Mandatory 36-Hour Breach Reporting Window for U.S. Banks

Log4j vulnerability unpatched

In November of 2021, the Agencies, comprised of the Federal Deposit Insurance Corporation (FDIC), the Office of the Comptroller of the Currency (OCC), and the Federal Reserve Board (FRB), passed a regulation that requires banks to notify regulators no more than 36 hours after they identify that a security incident (that rises to the level of a “notification event”) has taken place. The regulation required full compliance by May 1, 2022. FDIC-supervised banks will report incidents to their case managers while banks that are regulated by the Board of Governors of the Federal Reserve System will need to inform the board. The Agencies explain though that not every data security incident is a notification event. According to the rule, a computer-security incident is “an occurrence that results in actual harm to the confidentiality, integrity, or availability of an information system or the information that the system processes, stores or transmits. An incident requiring subsequent notification is defined as a ‘computer-security incident’ that has disrupted or degraded a banking organization’s operations and its ability to deliver services to a material portion of its customer base and business lines”

 Read the full bulletin

VMWare Infrastructure Actively Exploited to Compromise Organizations

Log4j vulnerability unpatched

CISA, the Cybersecurity and Infrastructure Security Agency, has issued an emergency directive highlighting an escalation of successful attacks against commonly deployed enterprise components of VMWare virtual infrastructure. The directive points to an escalation of successful attack against a series of VMWare vulnerabilities that are exploited independently, or in combination, to fully compromise VMWare infrastructure in these organizations. While VMWare has issued patches for these vulnerabilities, attackers have quickly reverse engineered them to develop and weaponize exploits now appearing in the wild.

The attacks highlighted require network access, but successful attackers have utilized 3rd party network access and web exposed servers to compromise vulnerable VMWare components and gain full access.

 Read the full bulletin

Millions of Log4j vulnerable systems still unpatched

Log4j vulnerability unpatched

A recent survey by Qualys and published in SC Magazine suggests that after over 3 months, roughly 1 in 3 devices and installations that were affected by the Log4j vulnerability are still unpatched. This number amounts to roughly 22 million vulnerable application installations — and it should be noted that these are just the devices that are readily accessible from the Internet.

Log4j reached critical status towards the end of 2021 when it was discovered that a feature its platform could allow an unauthenticated attacker to take complete control over a remote system. The vulnerability was classified in CVE-2021-44228, and has been extensively discussed in cyber security as well as in a published flash with guidance from the government’s cyber security agency, CISA, who published guidance.

 Read the full bulletin

Lightstream Names Joe Vadakkan as Global Executive Vice President for Sales and Engineering

Cloud security veteran and key strategist joins emerging service provider to drive growth

Salt Lake City, UT, January 19, 2022– Lightstream, a leader in cloud security, digital transformation and managed services, today announced the hiring of Joe Vadakkan as the company’s new executive vice president for global sales and engineering. As an IT, cloud and security thought leader, Joe will lead Lightstream’s global cloud security engineering and sales organization to drive execution of customers’ cloud security strategies and elevate their innovation at scale.

“Joe is a prominent industry veteran with extensive leadership experience in cloud security sales and innovation, having driven many of the industry’s successful, secure digital transformations,” said Lightstream Co-CEO, Jim Cassell. “I’m excited to welcome him to Lightstream’s executive team, and I look forward to working with him on our mission to enable our global customers to progressively innovate and grow effectively with Lightstream’s cloud security solutions.”

“We are very excited to have Joe join the Lightstream team,” stated Rod Stout, Co-CEO of Lightstream. “His unique ability to help customers realize value and achieve desired business outcomes is unparalleled. With his in-depth knowledge in partner distribution strategies and his success in building and growing world class organizations, Joe will help Lightstream bring continuous value to its customers and achieve our growth objectives.”

Joe has over 20 years of technical and business leadership experience in the areas of global infrastructure and security, most recently having served in a strategic services leadership role at Optiv, a pure play cybersecurity firm. Prior to that, he was responsible for building and running Optiv’s cloud security organization. He has also held leadership roles and provided strategic guidance for startups, venture capital and private equity firms and Fortune 2000 companies.

“I am very excited to join the Lightstream team and look forward to taking the company’s technology and services innovation to the next level to fuel future growth,” said Joe. “Lightstream has a great business model and a talented team that are fast movers on solving customer needs. I believe it is uniquely positioned to accelerate secure client innovation through its Lightstream Connect platform for Microsoft Azure, AWS and Google and integration with a security partner ecosystem that enables it to compete in today’s global market.”

