the Panda Security Summit, the company’s new offering will be presented. It will focus on the Enterprise segment, with a more specialized service to meet the protection needs of organizations with over 1,000 endpoints.  This upper segment will have an advanced cybersecurity solution that integrates prevention, detection and total response capacities with investigation and attestation services, with no need for updates or patches, and with detailed visibility of all activity, control of running processes, and reduction of the attack surface. “Panda Security’s solutions  automatically classify 99.98% of threats, leaving just 0.02% of them to our analysts. With our new offering, we’ve managed to increase the level of maturity of our Hunting services in organizations, and our experts can focus on the attacks that are truly dangerous.” highlights María Campos, VP Sales Worldwide KA and Telecoms at Panda Security.

What’s more, #PASS2019 will showcase the points of view of the technological society, with the participation of Gartner as an independent analyst; leaders from the European Commission to represent the vision of the governmental sector; and large companies from the telecommunications industry, such as Telefónica and CaixaBank. There will be 9 speeches, as well as 4 workshops about the subjects discussed in the speeches, such as how to apply advanced protection techniques and strategies, and threat hunting in real environments. José Sancho, president of Panda ; Juan Santamaría, CEO of Panda Security; María Campos, KA and Telecoms of Panda Security; and Josu Franco, Strategy and Technology Advisor, will present this edition.

The post PASS2019 is here, with a new offering for the Enterprise segment appeared first on Panda Security Mediacenter.

Public administrations have their work cut out. For years, they have been working to shore up the cybersecurity of their infrastructures and sensitive information. Any kind of cyberattack on these assets could seriously endanger both the general population and political leaders. And these kinds of targets are becoming increasingly popular for cybercriminals.

This need for protection has become more pressing due to the increased technology use in this ambit. Though there is scope for further technology to be introduced in public administration, before this can happen, more agile work needs to be done on threat identification strategies, machine learning, and blacklisting techniques that could, for example, making electronic voting a real possibility.

Along with municipal, regional, and general elections in Spain, and the European Parliament elections, over 80 countries will take part in electoral processes in 2019. Implementing electronic voting could increase voter turnout, and would be a great advantage to citizens with reduced mobility or who reside in a different town to where they have to vote. It would also reduce costs, and lower the number of people who would have to be present at polling stations. To give some idea, €128 million was invested in the Spanish general elections in 2015, a figure set to rise to €138M this year.

However, e-voting has some security-related drawbacks. One example is the possibility of a person casting several votes from the same IP, or by simulating a new IP. Total privacy cannot be guaranteed either, since the servers of those administrating the vote can decrypt the original information, revealing voter details.

And public administrations are also liable to fall victim to cyberattacks. This is why the two main concerns that need to be addressed before elections can be carried out electronically are privacy and cybersecurity. Both of these concepts need to be underpinned with external auditing to guarantee that none of the various steps involved in the e-voting process is susceptible to error, tampering, or attack.

One of the objectives of the second edition of #PASS2019 will be to propose possible action frameworks to guarantee data protection for every citizen and for public administrations. And not just against hackers, but also against insiders (people who attack from within the organization itself: employees, former employees with active credentials…) or even agents who could access public data without technically breaking any laws, such as political parties.

Throughout five conferences and five workshops, at #PASS2019 independent analysts from Gartner, European politicians, members of SOCs and cyberthreat analysts from international companies such as Telefónica, will offer their vision of threat and attack trends, national cybersecurity strategies, and protection needs, both at a normative and corporate level. Attendees will be able to discover cutting edge procedures that are being implemented across Europe, and how they can apply them in their companies and environments. José Sancho, president of Panda Security, Juan Santamaría, CEO of Panda Security, and María Campos, KA and Telecoms of Panda Security will present this edition.

#PASS2019 will bring together almost 1000 attendees from leading European companies and institutions, including CISOs, CIOs, heads of cybersecurity, and CEOs. What’s more, there will also be five workshops in which the subjects discussed in the conferences will be dealt with in depth.

More information about the agenda of #PASS2019 here.

More information about the speakers and their conferences here.

More information about the workshops here.

If you want to get press accreditation, you can do so here.

Summary of #PASS2018 in this video.

