Umrežen Blog Blog o umrežavanju i internetu. Tutorijali, SpeedTest, Merenje Brzine interneta, Telekom ADSL, Telenor, VIP, Sbb, Orion.
7 od 10 firmi je prepoznalo da im je sistem ugroženiji nego u prethodnoj godini.
S’ obzirom da je 2017-ta bila poprilično dinamična po pitanju cyber bezbednosti, u 2018-tu smo ušli sa relativno dobrim vestima. Meltdown i Spectre ( CVE-2017-5754, CVE-2017-5753 i CVE-2017-5715 ) su zakrpljeni, svest o ransomware-u se globalno podigla, ipak mnoge stvari su ostale kao velike rane koje još uvek nisu zarasle. Najbitnije cyber krize koje su se dogodile u prethodnoj godini su bile WannaCry/WannaCrypt ransomware ( koji je proglašen za najveći cyber problem u istoriji) kao i Equifax koji je možda najveći gubitak ličnih podataka ikada. Sve ovo podiglo je nivo svesti na internacionalnoj IT sceni na mnogo veći nivo, ali šta je sa Srbijom? Iz ličnog iskustva govoreći, dosta se svest promenila i kod nas. Mnoge kompanije sa kojima sarađujemo su počele da istražuju alternative i da traže konsultantske usluge po pitanju odabira aktivne zaštite, gde postojeća konvencionalna anti-virus rešenja više nisu dovoljna. Ovo se ne odnosi na sve segmente domaćeg biznisa ( od SME do Enterprise). Mene lično je posebno obradovalo to podizanje svesti na nivou male/mikro privrede, gde su vlasnici firmica počeli da rezonuju da otkaz bilo kog dela IT infrastrukture znači konačan minus u poslovanju. Najbolje od svega je da ne pričamo samo o IT firmama. Industrije kojima pripadaju variraju od građevinarstva pa sve do hotelijerstva. Mnoge od njih i bez svog internog IT sektora.
Na globalnom nivou 54% kompanija su tokom 2017 imale neku vrstu cyber napada.
Online napadi su promenili svoj oblik ali i namenu. Dok se pre 10-ak godina većina napada odnosila na zarazu virusom bilo koga i bilo gde, današnji napadi su pre svega usmereni/targetirani na kompanje. Razlog je krajnje jednostavan – profit. Bez obzira na sam tip malware-a i krajnje radnje koju prouzorokuje ( Botnet, Ransomware, Identity Theft, CryptoMiner) malware-i imaju samo jedan kranji cilj. Da tvorcu obezbede zaradu. Dakle, vreme stvaranja BlackHat reputacije i prestiž su nestali negde kada je Kevin Mitnik skinuo crni i stavio beli šešir. Sam oblik napada je prešao sa file na fileless. Dakle, umesto da se plasira nekakav zlonamerni fajl na disk mete, fileless napad može da se odvije u RAM memoriji, registry ili da budu kreirani da zloupotrebe legitimne alate za sistem administraciju ( PowerShell, WMI, PsExec, SCCM…). Šta je sada ovde toliko spektakularno? Pa detekcija. Mnogo je teže detektovati nešto što nije fajl i uporediti ga sa nekim fingerprint-om, nego fajl sa diska. E, sad se nameće pitanje kako se onda uopšte odbraniti od ovako nečega? Pa preko adaptive-security/AI/machine-learning sistema koji su suplement konvencionalnim AV proizvodima. Kao i sve što je na početku, ovakva rešenja su preskupa jer vendori cenu pravdaju „patentiranom“ tehnologijom koja će uskoro biti sastavni deo svakog free anti-virusa ( čim prođe HYPE oko machine learning tehnologije). Naravno najbolja rešenja ovog tipa potiču iz Izraela ( potražite sami, mi ne reklamiramo nikoga).
