View Post

Could election season mean phishing season?

In Blog post by Clavister Blog Staff0 Comments

With the first round of the 2017 French presidential election to be held on 23 April, and the British Government recently announcing a general election for June, it’s worth re-examining one of the most controversial events in the run-up to the 2016 U.S. presidential election – the publishing by Wikileaks of several thousand emails related to Hillary Clinton’s election campaign activities.  The emails were stolen in March 2016 when the personal Gmail account of John Podesta, chairman of Hillary Clinton’s 2016 U.S. presidential campaign, was hacked following a spear-phishing attack. As we blogged previously, the impact of the breach on the election’s outcome is uncertain.  But it was certainly a damaging breach …

View Post

Poor password practice: a professional problem

In Blog post by Clavister Blog Staff0 Comments

We all like to assume that IT security professionals practice what they preach when it comes to good practices.  Wariness when clicking on links or downloading attachments from unknown senders – obviously.  Keeping software up-to-date and deploying the latest versions of antivirus and other protections – sure thing.  Regularly changing passwords – um, not so much. A recent survey of almost 300 IT security professionals at the RSA Conference in San Francisco found that 33% had not changed their social network passwords in over a year, while another 20% claimed never to have changed these passwords. OK, but surely these cybersecurity pros were at least constructing strong, hard-to-guess passwords? Again, …

View Post

How much is your security worth? About $250 – unless you use multi-factor authentication

In Blog post by Clavister Blog Staff0 Comments

Organizations invest tens of thousands of dollars in their network IT security and data protection strategies. From technical solutions and training, to writing policy documents and mapping processes, vast sums of business resource is invested in ensuring that their most precious assets – i.e. their data – is behind a ring of steel, safe from the rapidly evolving threat posed by cyber-criminals. As a result the cyber-security market is expected to be worth more than $200 billion annually by 2021. Organizations spend this money and invest time in protecting their data because they understand  –  or believe it to be – of extremely high value, either to cyber-criminals who can …

View Post

Lessons from the Vault 7 breach

In Blog post by Clavister Blog Staff0 Comments

The recent Vault 7 leak  has been described as the biggest disclosure of classified information on backdoors, and espionage tools and techniques since the documents released by former CIA employee Edward Snowden appeared in 2013. Some believe the new leak may be bigger still. In any case, here are four important points to note from the leak, together with their implications for security. Zero-day flaws are a problem – but not your main challenge A large proportion of the leaked CIA exploits are focused on unknown vulnerabilities in products from major technology companies – so-called ‘zero-day flaws’. These are a major concern for IT security teams, precisely because they usually remain …

View Post

Free webinar: leveraging Deep Packet Inspection for cybersecurity, Tuesday 21 March

In Blog post by Clavister Blog Staff0 Comments

Deep Packet Inspection (DPI) is one of the cornerstones of an effective cybersecurity strategy.  Whereas basic firewalls and gateways use Stateful Packet Inspection (SPI) to determine if network traffic packets should be allowed or blocked by simply examining the packet header and footer, more advanced security appliances using DPI also scrutinize the packet’s contents before deciding whether to allow the packet through. Simply put, it’s the difference between examining only outside of a parcel before deciding it’s safe, and opening the parcel to see what’s inside to be truly certain it has no malicious contents.  So how does DPI play a fundamental role to strengthening cybersecurity solutions like next-gen firewalls, …

View Post

Pure jean-ius: Clavister’s next-generation firewalls deliver security for MUSTANG

In Blog post by Clavister Blog Staff0 Comments

MUSTANG is one of the largest jeans and casual clothing manufacturers in Europe. Founded in the 1930s in Germany as a denim and lifestyle brand, it was the first European provider of jeans. It has grown into a Europe-wide business, with around 80 shops and 15 showrooms and offices in Germany, Austria, Switzerland, Russia, Belgium, the Netherlands, Luxembourg, Poland and Hungary. Now, Clavister is delighted to announce that MUSTANG relies on our security appliances to secure connections and communications between its head office in Künzelsau, Germany, and almost 100 shops and branch office locations across Europe. To keep MUSTANG’s operations running smoothly, all of its disparate branches need to be …

View Post

Building security into the IoT

In Blog post by Clavister Blog Staff0 Comments

The rapidly expanding Internet of Things (IoT) has ushered in some major cybersecurity challenges over the past few years. Indeed, we’ve known for some time now that security in the IoT is often severely problematic or even non-existent. 2016 saw the emergence of the giant Mirai botnet, which specifically targeted smart devices such as Internet-enabled digital video recorders (DVR) and surveillance cameras (CCTV). It was used to launch DDoS attacks of unprecedented scale, brought down Brian Krebs’ website in September and has since been used to target a whole range of organizations.  We blogged in January about the enormous impact a Mirai attack had on Deutsche Telekom, for example. The …

View Post

Gone phishing? How to educate employees about the risks of phishing emails

In Blog post by Clavister Blog Staff0 Comments

A comprehensive cybersecurity strategy incorporates multiple elements. Technology is one part of the picture, sure – you need the right tools, appliances, software and hardware in place to protect against malicious network access and to identify problems as they occur. But people are an equally important component. Employees make mistakes, and can be tricked into handing over the keys to the castle, allowing cybercriminals direct access to confidential data and protected systems. The Chief Information Security Officer at the Department for Homeland Security (DHS) in the US recently stated that the biggest security threat they face is spear phishing – that is, employees being targeted with highly personalized emails that …

View Post

A more competitive edge: Clavister partners with Aptilo for edge computing

In Blog post by Clavister Blog Staff0 Comments

One of the major challenges of the ever-expanding Internet of Things (IoT) for businesses is the question of how to deal with the rapid growth of endpoint devices in a typical enterprise IT architecture. Latency and bandwidth limitations mean that applications with real-time requirements are increasingly likely to fail, because traditional architectures simply cannot cope with the increased demands. This is where ‘edge computing’ comes in. It’s a way of meeting these increased networking demands by providing data, applications and services locally or at the network edge using SDN/NFV technologies. From a security point of view, this means moving services like intelligent policy enforcement to the network edge. Now, Clavister …

View Post

Of BYOD, AI and you

In Blog post by Sam Coleman0 Comments

How do artificial intelligence and endpoint security equal the latest way to stop the nastiest threats out there – ransomware, identity theft and DDoS? It all started with our liberation… Oh, how our work lives have changed over the space of the last few decades. You came to work, you logged onto the company PC that was chained to your desk, one that was ported to the on-premises company network, overseen by the diligent and friendly company IT administrator. You went home, went on a trip and forgot to bring a document or a spreadsheet? Tough luck; you’re not connected to your office network probably and if you were, it …