The post Is it possible to ensure the privacy of electronic voting? appeared first on Panda Security Mediacenter.

Compressed files have proven to be an endlessly useful tool among users. But perhaps the ambit where they’ve had most success is the business world. The fact that many corporations work in several offices scattered around the world, or even have employees teleworking, means that sending and receiving large files can be inefficient. Though virtually every company has cloud storage capacities, many use compression to send and receive files more easily.

However, using compressed files can often be counterproductive and, instead of helping transfer files, can lead to serious corporate cybersecurity problems.

Register for PASS2019 and discover new cyber-trends

A group of researchers has recently discovered an IT security flaw in one of the world’s most widely-used file compressors. WinRAR, the largest compressor along with WinZIP, has been discovered to harbor a vulnerability that had gone undiscovered for no less than 19 years.

In one of the WinRAR libraries, specifically UNACEV2.DLL, used to unzip .ace files, there is a critical security flaw that allows cybercriminals to insert malicious content. In particular, it has been used lately to spread JNEC, a piece of ransomware that, after the file in question has been compressed, permanently blocks it and holds it ransom. In order to recover it, the victim is asked to pay 0.05 bitcoins – roughly €175.

How to compress files securely

The appearance of this malware has forced companies and large organizations to take measures to protect their corporate cybersecurity and to protect themselves against cybercrime. These are some of the things that must be done to compress and unzip files without putting their information at risk:

1.- Update the compressor. Users often download WinRAR or WinZIP then stick with that same version without ever updating it. Nevertheless, since the discovery of JNEC, millions of WinRAR users need to update the software. Generally speaking, and quite apart from this incident, using the latest version of theses kinds of programs will help avoid future problems.

2.- Backups. The main problem that JNEC poses is that the cybercriminals who block the file demand a ransom to unblock it, and not even paying up can rule out this coercion happening again. Should this kind of blackmail happen, companies need to have backups of all their files in order to be able to use them if something were to happen. This is especially true of large and valuable files.

3.- Is compression necessary? Compressing a file can be very useful at times, but not necessarily all the time. Is it really necessary to compress any file in order to save space? Companies must avoid abusing this kind of tool. As well as having backups, they can make use of storage solutions in the cloud, or on their own servers with no Internet access.

How to stop infected files from coming in

The danger doesn’t just lie in the compression itself; unzipping also poses certain risks. This is why companies need a best practice code when it comes to receiving documents.

1- Monitor system activity. Nothing can ensure that out company won’t fall victim to a JNEC attack, or any other kind of ransomware. What we can do, however, is to closely observe the activity happening on servers and computers in order to avoid or mitigate problems. This is where Panda Adaptive Defense comes in; it is able to automatically monitor a company’s IT system activity in real time, detecting possible points of infection, and stopping problems even before they come up.

2.- Careful with emails. Employees in any company need to be subjected to a best practices protocol about receiving all kinds of files. When receiving a document, especially by email, they need to be alert to possible problems. What’s more, files shouldn’t be compressed when it is not 100% necessary or when the compression doesn’t significantly reduce the file’s size.

It is all about minimizing risks. Knowledge and sharing experiences are a fundamental part of it. This is why events such as the Panda Security Summit are so important. PASS2019 is an event for professionals and companies in the cybersecurity sector, and for those that want and need to apply the techniques and strategies revealed there. Because nobody can guarantee that a company won’t receive infected files. But what can be done is to establish appropriate measures to avoid unnecessary conflict and protect the whole organization’s corporate cybersecurity.

The post Careful with compressed files: JNEC, the new WinRAR ransomware appeared first on Panda Security Mediacenter.

Over the last few years, one of the characteristics most commonly sought after by professionals on the lookout for new talent for their companies has been proactivity. Adam Grant, a Wharton School professor and one of the most influential authors in organizational psychology, defines proactivity as “anticipatory action that employees take to impact themselves and/or their environments.”

This very trait is increasingly important for corporate cybersecurity. A recent study by ESG, carried out among IT professionals, showed that 53% of organizations have reported a problematic shortage of cybersecurity skills in their teams. One of the particular difficulties that stands out is the challenge of finding candidates that bring a proactive attitude in terms of searching for and anticipating threats, going beyond the traditional approaches of responding to cyberattackers. As we’ve pointed out before, proactivity is the key to threat hunting.

