Esets security products have long been popular among the tech cognoscenti. Whether you go for the antivirus-only NOD32 package or this more fully-featured suite, Eset has a reputation for top-notch security without intrusive pop-ups and interruptions, and minimal impact on the performance of your PC.

It isnt cheap, though. Many security suites can be had at deeply discounted prices from Amazon and other retailers but with Eset your only option is to pay full price at the companys own website. That works out to 32 to protect a single PC for one year: is the software really good enough to warrant the outlay?

Eset Internet Security goes well beyond the basics of virus protection. As well as scanning local files, it blocks dodgy websites and links and, if youre running a local email program like Outlook or Thunderbird, it will also scan for infected attachments, phishing links and spam.

Theres a clever secure browsing mode, too, which provides extra peace of mind when youre shopping or banking online: specific sites can be set to automatically open in a new secure window, with additional protection against keyloggers and the like. Its up to you whether you let extensions like password managers run in secure windows.

Another noteworthy feature is Esets Connected Home scanner, which probes your network and flags up any router vulnerabilities discovered, as well as alerting you whenever a new client connects. Most of the time this will be because youve bought a new phone, or shared your Wi-Fi password with a friend but it could be invaluable if an intruder does manage to sneak onto your network.

Unusually, Eset extends Windows built-in theft protections, adding the ability to capture camera pictures and screenshots from a stolen laptop, as well as simply locking and locating it.

In the first half of 2021, Eset Internet Security was included in independent reports by both AV-Comparatives.org and AV-Test.org. Across both labs tests it came away with an average protection rating of 99.8%. Some other suites scored a flawless 100%, including Bitdefender, Kaspersky and Norton but Eset was close enough to perfection that were not inclined to quibble.

Whats more, none of those big names was able to match Esets perfect record for false positives: it sailed through extensive testing without wrongly flagging a single innocent item. Only F-Secure SAFE was able to equal that claim. Its a strong confirmation of Esets excellent malware-detecting capabilities.

Were not fans of the creepy robot that welcomes you to the software, and frankly we find the Eset interface unnecessarily cumbersome to get around. Its features are split across six main pages in an arrangement that doesnt seem particularly logical or intuitive.

Still, the technically minded will forgive that in exchange for hands-on controls such as the network protection troubleshooter, which lets you check up on what connections have been blocked and why, allowing you to unblock any items you think have been wrongly flagged something thats harder or impossible in most other suites.

Its also hard to complain about Esets impact on your system. The two testing labs measured an average performance hit of just 7.8% with the software installed. Thats well below the 12.5% caused by Windows built-in security tools indeed, it makes Eset one of the fastest security suites around.

Eset Internet Security has a lot going for it. Its an effective antivirus solution with impeccable accuracy and strong performance and it partners that core capability with a well-conceived set of additional features.

Weve just one reservation, and thats the price. 32 a year wont break the bank but its hardly competitive for a licence that only covers one PC. For comparison, Norton costs a third as much for single-device protection, and BullGuard will cover five PCs for half the cost. Regrettably, that makes Eset Internet Security hard to recommend.

Must-haves for your next e-commerce platform

Five capabilities needed to win in tomorrows digital marketplace

Cloud compute and storage performance analysis

Benchmark for IONOS Cloud Compute Engine

IBM FlashSystem 5000 and 5200 for mid-market enterprises

Manage rapid data growth within limited IT budgets

2021 IBM Security X-Force Insider Threat Report

Top discovery methods and recommendations for insider attacks

Excerpt from:
Eset Internet Security review: Hard to recommend - IT PRO

Grant Lecky, Co-founder, Security Partners Forum

Grant Lecky MSc. CSyP, F.ISRM, AARPI, CBCP is the co-founder of the Security Partners Forum (SPF), a network of security professionals that fosters greater communication and collaboration between the public, private and not-for-profit sectors across the globe.

In addition to the SPF, Grant, also currently serves as an Expert Network Member (Risk & Resilience) at the World Economic Forum, as member of the global advisory council of the Institute of Strategic Risk Management (ISRM) and is a winner of numerous accolades including a spot on the Canadian Whos Who and the Bill Zalud Award through the IFPO and Security Magazine.

View Grants LinkedIn profile to find out about his other accolades and accomplishments.