About Lightstream

Lightstream provides full-service cloud, connectivity, and security solutions to enterprises worldwide with a focus on managed services for all three, as well as cloud infrastructure implementation, security, and support.

Lightstream has been named multiple times as a Palo Alto Networks Public Cloud Partner of the Year, and is an AWS Security Competency Partner, an AWS Advanced Consulting Partner, and a Microsoft Cloud Platform Gold Partner with Security Competency. Visit us at http://www.lightstream.tech or LinkedIn.

Media Contact

Cynthia Lawton / cynthia.lawton@lightstream.tech / 843-300-8445

 

SOC 2 is the answer – but whose problem is it?

SOC 2 is, with increasing regularity, becoming the go-to certification requirement for companies who handle their customers’ data. SOC 2 is the first step to sales discussions, contracts, and revenue – yet it’s completely misunderstood. Lightstream V.P. of Security Strategy Rafal Los and JustProtect Founder & CEO Vikas Bhatia will de-complify what it takes to achieve certification, and why it’s more about process maturity and evidence than technology.

Listen on Lightstream.tech

On Spotify

On Apple

Faster, More Reliable Content Distribution at a Lower Cost? Thank you CloudFront

Those of us old enough to remember downloading songs from Napster will recall how frustrating it could be due to the time-consuming, constant buffering process. Fast forward to 2021, when nearly everyone has access not only to streaming music on demand, but endless video content from Amazon Prime, Netflix, Hulu and an ever- growing variety of media apps. It’s never been easier or faster to listen to music or view content whenever and wherever we desire it.

The reason for this huge jump in speed and convenience is content delivery networks, or CDNs. Once only afforded by large corporations like Apple and Facebook, the cloud now gives organizations of all sizes cost-effective access to CDNs. Amazon first introduced its CloudFront CDN back in 2008, and it has evolved into an easy-to-use, convenient add-on for AWS cloud customers. Today, Amazon CloudFront delivers content to end users with lower latency using a global network of 225+ Points of Presence (215+ Edge locations and 13 regional mid-tier caches) in 90 cities across 47 countries. CloudFront customers enjoy three distinct advantages: an enhanced user experience, financial optimization (FinOps) and greater security.

Enhancing the User Experience

End users are provided faster, more reliable content when it’s hosted on a CDN. That’s because the global network of edge locations puts the content physically closer to the user, whether that content is high-def videos or documents and data used for business applications. CloudFront also leverages Amazon’s highly resilient, fully redundant, global backbone network for superior performance and availability for end users. Moreover, it automatically maps network conditions and intelligently routes a user’s traffic to the most performant AWS edge location to serve up cached or dynamic content.

But most users aren’t aware of all of that. All they know is that they’re able to set their eyes (and/or ears) on whatever documents or rich media content they’re seeking without hassle or interruption. And as we know, this has become the expectation. Organizations simply can’t afford to deliver anything other than a seamless user experience.

Harnessing Cost Savings, or FinOps

AWS customers who use CloudFront benefit from a cost-efficient and customizable pay-as-you-go model. Keeping everything “in house” with AWS means there are no transfer fees for origin fetches from any AWS origin (or server). And at no additional charge, AWS Certificate Manager (ACM) lifts the burdensome process of purchasing, uploading and renewing SSL/TLS certificates. Simply put, the data-out charge you pay on AWS is cheaper when you use CloudFront (versus a competitive product).

Earlier this year, Amazon introduced the CloudFront Security Savings Bundle, which, in exchange for a monthly spend commitment, provides businesses with up to 30% savings on their CloudFront bill. Customers looking to take advantage of even steeper discounts and custom pricing can do so by agreeing to minimum traffic commitments typically in the area of 10 TB/month or higher.

Augmenting Security

CloudFront adds an extra layer of protection for websites, as the CDN puts additional security features at the edge location. AWS Shield Standard uses application-level and network-level security assets to keep data safe against common network and transport layer DDoS attacks. Organizations wishing to protect against more complex infrastructure attacks have the option to add products such as AWS Shield Advanced and AWS Web Application Firewall (WAF).

Contact Lightstream today to find out how we can help you implement Amazon CloudFront and integrate it with other AWS services such as AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for your applications and Lambda@Edge to further enhance the user experience by running custom code to personalize content and improve latency.