Why are more and more companies opting for threat hunting?

Traditional cybersecurity measures such as firewalls, intrusion detection systems (IDS), sandboxing or SIEM solutions usually focus on post-incident investigations. These measures are still relevant, as organizations still need responses to common cyberattacks.

However, cyberattacks are increasingly stealthy and intelligent, and happen more frequently. In our cybersecurity predictions for this year, we highlighted the fact that 62% of companies say that they have suffered cyberattacks that didn’t use malware signatures. Other examples, such as attacks using chatbots, malicious inbound marketing techniques, and other attacks based on artificial intelligence all prove how sophisticated new cyberattacks can be. Companies are well aware of this, and have taken appropriate measures: 43% now carry out continuous threat hunting as part of their cyberrisk prevention strategy; 65% predict increased investment in these kinds of tools in the coming years (SANS Threat Hunting Survey)

What is the profile of professional Threat Hunters?

These new threats have also caused a great evolution in the profile of cyberattackers: while we still see amateurs, many are now highly professionalized, with specialized training and vast resources provided by companies or even foreign powers. Cybercrime is now an extremely lucrative, far-reaching business. It is therefore vital for cybersecurity professionals’ profiles to be on a par with those of cybercriminals. This means, going beyond traditional techniques and opting for active searches on corporate networks, using a process based on hypotheses and evidence. As we can see, it is clear that proactivity is a key skill for a good threat hunter. But it is not the only one. Below, we’ll go over the characteristics that every threat hunting professional should have.

• Technical knowledge: Before undertaking any threat hunting process, it is vital to have professionals who have knowledge and experience in the cybersecurity world. They need to know the focus of traditional endpoint protection tools (EPP), but also the new approach: Endpoint Detection and Response (EDR), which involves the use of real time monitoring tools, something that is vital for threat hunting.
• Corporate and geopolitical vision: cyberattackers are becoming more professional, and now belong to organizations or even states. Threat hunters must therefore know the corporate and geopolitical context that may be motivating these cyberattacks. Technical knowledge is fundamental, but it is increasingly necessary to have ideas that bring us closer to a more general vision in order to get ahead of cyberattacks.
• Creativity: the first step in the threat hunting process is to create hypotheses in order to seek out potential threats. The threat hunter must therefore come up with possible scenarios, bearing in mind numerous elements and attack vectors that may not be so obvious to traditional cybersecurity solutions.
• Mastery of the empirical method: once hypotheses have been created, the next step in the threat hunting process is to validate them, searching for evidence, and discovering patterns. These stages are similar to those followed by a research scientist. As such, threat hunters need to have a decent understanding of work methods based on analysis and evidence. Threat hunters are not so different from scientists who make great discoveries.

Panda Security threat hunting

At Panda Security we have a great team of threat hunting professionals behind our managed service, which we offer to our clients in order to perfect the response to hackers and insiders. Our machine learning based solutions can classify 99.98% of threats. For the remaining 0.02%, organizations have available to them our threat hunters. Our threat hunting team carries out investigations to uncover the main cause of threats and to establish an action plan to mitigate them. These investigations are based on attack patterns that are automatically discovered by our solution Panda Adaptive Defense, which analyzes anomalous behaviors from users and computers. This way, our experts can identify IoAs of malware (both known and unknown) and malwareless attacks in real time.

Do you want to know more about our threat hunters? On May 23, in the Coliseum Theatre in Madrid, we’re holding the largest European cybersecurity event, PASS2019. At the event, we will discuss new attack trends, the most cutting edge cybersecurity solutions, all with a special focus on threat hunting. Find out how to hunt down threats!

Register for #PASS2019 here

The post Threat Hunters: What do the new cybersecurity specialists do? appeared first on Panda Security Mediacenter.

#PASS2019 will cement its place as one of the unmissable events in the cybersecurity calendar. At this second edition, leaders from the European Commission, Gartner, Telefónica and CaixaBank, as well as the director of PandaLabs, will all share experiences and explain different cybersecurity trends in Europe.

Panda Security Summit will bring together in Madrid almost 1000 attendees from leading European companies and institutions, including CISOs, CIOs, heads of cybersecurity, experts in the field, and CEOs.