Named to IFSECs Global influencers list 2018 and 2019 for Security Thought Leadership, Mark is a Business School Graduate, Certified Protection Professional and Fellow of The Security Institute (FSyI).

After graduating in Human Resources and International Business in 1996, he progressed to senior roles responsible for various security service business units across Canada. In 2009 he launched a consulting business focused on physical security for corporate clients and then served as Senior Manager, Corporate Security at Canadas largest telecommunications company until 2016. He transitioned from the corporate security role to create the security industry function for a security industry workforce management software company, TrackTik.

Mark volunteers as a Community Vice President with ASIS International and is the past Chair of its Security Services Community. He has also contributed to various standards impacting private security. On a part-time basis, he teaches in the Security and Police Studies program at the Universit of Montral. In 2020, Mark joined Robotic Assistance Devices whose focus is to deliver artificial intelligence-based solutions that empower organisations to solve complex security and service challenges while delivering immediate return on investment.

Abeer Khedr is the Information Security Director at the National Bank of Egypt with more than 20 years of experience in technology and information security fields. Abeer has been serving in her current role for 10 years where she has established the information security strategy and programme at the bank and designed an information security management system (ISMS) for the banks main data centre & call centre which got certified in 2016 & 2017. She has also developed an information security effectiveness measurement program to ensure continuous improvement and maturity in security processes. Prior to joining NBE, Abeer has been leading the security consulting and IT audit service lines at Deloitte Egypt serving different industries.

Abeer has been recently awarded among top 50 influential women in Egypt for community work related to the cyber security industry and named to Egypts 30 successful women list in the Egyptian Women Forum 2020. She was also named to the Global CISO 100 list for 2020. Abeer is actively involved in initiatives to support inclusion and diversity, where, amongst other work, she co-founded Women in Cyber Security Middle East (WiCSME) group in 2018 which has over 1100 women members from different countries in the region.

Pauline Norstrom is the strategic leader of a new AI innovation and strategic advisory firm Anekanta Consulting. Prior to this, her 20 years of security industry experience span across international leadership and governance of several security and safety technology businesses. Her focus is on the application of AI and disruptive technology across industries including defence, security and video surveillance, transportation, manufacturing, cybersecurity, AI, and IoT/Smart Cities.

Pauline is an honorary member and strategic advisor to the BSIA on the subject of AI and AFR, having previously Chaired the Association for a two-year term from 2014. She is also a fellow of the Institute of Directors and an AI advisor to the ERP/Digital Group. Pauline is a regular speaker and contributor on the subject of AI, video surveillance and cyber security and has also won a number of awards for her contribution to the security industry and appeared in IFSEC Globals Top 50 Most Influential People in Security and Fire in 2015.

Driven by a fascination for cutting-edge technology and a passion for providing exceptional customer service, Edwina Eddie Reynolds has spent over 25 years as a leading figure in the video security industry. As the founder and CEO of multiple established CCTV lighting companies, Reynolds is at the forefront of bringing innovative solutions to the surveillance market.

Without light, there is no clear, effective video. Motivated by this, Reynolds founded iluminar Inc. in 2009. In her current position as president and CEO of iluminar, Reynolds has led the company to develop award-winning solutions and to be the lighting solution partner for market leaders like Axis Communications, Milestone Systems, Sony, Arecont Vision, Digital Watchdog, Ameristar Fence Products and Johnson Controls.

In 2018, Reynolds was elected to the Security Industry Association (SIA) Executive Council and was also named the 2018 recipient of the inaugural SIA Progress Award, which honors individuals who have shown excellence in their advancement of opportunities and success for women in the security industry. Reynolds currently serves as a member of the SIA Women in Security Forum and also serves on the SIA RISE Diversity and Inclusion Subcommittee. She is also a member of the International Organization of Black Security Executives (IOBSE).

Named one of the Global Hot 150 Cybersecurity Companies to Watch In 2021 and one of the Top 5 Innovative Cybersecurity Companies in the Washington D.C. region, Fortalice Solutions is a boutique cybersecurity and intelligence services firm clients trust to provide discretion and superior service headquartered in Charlotte, NC with a global office in London and offices throughout the USA.

