Blog Posts

The Power of Observation

The move from “log correlation” to “behavioral risk” requires a paradigm shift.

The first generation of cybersecurity solutions leveraged the power of “logs”. This was based on the credence that ad-hoc events once captured and preserved may be correlated in the future to provide historical evidence. Logs are valuable for technical support, troubleshooting and audits. The log centric model was designed to fulfill compliance requirements and verify security controls implemented for access management.

Read More

Waiting for the Shoe to Drop(box): The Danger Of Cloud-Based Storage Services

For would-be attackers, cloud services like Dropbox offer a convenient end-run around the perimeter-based firewalls, intrusion detection systems, web gateways and anti-malware sandboxes commonly used by many enterprises. Employees and contractors regularly bring personal devices into their enterprise networks, while some organizations openly allow cloud services to operate within their managed domains. The convenience and rapid adoption of cloud-based file storage makes it an almost ubiquitous problem for enterprise security.

Read More

Why Breaches Happen

No intricate grid of security point controls, howsoever strategically deployed at the perimeter and in the core of the network can respond reliably and effectively without real-time threat information sharing. Actionable intelligence will require risk metrics, interoperability across multi-vendor security products, velocity of remediation and diversity of detection methods for resilience against advanced evasion techniques of emerging threats.

Read More

Cyber Security Essentials for Enterprise Risk Management

The core foundation of cyber security needs to be reinforced from the exposed limitations of legacy controls that have outlived the compliance and signature based paradigm. The new paradigm for Enterprise Risk Management (ERM) is based on real evidence from active behavior recognition, reducing false positives (the fog) through automation that augments human-level IQ, real-time threat intelligence sharing to enrich context, and partnerships that streamline workflow.

Read More

Anthem & Cyber Risk: Defending the Back Door

Yesterday we learned about yet another massive data breach, this time at Anthem, Inc., the second largest U.S. health insurance provider.

While we don't yet have any specific information on how this data breach occurred, as a cyber security professional, it reminds me of how simple mistakes at small companies can lead to big problems up the supply chain.

Read More

Technology Plays A Critical Role in Detection and Incident Response

Today, standard operating procedure for security organizations dealing with increasing threats is bolting on increasingly sophisticated technologies: anti-virus, router ACL lists, firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), web reputation services, web application firewalls, Security Information Event Management (SIEM), anti-malware gateways, endpoint virtualization, etc. 

Read More

Why The Mid-Market Needs to Change the Rules of the Cyber Threat Game

It’s become a daily occurrence to learn of the latest breach when reading the news each day during your morning coffee. They are so frequent, and the volume of records breached so astronomical, that people are starting to get desensitized. This is both good and bad for information security professionals. On the positive side, there is no longer any issue convincing management that malware, hacking and breaches are serious issues.

Read More

Companies Must Be Cyber-prepared

One of the nation’s largest financial institutions, J.P. Morgan Chase & Co., is still reeling from a massive cyber-assault which compromised the personal information of millions of their customers.

Read More

Government Needs the Private Sector to Improve Cybersecurity

Cyber-attacks continue to rear their ugly head as a major security threat to American infrastructure.  Private- and public-sector entities alike are finding themselves victims of security breaches and data swipes.  Hackers can come from anywhere – inside or outside the United States – and their goals can vary.  Some are after state or industrial secrets, while others are after that valuable 21st-Century commodity, customer data.  Still more hackers simply want to cause chaos, disrupting commerce and peoples’ lives for cheap thrills.  But since cyber-attacks are launched against government

Read More

Capitol Hill Joins Business Leaders in Cybersecurity Progress

Last week, the Senate Select Committee on Intelligence passed legislation intended to help the U.S. Government and American companies thwart cybersecurity attacks, the Cyber Information Sharing Act (CISA). Should this legislation pass Congress and be signed into law, it would be a big step towards tightening our nation’s security online.

Read More
Subscribe to RSS - blogs