Samo trećina kompanija smatra da ima resurse i znanja da upravljaju sopstvenom IT bezbednošću
Osim što je statistika takva da je 4 od 5 firmi promenilo AV rešenje tokom 2017 godine ( bilo promenom vendora ili prelaskom sa free na paid model licenciranja) poražavajuće je to da 68% kompanija smatra da na kraju nisu zaštićeni i na žalost – u pravu su. Kako sam malware evoluira, tako evoluiraju i security rešenja. Sa evolucijom rešenja raste i cena. Ova spriala dovodi do ultimativnog pitanja – koliko ja zaista treba da uložim u security? Spisak potreba je od starog sistema
- Antivirus na računarima, router, switch i statefull firewall na mreži, monitoring
dogurao do NG franšize
- Next Generation End Point protection ( user behavior learnin, AI, rootkit defence…)
- Next Generation Firewall ( network antivirus, IPS, IDS, DPI with SSL inspection…)
- Network Visibility tool ( network behavior learning, dynamic alerting – freeware primer je maltrail, čisto slike radi)
- DDOS mitigation appliance – ovo ima smisla samo ako ste enterprise koji kod sebe hostuje svoje javne servise ili ISP
- Standardna aktivna oprema: routeri i switchevi
Dakle, sa komplikovanijim napadima na kraj izlaze komplikovaniji uređaji, koje kao i sve druge treba administrirati. Dakle, za ovo je potreban ili spoljni saradnik ili interni kvalitetan System administrator, jer svaki od ovih proizvoda je dobar onoliko koliko je dobra konfiguracija istog.
Ukupna svetska ulaganja u IT bezbednost će iznositi 96 milijardi dolara u 2018
S’ obzirom da je računica ( na svetskom nivou) da uspešan napad kompaniju košta oko 300$ po zaposlenom jasno je da je najskuplje imati downtime. Stoga će svi dodatne resurse ulagati u bezbednost, posebno firme koje posluju primarno preko interneta.
Proračun je da će do 2021 postojati otvoreno 3.5 miliona radnih mesta za stručnjake za bezbednost
Svi zaposleni na IT pozicijama u kompanijama će biti direktno ili indirektno uvučeni u security. Zaštita i odbrana sopstvenih resursa će biti jedan od bitnih fokusa prilikom intervjua za zapošljavanje. ( trenutno ne postoji nezaposlen security stručnjak)
Sumirano,
ukoliko želite da u narednim godinama pristojno zarađujete ( u inostranstvu prevashodno) krenite lagano u prikupljanje informacija o security sertifikacijama. Sam posao jeste dinamičan, zanimljiv i izazovan, ali sa druge strane slobodno računajte da ako i počnete da radite na ovakvoj poziciji bilo kakav ozbiljniji security incident znači i otkaz.
Izvori citiranih informacija CSO i Barkly i Ponemon institut
![MikroTik kao repeater – podešavanje [VIDEO]](https://blog.merenjebrzineinterneta.in.rs/files/uploads/2017/04/MikroTik-repeater-podesavanje-tutuorijal-300x160.png "MikroTik kao repeater – podešavanje [VIDEO]")
I’ve been using it for a month for using the API, and the great support stands out.
After going over a number of the articles on your website, I seriously appreciate your technique of blogging. I book marked it to my bookmark site list and will be checking back in the near future. Please visit my website as well and let me know what you think.
Every weekend i used to pay a quick visit this web site, because i want enjoyment, as this this
website conations actually good funny material too.
It’s really a cool and helpful piece of info.
I’m glad that you shared this helpful information with us.
Please stay us informed like this. Thanks for sharing.
This post is invaluable. When can I find out more?
家业2026 杨紫主演 高清古装经商大女主 海外华人首选 全球加速高清
It is not my first time to visit this site, i am browsing
this web page dailly and obtain pleasant data from here everyday.
Pretty! This has been a really wonderful post. Thanks for providing these details.
This is the perfect web site for everyone who wishes to find out about this topic. You realize so much its almost tough to argue with you (not that I actually will need to…HaHa). You definitely put a brand new spin on a subject that’s been written about for decades. Excellent stuff, just excellent.
I every time used to read paragraph in news papers but now as I am a user of internet therefore from now I am
using net for articles or reviews, thanks to
web.
The checking analytics tools are great support and accurate charts. The updates are frequent and clear.
May I simply say what a comfort to find someone that truly knows what
they’re talking about on the web. You certainly know how to bring an issue to light and make it important.
A lot more people ought to read this and understand
this side of the story. I can’t believe you are not more popular since you definitely have
the gift.
Attractive section of content. I just stumbled upon your site and in accession capital to assert that I get
in fact enjoyed account your blog posts. Any way I will be subscribing to your feeds and even I achievement you access consistently fast.
I’ve been using it for over two years for exploring governance, and the scalable features stands out.