Payton began her career in banking technology where she quickly rose through the ranks to earn executive roles at both Bank of America and Wells Fargo. Regarded as an authority in her field, she was chosen to be the first female to serve as White House Chief Information Officer where she oversaw IT operations and security for President George W. Bush and his staff during a period of unprecedented technological change and cyber threat.

Payton is an industry trailblazer, holding US patent number 10735455 System for anonymously detecting and blocking threats. Her work has received multiple accolades, including the FBI Directors award for Public Service, Enterprising Woman of the Year, and named by IFSEC Global as #4 of the worlds top 50 cybersecurity professionals. She is included in the book of 100 Fascinating Females Fighting Cybercrime and by Security Magazine as one of the 25 Most Influential People in Security. She was also named William J. Clinton distinguished lecturer by the Clinton School of Public Service.

Payton is also a familiar media presence, whether as a reality television actor in Hunted on CBS, or as an expert commentator and cyber analyst for CNN International, BBC TV News and Radio, Sky4 News, The Daily Mail UK, Irish RTE Radio, CBSN, NBC News, MSNBC, Today Show, Good Morning America, CBS Morning & Evening News, NPR, and the Wall Street Journal. She is an award winning author of Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth and has co-authored two additional books focused on helping others learn how to protect their privacy online, both of which were hailed as must-reads by Jon Stewart of The Daily Show and Katie Couric.

Latha Reddy is the former Deputy National Security Adviser of India where she was responsible for cybersecurity and other critical internal and external security issues. She also served as a Commissioner on the Global Commission on Internet Governance. Ms. Reddy has extensive experience in foreign policy, having served in the Indian Foreign Service from 1975-2011, and in bilateral, regional and multilateral negotiations. In addition, she has expertise on security and strategic issues and has worked on strategic technology policies, particularly on cyber issues relating to cyber security policy, international cyber cooperation and Internet governance.

Ms. Reddy is involved with several organisations and think-tanks, both globally and in India. She is currently, among other positions, serving as a Distinguished Fellow in the EastWest Institute in the US and the Observer Research Foundation in India.

Mr. Mattice is President & Founder of the National Economic Security Alliance (NESA), a nonpartisan IRS designated 501(c)(3) nonprofit focused at educating policymakers at the Federal, State and Local level as well as business leaders and the general public on issues affecting the economic security of America.

He is also Managing Director of Mattice & Associates LLC, a management consulting firm focused on the fields of enterprise risk management, business risk intelligence programs, resiliency, information asset protection, cyber security, compliance, corporate security, management systems, and program evaluations. Mr. Mattice established the Executive Summit Series as a unique forum where leaders share their vision of the future and tackle the front of mind issues they face today. Additionally, he is a Leadership Council member for the National Small Business Association; a Fellow at the Institute for Strategic Risk Management; Distinguished Fellow at the Ponemon Institute and an Emeritus Senior Fellow at Auburn Universitys Center for Cyber and Homeland Security.

Amongst many other roles in the security industry, he was appointed as one of the key industry representatives on the National Industrial Security Program Presidential Task Force, which was established through a Presidential Decision Directive by President George H.W. Bush; the taskforces members also included the Secretary of Defense, the Secretary of Energy and the Director of the CIA. Mr. Mattice was also appointed to the Inaugural Advisory Board for the National Counterintelligence Center (which is now known as the National Counterintelligence and Security Center), appointed as a member of the Department of States Overseas Security Advisory Council, and asked to serve for several terms on the Steering Committee for the Global Congress on Combatting Counterfeiting and Piracy, established by INTERPOL and the World Customs Organization.

Brennan P. Baybeck, CISA, CISM, CRISC, CISSP, is VP & CISO leads a global team that addresses IT security risk management for one of the largest lines of business at Oracle. He is responsible for leading security, privacy and availability for customer facing services, including Oracles Security Services. He has more than 25 years of experience in IT security, governance, risk, audit and consulting, and has worked in various industries designing, implementing and operating enterprise-wide programs to address global security risks. He has held other leadership positions at Sun Microsystems, StorageTek and Qwest Communications, and served as an security risk consulting director at a global consulting company for several years.

