Latest Posts

Devo Achieves ATO, and Federal CISOs Gain Another Key Resource

Featured Posts
Devo Achieves ATO, and Federal CISOs Gain Another Key Resource

Jan 19, 2024

Seeking SaaS: FedRAMP Launches Modernization and 10X Increase

Nov 22, 2023

Ripcord Transforms, Anitian Empowers, Agencies Win

Oct 25, 2023

Revving Up for Rev5, Part 3: Recommendations and Timelines

Aug 22, 2023

Revving Up for Rev5, Part 2: SCRM, Privacy and Encryption

Aug 1, 2023

All Posts

andrew.plato

July 22, 2015

Enough with the Stunt Hacking

The time has come for the information security profession to reject stunt hacking such as the sensational car hacks that Charlie…

Read More

andrew.plato

June 22, 2015

PCI Compliance for the AWS Cloud

Anitian's Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant.

Read More

andrew.plato

March 18, 2015

The Battle for Endpoint Security Begins (Again)

Anti-virus may be dead, but endpoint security analytics is young, healthy, and about to pop up on your task bar in…

Read More

andrew.plato

February 8, 2015

Can Security Analytics Replace Humans?

The dream of a "self-defending" network has been alive for a decade. However, recent advances in Security Analytics technologies portend the…

Read More
PCI 3.0 Secure Authentication Requirement - Anitian

andrew.plato

December 2, 2014

PCI 3.0 Secure Authentication Requirement

The new PCI 3.0 introduces a subtle, but important new requirement for addressing security authentication and session management for web applications.

Read More

andrew.plato

June 24, 2014

The Fatal Flaw in IT Risk Management

The spate of high profile data breaches have, if nothing else, proven that organizations are managing risk poorly. Part of the…

Read More

andrew.plato

May 8, 2014

Security Analytics Part 1: The Game is On

Security Analytics is an emerging class of technologies that leverages big data and advanced analysis techniques to find attackers and malicious…

Read More
Communicating Risk to Executive Leadership - Anitian

andrew.plato

March 27, 2014

How to Communicate Risk to Executive Leadership

In an age when cybercrime and advanced persistent threats are creating havoc, how does IT security communicate risk to executive leadership?…

Read More

andrew.plato

February 11, 2014

The Failure of the PCI-DSS?

The Target breach has ignited a firestorm of debate over the efficacy of the PCI-DSS. The problem with the PCI-DSS is…

Read More

andrew.plato

February 3, 2014

We Are Privacy and Security Hypocrites

Whether it is personal, local, national or cyber – we adore security, privacy, and spying in all its forms…until it affects…

Read More

andrew.plato

November 7, 2013

Is badBIOS for Real?

Is badBIOS a real threat? Maybe not, but the origin of this threat could be a very real problem.

Read More

andrew.plato

September 29, 2013

Analysis of the New Requirements for PCI 3.0

Anitian analyzes the new requirements to the PCI DSS 3.0

Read More

andrew.plato

August 18, 2013

How to Get a Meaningful Security Assessment

The curriculum of business schools are filled with case studies of companies that took short cuts to become competitive and accomplished…

Read More

andrew.plato

July 15, 2013

Windows GUI for nMap – WinMap

A powerful new GUI for Nmap – WinMap

Read More

andrew.plato

June 6, 2013

The Needs of the Many: Becoming a Servant Security Leader

“The needs of the many outweigh the needs of the few, or the one.”  This was Spock’s pragmatic wisdom from Star…

Read More

andrew.plato

October 17, 2012

Intrusion Prevention Endgame

All good things must come to an end.  In the late 90’s I was fortunate to be involved with the development…

Read More