Intelligent Connections. Recruiting Integrity.
Call Us: 415-510-2973

Archive for February 2016

US Security Firm Norse Sacks CEO – Report

US Security Firm Norse Sacks CEO – Report

US cybersecurity firm Norse is said to have sacked its CEO just weeks after nearly a third of staff were let go.

Sources “close to the matter” told Brian Krebs that board member Howard Bain would be taking over the firm temporarily after its directors decided to jettison Sam Glines.

Staff have apparently been told that if they turn up for work on Monday they may not be paid.

This comes just weeks after Norse announced job losses amounting to nearly 30% of its total roster.

Sources are also claiming that the company is set to be merged with fellow Californian security vendor SolarFlare, which apparently shares some of the same investors and investment capital.

The upheaval comes despite a successful Series A1 funding round last year which saw Norse raise $11.4 million, and win the backing of KPMG Capital.

“Our clients face highly sophisticated cyber threats,” said KPMG’s global leader of cybersecurity, Malcolm Marshall, at the time.

“Working with Norse enables us to keep track of the rapidly changing threat landscape to ensure we can provide early warning and deep insights into the tactics employed by attackers, as well as practical actions to counter them."

Yet Krebs alleges the firm’s founders have been involved in previous companies which reveal “a pattern of failed businesses, reverse mergers, shell companies and product promises that missed the mark by miles.”

The cybersecurity space is an increasingly crowded and competitive market—with countless rivals jostling for IT buyers’ hearts, minds and wallets.

As a result, M&A activity has been fierce in 2015. Merger advisory firm Hampleton Partners claimed that 40 cloud security firms were acquired in the first half of last year—almost as many as the previous two years combined.

The list was topped by Blue Coat Systems’ $2.4bn purchase by private investment firm Bain Capital.

Infosecurity has contacted Norse for comment but had not heard back at the time of writing.

 

Source: Information Security Magazine

Ransomware Shuts Down Lincolnshire Council IT Systems for Days

Ransomware Shuts Down Lincolnshire Council IT Systems for Days

Staff at Lincolnshire council are expected to be able to access the majority of their systems this morning after a ransomware attack last week forced a temporary IT shut down.

Council employees were forced to return to pen and paper for several days after the unnamed malware began encrypting files, forcing CIO Judith Hetherington-Smith to order admins to pull the plug.

"It happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point – and some files have been locked by the software,” she told the BBC.

"A lot of the files will be available for us to restore from the back-up."

Some reports suggested that the ransomwarers were initially demanding “a million pounds,” but it appears as if the actual ransom was $500 worth of virtual currency Bitcoin – which is more in line with the amount normally demanded by cybercriminals in this kind of attack.

It is believed the infection began after an employee was socially engineered into opening a malicious email attachment.

“I am pleased to be able to say that we are now at a stage where we are restoring services and when staff come back into work on Monday morning the majority of the systems will be up and running,” Hetherington-Smith told the Lincolnite.

Ransomware is certainly becoming one of the biggest cyber menaces out there – for individuals and businesses alike.

In fact, over half (54%) of all malware targeting UK users in 2015 contained some form of ransomware, security firm Bitdefender claimed in December.

David Flowers, EMEA managing director at endpoint security firm Carbon Black, argued that a more sophisticated approach is needed to stop this kind of malware.

“Whitelisting, whereby a threat is assessed against a set of policies and common characteristics to see if there is a likely issue, can help to spot this type of malware even if it has never appeared before,” he explained.

“This should then we combined with broader threat intelligence, where you can see if a particular file has ever been seen before; if it hasn’t, then it is likely to be zero day and hazardous. This allows organisations to get smarter about security and avoid falling into these sort of traps.”

Source: Information Security Magazine

Silver Lining for IT Professionals

Silver Lining for IT Professionals

They say every cloud has a silver lining, and that certainly seems to be the case for IT professionals following the recent rise in prevalence and awareness of cyber-crime.

According to results from the Robert Walters Salary Survey, salaries for roles in IT security are set to receive a significant increase with employers offering an average rise of 14%, the largest across the industry.

This is a clear response to the significant amount of high-profile security breaches seen throughout 2015, with organizations looking to secure the highest caliber of talent available to strengthen their defenses against cyber-criminals.

Steve Corbett, Associate Director of IT recruitment, Robert Walters, said: 

“Over the last year we've seen a massive increase in both permanent and interim cybersecurity roles due largely to the ongoing threat around IT and cyber-crime. The challenges facing companies continue to grow in volume and complexity as cybersecurity threats constantly evolve.”

“The impact of high-profile IT security breaches involving attacks on major companies has served to bring this emerging threat into the public eye, increasing pressure from regulators and legislators on companies to have a dedicated cybersecurity representative and to meet specific standards of security.”

A new focus on data security brings an inevitable need for fresh digital transformation projects within large companies, so those working in developer roles are also set to benefit from increased salaries. The survey revealed that they can expect to see wages rise by an average of 9%.

The shortage of skilled employees working within the IT industry has been a popular talking-point for some time, so it comes as no great surprise that companies are now taking greater steps to bolster their resources. 

Infosecurity asked Steve Durbin, Managing Director of Information Security Forum, whether he expects to see a more secure, protected industry as a result of these changes. He told us:

“Only time will tell, but we would certainly hope that an increase in skills and capabilities in this field would be reflected in a stronger cyber-resilience at the companies able to take on such skilled individuals – what it means for those unable to match such pay points of course is a different matter.

"With the continued emphasis on protecting a company’s resources from cyber-criminals along with increased compliance and regulatory requirements, the smartest companies should certainly be looking to increase their investment in skills but also in the processes and technology to address cyber-risk which is fast becoming one of the major components on any company’s risk register today.”

Source: Information Security Magazine