Baybeck also has been actively involved with ISACA for more than 25 years, as ISACAs International Board Chair and a board Director for several years, and served many years as a chapter board leader. He currently serves as Past Board Chair for ISACA. He is a recipient of the Western Michigan Universitys Business Information Systems Outstanding Alumni Award in recognition of his distinguished service and accomplishments. The Colorado Technology Association also named Baybeck as the 2021 CISO of the Year.

Aristides Contreras is the founding President of COLADCA, focused on bringing together professionals from the Security and Risk management world for research and to rethink security with a model that requires best practices and unites the private sectors, public and the academy.

Aristides is Lawyer with a specialisation in Constitutional Criminal Procedure, is a an Officer retired in the Army and worked for several years in the Management of Integral Security at a national level in security contracts and for effective Risk Management. He is also a Certified Consultant and is Speaker and Autor in some publications of updating the regulations and procedures that minimise the occurrence of losses in organisations and improve risk management and security in countries of Latin Amrica.

Jason Brown is the National Security Director for Thales in Australia and New Zealand. He is responsible for international trade and security liaison with government, law enforcement and intelligence communities to develop cooperative arrangements to minimise risk to Thales and those in the community that it supports. He is also responsible to ensure compliance with international and Commonwealth requirements for trade control, national security and relevant federal and state laws. His further responsibility is to maintain the Thales Crisis Management arrangements including exercise program.

Before joining Thales in 2004 Jason had 27 years experience in Commonwealth Government and has served on several senior boards and committees in both the Public Sector and Private Institutions, including:

He is currently:

Continue reading here:
Judging panel and shortlist for Global Security Influencer of the Year unveiled - IFSEC Global

As the name implies, Norton 360 is designed to provide all-round protection against malware and other threats. The message is slightly muddied by the existence of multiple editions of the software but the major protection features are the same across all of them.

The Standard suite, reviewed here, covers a single PC, while the Deluxe and Premium packages cover five and ten devices respectively and add parental controls and dark web monitoring to alert you if your personal information has been compromised online.

All of these can be bought online at competitive prices. A Standard licence costs 13 on Amazon while the Deluxe edition is 19. Is the venerable Norton brand still a good choice for your online security?

Norton 360 has two standout features that set it apart from most rivals. The first is an integrated backup module which, in the Standard edition, comes with 10GB of bundled cloud storage.

Opt for the Deluxe edition and that goes up to 50GB, while the Premium edition ups that to 75GB. Its a bit of a shame that this only backs up files and folders it cant make an image of your entire system for disaster recovery but its still a great plus point for the price.

On top of that, Norton 360 includes a fully functional VPN. It isnt a terrifically advanced service. It wont automatically turn on when you connect to a particular network, nor suspend your connection if the VPN link fails. Even so, with no data limits and servers in 31 countries to choose from, its a great benefit.

Aside from that, all the expected features are covered. The software scans local files and websites on access to ensure nothing nasty can get onto your PC, while a separate webcam protection module keeps you in control of which programs get to access your camera hardware.

Theres a custom firewall, too although its buried in the settings where busy users may never find it and an integrated version of Nortons free password manager, allowing you to retrieve unlimited credentials on Chrome, Firefox or Edge, as well as Android and iOS.

In all, its a solid feature set. Wed be happier if it included some sort of active folder protection, just in case a ransomware threat manages to slip past Nortons scanners but, as discussed below, thats a very unlikely eventuality.

READ NEXT: Our guide to the best antivirus software

Norton 360 is regularly tested by two independent security specialists AV-Comparatives.org in Innsbruck and AV-Test.org in Magdeburg. Were happy to report that Norton romped through the most recent series of tests, carried out in the first half of 2021, with a perfect 100% protection score from both labs against both widespread and brand new zero-day threats.

The news isnt all good, though. While Norton blocked every threat that was thrown at it, it also racked up an embarrassing tally of 22 false positives. Thats worse than almost any other security suite weve tested. F-Secure SAFE and Eset Internet Security both achieved a perfect zero here and even Windows Defender only raised a false alarm on five occasions. Its not hard to unblock wrongly flagged items, but you shouldnt have to second-guess your security software.

Norton 360 is split across two completely different interfaces the My Norton overview page, which offers one-click access to the various 360 modules, and the main Device Security control panel, from which your local protection settings are managed. This arrangement feels unnecessarily complicated but you wont have to deal with it often once youre past the initial setup.