Register here

If you’d like to get a free ticket, ask your Panda salesperson for more information or send an email to: Summit@pandasecurity.com

The agenda

The European Cybersecurity Hub will emphasize how important it is to be proactive and to renew detection methods, given how challenging and volatile an industry cybersecurity is.

In five conferences, nine different speakers will discuss the leading trends in threats and cyberattacks, national cybersecurity strategies, and the protection needs of public and private institutions. Throughout the event, there will be a particular emphasis on threat hunting techniques. Because these days, digital risk management is a key task in any company, regardless of its size or sector. They need to know how to act proactively, and not limit themselves to preventing known attacks; they must also make time to get to know the new tactics that are being employed by the cybercriminals who want to endanger their security.

Many of these threat hunting tactics will be analyzed by the speakers in their respective conferences, all of which can be consulted here.

The speakers

• Miguel González-Sancho, head of the Unit “Cybersecurity Technology and Capacity Building” at the European Commission will share his vision of the socio-political framework set out in National Security Strategies, as well as the needs that arise when transferring this framework to the European business environment.
• Pete Shoard, senior Endpoint and Security Operations analyst at Gartner will show in detail the most important aspects of the analyses carried out by managed security service providers, security monitoring technologies and risk management in cybersecurity.
• Alejandro Ramos, Global Chief Digital Security Officer, and Alejandro Becerra, CISO at Telefónica will give a conference on the development of threat detection strategies at Telefónica, from the point of view of the customer, a SOC and a service provider.
• Lucas Varela, e-Crime and Security Analytics Manager at CaixaBank will explain how intelligence systems are used to detect threats in the banking sector. He will also provide information about efficiency in incident response, and will go over the latest malware and banking threat trends.
• Pedro Uría, director of PandaLabs, Panda Security’s analysis and investigation laboratory, will discuss, among other things, the most advanced threat hunting techniques. He will underscore how important it is to discover the new ways that hackers are behaving, since most of the time, they use proprietary malware or legitimate applications and goodware in order to go unnoticed by the most common cybersecurity solutions.
• José Sancho, president of Panda, Juan Santamaría, CEO of Panda, and María Campos, KA and Telecoms at Panda Security, will present #PASS2019, and will share their views on the main strategies for success against cyberattacks.

Workshops and an immersive experience

There will be five workshops at #PASS2019 where attendees will be abel to learn more about the subjects discussed in the conferences. You will also be able to experience first-hand how the different steps that make up the killchain of a cyberattack unfold.

We’ll get inside an infection to discover the routes followed by cybercriminals to get onto our networks. Here we’ll see the resources that have the capacity to take over our IT park, and how our network is affected as the infection advances. Get inside our Cyber-Kill Chain! You’re invited to share the experience of being the lead actor in a cyberattack.

These workshops will be run by Panda Security Specialists. They will explain in detail the advantages of including threat hunting services in business cybersecurity strategies. They will also share the fundamentals for investigating, locating and isolating attacks at any point along the killchain, all in real-time, and thus reduce the reaction time between detection and deactivation.

You’re invited! We look forward to seeing you at the Panda Security Summit.

Register here

The post PASS2019 will bring together almost 1000 cybersecurity experts from across Europe appeared first on Panda Security Mediacenter.

For the second year running, Panda Security is organizing the Panda Security Summit, the European Cybersecurity Hub, an event designed for IT professionals that, in this edition, will have a particular focus on the most advanced Threat Hunting techniques. According to the report 2018 Threat Hunting Survey, (SANS), 43% of companies continually carry out Threat Hunting operations within their cyberrisk prevention strategy, while 65% predict a greater investment in these kinds of tools in the next two years.

Register here

Moreover, throughout five conferences and seven workshops, independent analysts, European politicians, members of SOCs and cyberthreat analysts will offer their vision of threat and attack trends, national cybersecurity strategies, and protection needs, both at a normative and corporate level. Attendees will be able to discover cutting edge procedures that are being implemented across Europe, and how they can apply them in their companies and environments.

