Tenable Blog

Financial services organizations are some of the most highly protected institutions in the nation, but, at the same time, are under constant attack. As a result, financial institutions have to be prepared to handle any security disaster.

Earlier this year, I joined G. Mark Hardy from SANS, Ed Dembowski from FireEye and Scott Gordon from ForeScout to discuss the results of a SANS survey on, "risk, loss and security spending in financial institutions."

Today we launched a new look for our blog with the goal of making it easier for you to find the security content you’re looking for.

Tenable Network Security CEO Ron Gula got the opportunity to sit down with IT Harvest’s Richard Stiennon while they were at Black Hat USA 2014. Stiennon is the Chief Research Analyst and founder of the industry analyst firm IT-Harvest. Gula and Stiennon discussed Tenable’s continuous network monitoring approach and how Tenable products allow organizations to identify all of their vulnerabilities, show risk across all systems and measure compliance in real-time.

Data breaches associated with “insiders” – individuals considered trusted entities and granted privileged access to internal systems and data – are not the most common type of IT breach, but are one of the most costly with an estimated cost of over $400,000 per incident and an average victim loss of $15 Million/year¹. The problem is so impactful that the FBI has a separate webpage dedicated to the topic.

One of the inherent qualities of malware is the ability to hide from the system and the user. It is in the best interest of the bad guys to not be detected, and various forms of malware implement different methods of hiding. However, one method that is very scary is the ability to hide inside the components of the PC, rather than in the operating system. This is the case with malware targeting the BIOS or the unified extensible firmware interface (UEFI) in more modern computers. The dangers is that software running in this area of the system can gain full control of any functions (such as all connected hardware) and bypass protections put in place by the operating system. It makes detection extremely difficult and will persist across system restores and rebuilds.