• May 27, 2016
  Effective Threat Detection
  Threat prevention must always begin with the effective ability to detect threats. Detection must be sweeping and comprehensive if an organization plans to truly understand its risk. As the model for detection continues to shift into ‘threat intelligence’, CISO’s and security teams must understand where these programs excel and where they do not. The issue many groups encounter is not due to lack of effort or investment, but instead, the fault lies with the vendors for lack of transparency. The threat management solutions such as managed SOC’s will often hold back intelligence as an add-on, but also vendors don’t take the time to present what is detected and what is not.
  
  There is also a gap between an internal threat actor and the ability to detect host-to-host incidents. This means that when an attacker finds himself inside the network, he is able to pivot and attack freely going mostly undetected. Why is this? There is nothing in place to detect host-to-host attac... ( Read More )
• Nov 13, 2015
  Security vs. Functionality
  There has long been a sliding rule that says the more secure a solution is, the less usable it becomes. With a boom in the Internet of Things, or “IoT", many hackers playing with rapid prototyping kits, hacker spaces in every major city, and 3D printing becoming a mainstay in most public areas, we need to pause and understand where the slide rule currently sits. As more and more elements of our daily lives are driven online, and the cost of convenience is driven down, we expose ourselves to risks not previously considered. Never before has it been possible to unlock your front door, preheat an oven or surveil a home all from a remote location. Never before has your TV put your privacy at risk.

  
  

  While the consumer elements can provide additional creature comforts, they are also drivers towards what we want at work. Why not push for tools in the workplace which make l... ( Read More )
• Oct 22, 2014
  Three Common PCI Misperceptions
  With all the negative publicity this year surrounding major-league retailers and their staggering credit card information breaches, it’s no surprise the question of PCI compliance has moved to the front of many a CISO’s minds. And while the PCI Data Security Standard (PCI DSS) has steadily evolved to meet emerging security concerns (currently in its 3^rdmajor revision) many security professionals either eschew the standard altogether or have misconceptions about some of the key tenants of the PCI standard.  Here’s a quick look at three top PCI misconceptions:

  #1 -- Since I don't store credit card information, I don't have to worry about being PCI compliant.<... ( Read More )
• May 02, 2014
  Avoid Security Event Overload
  A great many organizations implement various layers and tools within their security management program – IPS, malware intelligence, spam filtering, firewall logs, Active Directory events, and more – that feed into centralized event correlation engines. This is a great start to a security management program. But how can a security team with limited resources and time manage to prioritize streams consisting of thousands of events a second? Here are two basic strategies that can help:

  1)    Implement an asset value filter that prioritizes critical assets over less critical assets. For example, a security incident involving a server should take priority over a workstation, a server containing high... ( Read More )

NEWS FEED

LATEST TWEET