The workshops at #PASS2019 will allow professionals to experience first-hand how these techniques and strategies work in real environments, as well as further examining with specialists the subjects covered in the conferences:

• Threat Hunting and Investigation Service: The response to hackers and insiders.
• Panda Adaptive Defense: Endpoint Protection and Endpoint Detection & Response solutions with 100% Attestation, and Threat Hunting & Investigation services.
• Panda Advanced Reporting Tool: turn data into IT Security and Management conclusions.
• Panda Partner Center: efficient management of the client’s sales, lifecycle, and security.

More information about #PASS209 and press accreditation here.

The post On May 23, the Panda Security Summit, Europe’s most important cybersecurity event, will take place appeared first on Panda Security Mediacenter.

Last Friday, we held our first advanced cybersecurity conference, Panda Security Summit 2018, where cyber-resilience was the focal point. Among the audience of over 400 attendees were CISOs and CIOs of large Spanish and European companies. Silva Barrera hosted the event, which served as a framework to look at the latest cybersecurity trends – attacks, and how to protect against them all along the security chain, as well as the overall state of the sector – from the point of view of analysts, public institutions, and private companies.

Cyber-resilience, key in advanced cybersecurity

All of the conferences and workshops enabled attendees to get a clear vision of the cornerstones needed to reach the highest level of security within organizations. The importance of being resilient as far as security is concerned was widely recognised as being a key feature. It is also the leitmotif of Panda Security’s latest report, which was presented at #PASS2018. All of the speakers shared their ideas and experiences of how to prevent attacks, how to get back to the original state after an attack, and how to mitigate the effects of an attack using a good response strategy. The common theme running through all of the strategies analysed was prevention, detection, containment, and response.

The conference was opened by José Sancho, president of Panda Security, who underlined that this wasn’t just another cybersecurity conference. He emphasized that: “We believe we can give a clear, objective view of this complex, hard to understand landscape, with its multitude of technologies, its varied interests, and its messages which aren’t always objective.”

The first speaker of #PASS2018 was Ian McShane, Research Director of Gartner. In his speech, he explained that the challenge for 2019 is to reinforce prevention, especially in endpoint protection strategy. “The endpoint needs something more than an antivirus; endpoint detection and response (EDR) technologies are the key, as they offer a traceability which is indispensable for analysis and prevention. But these technologies aren’t going to replace humans; we still need analysts,” he explained.

Javier Candau, head of the National Cryptologic Centre (CNN-CERT) focused on the challenge of cybersecurity in Spain. He indicated that one of the main challenges facing the country in this area is the need to strengthen the National Security Framework (Esquema Nacional de Seguridad – ENS) certifications, which are mandatory for all mid to high level information systems. “Our incident management tool is registering more and more cases: businesses and institutions are becoming less and less reluctant to report cases,” added Candau.

Nikolaos Tsouroulas, Head of Cybersecurity Product Management at ElevenPaths in Telefónica explained that “technology is necessary, but people are even more important. Security professionals are the most valuable investment in this area.” Tsouroulas also stated that today’s threats mutate, evolve, and multiply extremely quickly. This means that managed detection and response (MDR) must opt for factors such as prioritizing endpoints and networks, data exchange, and real-time performance.

The conference continued with the participation of Nicola Esposito, Director of Deloitte’s CyberSOC EMEA Center, who explained that protection against advanced cyberthreats is a key factor for the company. “Nevertheless,” he went on to say, “It’s vital for companies to have a strategy so that they can be resilient in case something happens.” Esposito also highlighted factors such as the application of threat intelligence platforms, the creation of threat detection controls, and perimeter monitoring with automated alerts, but always with a fundamental role played by humans.

Finally, the director of the laboratory PandaLabs, Pedro Uría, put forth the keys for business security, protection and resilience, now that malware is no longer the problem. Instead, hackers are the future challenge of cybersecurity, as they use more complex methods. “New attacks, like those that don’t use malware, are the target of threat hunting services, such as those offered by the Panda Adaptive Defense platform,” explained Uría.

Panda Security Report: cyber-resilience and companies

The report ‘Cyber-resilience: the key to business security’ conveys the fact that the increase in the volume and severity of cyber-incidents detected by the majority of companies (64% and 65% respectively) has meant an increase in detection and response times in 57% of cases.