Like all security software, Norton also has a certain impact on the performance of your PC. Across a range of different tests, the two independent labs reported an average slowdown of 9%.

Thats not brilliant but its better than Windows 10s built-in antivirus service, which came out at 12.5%. If top speed is your priority, however, F-Secure SAFE and McAfee Total Protection both nosed ahead, with impact ratings below 7%.

Norton 360 provides unbeatable protection and some truly worthwhile extra features for a price thats very hard to quibble with. Before you invest, just be sure youre comfortable with that high false-positive rate.

You should be aware too that, after your first year of protection is up, the renewal fee rockets to 65 so be sure to cancel and buy a new licence, rather than letting your subscription roll over.

Read more here:
Norton 360 Standard review: Superb virus protection with VPN and cloud backup thrown in - Expert Reviews

U.S. Marines with the Special Purpose Marine Air Ground Task Force 19.2 Crisis Response Command Element prepare field condition crisis response center networks in Kuwait. (U.S. Marine Corps photo by Sgt. Robert Gavaldon)

As data proliferates and attack surfaces expand, the Defense Department continues to have a fundamental need to discover, understand, track, and manage its data and intellectual property that is exposed on the internet.

The House Armed Services Committee noted the need to manage this process in an integrated end-to-end fashion in its markup of the National Defense Authorization Act for Fiscal Year 2021.

The Department of Defense (DoD) lacks a similar comprehensive understanding of the internet-connected assets and attack surface across the DoD enterprise; the committee notes in this regard that the DoD only recently discovered that it has twice as many managed connections to the internet as it thought it didconnections established and maintained by components that were not protected like the other sanctioned Internet Access Points managed by the Defense Information Systems Agency.

Despite strides made by Joint Force Headquarters-Departments of Defense Information Network (JFHQ-DODIN) in improving its enterprise-wide visibility of DoD networks, DoD networks are controlled by individual components, with JFHQ-DODIN deriving most of its situational awareness from component reporting. The committee believes that it is critical that JFHQ-DODIN achieve real-time visibility over all DoD networks.

This complexity makes DoD networks particularly ripe for the application of whats known as Internet Operations management (IOM). IOM capabilities enable organizations to:

When we kind of look at Internet Operations Management from the perspective of military networks, its easy to see the applicability of IOM, not just for the military but also for federal agencies, large government networks, and commercial customers, said Joseph Lin, vice president of product management for Cortex, Palo Alto Networks. All of them have these fundamental problems.

An IOM platform aggregates all of this data into a single, secure data lake, using machine learning algorithms and data analytics to discover anomalies and derive insights. Decisionmakers can then use this information to make, enforce, and verify IT and security policies and orders in an actionable, scalable, and automated way across the entire enterprise.

What is a data lake? Lin explains.

At a very basic level, a data lake is an environment holding an enormous amount of data, as well as highly heterogeneous data, that is brought together, integrated, and made mutually interpretable so that the data is able to relate to one another. At the end of the day, youre not just collecting data for datas sake, but are collecting it so that you can run analytics on top of that data. You can use machine learning in order to derive insights from the multitude of data that youre able to collect from your entire system.

IOM Is Well Suited to Military Networks

Military networks are, generally speaking, very large. They can be highly federated in nature, which makes managing all of their internet-facing assets that much more difficult.

Because of the large, distributed, highly federated nature, and sometimes expeditionary nature of military networks, management/command and control of their internet-facing assets is difficult and complex.

They are inefficient and insecure in other ways, as wellspecifically in six areas.

IOM Addresses Those Issues

It is those inefficiencies that lead to insecurities that are driving the need for enterprise-wide security enforcement among militaries around the world.

Cybersecurity and IT operations are most effective when there is centralized visibility and operational control over the entire network. The DoD owns some of the worlds largest and most complex networks, with millions of IP addresses and endpoints in multi-tiered enclaves. Yet, they continue to lack enterprise-wide network visibility and rely on late-20th century technologies for tasks as straightforward as developing, disseminating, and enforcing new IT policies.

DoD organizations and service members deserve best-in-breed technologies and processes such as those found with IOM to centralize and manage their security and network- operations. The good news is that these technologies already exist commercially and are widely deployed across legacy networks, especially in the private sector and a handful of government agencies.

