Security Analytics Part 1: The Game is On

Industry Analysis

Security Analytics is an emerging class of technologies that leverages big data and advanced analysis techniques to find attackers and malicious activity deep inside today’s networks. Anitian conducted an in-depth study of this market and presents our research and insights.

How to Communicate Risk to Executive Leadership

Opinion

In an age when cybercrime and advanced persistent threats are creating havoc, how does IT security communicate risk to executive leadership? The key is to deliver business risk intelligence to leadership in a format they can understand and use.

The Failure of the PCI-DSS?

Opinion

The Target breach has ignited a firestorm of debate over the efficacy of the PCI-DSS. The problem with the PCI-DSS is not the standard, but a deeply flawed an corrupted assessment process.

We Are Privacy and Security Hypocrites

Opinion

Whether it is personal, local, national or cyber – we adore security, privacy, and spying in all its forms…until it affects us personally…then we hate it with the burring hot passion of 10,000 suns.

How to Get a Meaningful Security Assessment

Business of Security

The curriculum of business schools are filled with case studies of companies that took short cuts to become competitive and accomplished the exact opposite.  For the information security world, there is a similar “penny-wise, pound-foolish” behavior in the notorious “Checkbox Assessment.”  These are security or compliance assessments that have little basis in reality and are […]

Intrusion Prevention Endgame

UTM / NGFW

All good things must come to an end.  In the late 90’s I was fortunate to be involved with the development of one of the first intrusion prevention systems (BlackICE).  It was a defining job for me since I learned so much working with the NetworkICE people, notably Robert Graham, Clinton Lum, and the late […]