Hi I am so happy I found your web site, I really found you by mistake,
while I was browsing on Digg for something else,
Anyhow I am here now and would just like to say kudos for a remarkable post and a all round enjoyable blog (I also love the theme/design),
I don’t have time to browse it all at the minute
but I have book-marked it and also added in your RSS feeds, so when I have
time I will be back to read a great deal more, Please do keep up the fantastic work.
The staking tools are easy onboarding and wide token selection. Great for cross-chain swaps with minimal slippage.
I do not even know how I ended up here, but I thought this post was great.
I do not know who you are but certainly you are going to a famous blogger if you aren’t already 😉 Cheers!
Undeniably believe that which you said. Your favorite justification appeared to be on the
web the easiest thing to be aware of. I
say to you, I definitely get irked while people consider
worries that they plainly don’t know about. You managed to
hit the nail upon the top and defined out the whole thing without having
side-effects , people could take a signal. Will likely be back to get more.
Thanks
Hey there, You’ve done an excellent job. I will certainly digg it and
personally suggest to my friends. I’m sure
they’ll be benefited from this website.
This is very interesting, You’re an excessively professional blogger.
I’ve joined your feed and look ahead to looking for extra of your fantastic post.
Also, I’ve shared your site in my social networks
Adelaide United vs Perth Glory – 2026 A-League 16:35 kick-off! Australian football scores & betting buzz live now!
The trading process is simple and the robust security makes it even better.
Hello There. I discovered your blog the use of msn. This is a
very well written article. I will be sure to bookmark it and come back to
learn more of your useful information. Thanks for the post.
I’ll certainly return.
I’ve been using it for recently for using the bridge, and the useful analytics stands out.
hey there and thank you for your info – I’ve definitely picked up something new from right here.
I did however expertise a few technical points using this
site, since I experienced to reload the site a lot of times previous to I
could get it to load properly. I had been wondering if your hosting is OK?
Not that I’m complaining, but slow loading instances times will often affect your placement in google and could damage your high-quality score if ads
and marketing with Adwords. Anyway I am adding this RSS to my
e-mail and could look out for a lot more of your respective
intriguing content. Make sure you update this again very soon.
Hi there, There’s no doubt that your web site could possibly be having browser compatibility problems. When I take a look at your blog in Safari, it looks fine however, if opening in Internet Explorer, it has some overlapping issues. I just wanted to provide you with a quick heads up! Other than that, excellent blog.
Great site you have got here.. It’s hard to find quality writing like yours nowadays. I really appreciate people like you! Take care!!
Yesterday, while I was at work, my cousin stole
my iphone and tested to see if it can survive a 30 foot drop,
just so she can be a youtube sensation. My apple ipad is now destroyed and she has 83 views.
I know this is totally off topic but I had to share it with someone!
I was very happy to find this website. I need to to thank you for your time for this fantastic read!! I definitely liked every part of it and I have you book-marked to see new things in your blog.
I personally find that the interface is intuitive UI, and I enjoy trading here.
I got this web page from my buddy who informed me on the topic of this web page and at
the moment this time I am visiting this web page and reading very informative articles or reviews at this place.
It’s hard to find experienced people on this subject, but you seem like you know what you’re talking about! Thanks
This is a really good tip particularly to those fresh to the blogosphere. Simple but very precise info… Thanks for sharing this one. A must read post!
What’s up to all, the contents existing at this web site are genuinely remarkable for people knowledge,
well, keep up the nice work fellows.
It’s difficult to find educated people for this subject, but you sound like you know what you’re talking about! Thanks
Hi there I am so happy I found your blog page, I really found you
by mistake, while I was looking on Google for something else,
Anyways I am here now and would just like to say thank you for a incredible post and a all round entertaining blog
(I also love the theme/design), I don’t have time to look over it all at
the minute but I have book-marked it and also added your RSS feeds, so when I have time I
will be back to read much more, Please do keep up the great jo.
Greetings! I’ve been reading your site for a while now and finally
got the bravery to go ahead and give you a shout out from
Kingwood Texas! Just wanted to tell you keep up the fantastic work!
I personally find that the transparency around accurate charts is refreshing and builds trust. Great for cross-chain swaps with minimal slippage.
This is a topic that’s near to my heart… Many thanks! Exactly where are your contact details though?