A major part of managing legacy network systems is that they are properly secured behind firewalls and not exposed on the public internet because of vulnerabilities associated with their software that are simply unpatched, or are no longer supported by their original manufacturer, said Lin. Because these vulnerabilities can be easily exploitable by adversaries, its that much more important to ensure that theyre properly secured.

What IOM enables owners of legacy systems to do is, first and foremost, ensure that theyre not exposed on the public internet, that theyre not discoverable by adversaries, and that theyre properly configured and secured.

Conclusion

DoD and wider U.S. government cyber defense, detection, response, and recovery capabilities are inadequate. This problem is most fundamentally due to the lack of centralized visibility and operational control over federal information technology.

In addition, there is a huge gap between the mandate to secure, defend, and monitor government-wide networks and the highly disparate technologies and processes in place. Solving this problem is not only possible, it is happening now with existing technologies and processes in the private sector and within some individual federal agencies.

IOM products like Palo Alto Networks Cortex suite of systems, including Cortex Xpanse and XSOAR, enable JFHQ-DODIN to meet the requirements detailed by the FY21 NDAA through the development of IOM procedures that provide JFHQ-DODIN real-time visibility over all DOD networks.

Situational awareness is a basic requirement in all forms of conflict, and with Cortex IOM Defense Department organization can continuously discover, manage, and monitor all globally deployed DoD internet assets through daily attack surface scanning and regular mapping.

Comprehensive awareness and visibility across all of its networks will let DoD network managers confidently answer questions as straightforward as, What are all of my IPs?, How many endpoints or servers do I have? and What is the software running on them? Without IOM, they would be hard pressed to do so.

See the rest here:
Internet Operations Management Is Well Suited To Military Networks - Breaking Defense

A skimmer circuit board found inside a gas pump in San Diego County. Courtesy San Diego County Agriculture, Weights and Measures

A former San Diego Police Officer, Larry Avrech, had gotten a heads up from another former cop about keys being sold on the Internet that could open up gas pumps. Their first question was, is this legal?

Their second question was, why would anyone want to open up a gas pump?

The images Avrech found online showed two gas pump replacement lock keys.

The answer comes from Brian Krebs, a former newspaper reporter who is an expert on computers and Internet security.

For decades, only a handful of master keys were needed to open the vast majority of pumps in America, Krebs said. That has changed, but I bet there are some older stations that havent yet updated their locks.

Its entirely possible and plausible, Krebs said, that the keys are being used to open pumps. The purpose, he said, is for thieves who use skimmers.

Skimmers are a cleverly disguised electronic technology that thieves attach to cash machines, gas pumps and self-service checkout stands to steal credit card data. Krebs, a former Washington Post reporter, explained that the types of skimmers range in sophistication.

In some cases, the thieves must return to the scene of the crime to retrieve the data. More sophisticated strategies use texting to send the data.

In San Diego County, skimmer devices are spot checked as part of 700 inspections of gas stations done annually by San Diego Countys Agriculture Weights and Measures office. Typically, the locations chosen to place skimmers are close to freeways, have easy in-and-out access to a road, do not have a store or kiosk associated with it, and shut down for the night.

Gig Conaughton, communications specialist for the department, said this year inspectors found six skimmers, all of which were removed by the U.S. Secret Service. Conaugton said he couldnt provide the exact locations because there is still an ongoing, active investigation. But he was able to say the inspectors found the skimmers split at two locations in Santee and National City.

The Secret Service is involved because it is part of the U.S. Treasury Department. It is also active in pursuing credit card fraud.

If local inspectors find a skimmer, they will open and inspect 100% of the pumps at that station, said Conaughton, adding that we prioritize surveying stations with lower security or that have a history of skimmer finds.

For the credit or debit card holder, experts say its another reason to monitor your card usage as often as possible.

So is anyone pursuing the key sellers on the Internet? Not really. As Conaughton explained, there are no laws or regulations prohibiting the sale or copying of generic gas station keys.

JW August is a San Diego-based broadcast and digital journalist.

Show comments

Read the rest here:
In Worrisome Development, Skimmers Hack Gas Pumps to Read Credit Cards - Times of San Diego