All Posts
July 22, 2015
Enough with the Stunt Hacking
The time has come for the information security profession to reject stunt hacking such as the sensational car hacks that Charlie…
June 22, 2015
PCI Compliance for the AWS Cloud
Anitian's Workbook for PCI Compliance in the AWS Cloud takes the guesswork out of making your AWS infrastructure PCI DSS compliant.
March 18, 2015
The Battle for Endpoint Security Begins (Again)
Anti-virus may be dead, but endpoint security analytics is young, healthy, and about to pop up on your task bar in…
February 8, 2015
Can Security Analytics Replace Humans?
The dream of a "self-defending" network has been alive for a decade. However, recent advances in Security Analytics technologies portend the…
December 2, 2014
PCI 3.0 Secure Authentication Requirement
The new PCI 3.0 introduces a subtle, but important new requirement for addressing security authentication and session management for web applications.
June 24, 2014
The Fatal Flaw in IT Risk Management
The spate of high profile data breaches have, if nothing else, proven that organizations are managing risk poorly. Part of the…
May 8, 2014
Security Analytics Part 1: The Game is On
Security Analytics is an emerging class of technologies that leverages big data and advanced analysis techniques to find attackers and malicious…
March 27, 2014
How to Communicate Risk to Executive Leadership
In an age when cybercrime and advanced persistent threats are creating havoc, how does IT security communicate risk to executive leadership?…
February 11, 2014
The Failure of the PCI-DSS?
The Target breach has ignited a firestorm of debate over the efficacy of the PCI-DSS. The problem with the PCI-DSS is…
February 3, 2014
We Are Privacy and Security Hypocrites
Whether it is personal, local, national or cyber – we adore security, privacy, and spying in all its forms…until it affects…
November 7, 2013
Is badBIOS for Real?
Is badBIOS a real threat? Maybe not, but the origin of this threat could be a very real problem.
September 29, 2013
Analysis of the New Requirements for PCI 3.0
Anitian analyzes the new requirements to the PCI DSS 3.0
August 18, 2013
How to Get a Meaningful Security Assessment
The curriculum of business schools are filled with case studies of companies that took short cuts to become competitive and accomplished…
June 6, 2013
The Needs of the Many: Becoming a Servant Security Leader
“The needs of the many outweigh the needs of the few, or the one.” This was Spock’s pragmatic wisdom from Star…
October 17, 2012
Intrusion Prevention Endgame
All good things must come to an end. In the late 90’s I was fortunate to be involved with the development…