In light of this complex situation, Panda explains that cybersecurity must be understood as a corporate risk management problem. This means that companies must continually review and adjust their security organization, processes, technologies, tools, and services, in order to adapt to the evolution of threats in a process based on distrust.

The report from the advanced cybersecurity company also identifies companies that can count on robust cyberattack prevention (72%), detection (68%), containment (61%), and response (67%) systems as highly cyber-resilient. Likewise, companies that have set up a Computer Security Incident Response Plan (CSIRP) have experts who are specialised in their application (91%), and are led by directors who understand that a high level of cyber-resilience is directly related to economic growth (63%) and the company’s reputation (69%).

Do you want your company to be cyber-resilient? At Panda Security we have at our disposal the latest technology as well as the most highly skilled team of experts to help your company to prevent cyberattacks and to adapt after any kind of security incident.

The post Cyber resilience was the star of the Panda Security Summit 2018 appeared first on Panda Security Mediacenter.

On May 18, Panda Security will be holding the Panda Security Summit (#PASS2018). The aim of this event is to offer a clear and objective perspective of the current security environment, focusing on the main dimensions on which the sector is now based. Among the speakers taking part is the head of Spain’s National Cryptologic Center (CCN-CERT), Javier Candau, who will be offering his view of the cybersecurity challenge in Spain.

All security dimensions are important for a company, according to Candau, but the confidentiality of certain issues and processes is particularly relevant. According to him, management has to understand that a business is sustained by its systems and the information it generates, so this is a strategic decision, as are vigilance and auditing.

As the head of the CCN-CERT, Javier Candau knows what the keys are for a government in the fight against cyberthreats. These include the implementation of improvements in areas such as detection capabilities, considering cybersecurity as a horizontal service; collaboration between the public and private sectors; the response, which has to be rapid and round-the-clock across all points of the corporate network; and deterrence.

So far, sectors such as the aeronautical industry, the general public, and the defense or energy sectors have been the main targets of complex attacks. In order to face these types of incidents, the CCN-CERT is looking to advance awareness among government authorities and business management, and improve the capacity to detect complex attacks with anomaly detection tools such as CARMEN, which must integrate with tools for correlating the logs of organizations and, essentially, with endpoint tools.

Candau also highlights the work being done to improve the cybersecurity structures of organizations, aiming for some services to be provided horizontally and for technical staff to be adequately qualified through training programs and the provision of technical information on technologies and configurations.

Cooperation with the private sector and challenges in 2018

Large companies are working with the Government to be able to deal with cyberattacks, but for this, it is first necessary to ensure they have confidence, explains Candau, and later, they need to complement and reinforce the security services that the private sector provides them. In this way, the head of the CCN-CERT hopes that companies will at some point share information about the attacks they suffer and their cybersecurity concerns.

The essential cybersecurity challenge for the government this year is to provide much more proactive horizontal services, with the setting up of the Security Operations Center of the Spanish Central Administration. In addition, Candau explains that the Center is working on improving exchange platforms, detection capabilities, auditing capabilities, and training platforms and content.

CCN-CERT’s approach to combating cybercrime against the state culminates with the identification of the origin of the attacker. To this end, and in line with current regulations, the government organization operates in terms of risk/impact and speed of response.

Javier Candau admits that cybercrime has very different complexities. These range from botnets, which are generally easy to detect and disinfect, to organized crime attacks that look for direct financial benefit or the theft of information, passing through complex ransomware of difficult cryptologic analysis.

The head of the CCN-CERT also underlines that the targets set are sufficient to protect the country’s critical infrastructure against cyberattacks, but these systems do not undertake the challenge of protecting operational networks. Candau recognizes that it is no longer acceptable for these not to be interconnected, as businesses need this information, so he advocates coherent security policies and thorough vigilance of interconnections as well as traffic and anomalies in industrial protocols. Security must therefore be applied in all dimensions: physical, cyber and human.

For more information about national cybersecurity, the role played by the CCN-CERT in the major attacks of 2017 and Javier Candau’s view of the challenges for the coming years, come to the Panda Security Summit, where Europe comes together for cybersecurity.

Register #PASS2018

The post Javier Candau: “Cooperation between the public and private sectors is essential to combat cyberthreats” appeared first on Panda Security Mediacenter.