Blog Posts

Cybersecurity for Critical Infrastructure

Cyber threats and vulnerabilities pose likely and imminent degrees of risk to the critical infrastructure grid which includes facilities, supervisory control and data acquisition systems (SCADA) and field devices. The intricate network architecture of the smart grid is exposed to hidden risks posed by interconnected heterogeneous devices from multiple vendors, integrated open source and commercial off-the-shelf (COTS) components, and minimum (or lack of) supply chain cyber hygiene.

Read More

Cyber Security for Healthcare

The healthcare industry is undergoing a radical reform from HIPAA to HITECH with the passage of legislation to (a) impose civil and criminal penalties on willful neglect, and (b) adoption of Electronic Health Records (EHI) with implications on security of electronic Protected Health Information (ePHI) across the supply chain including providers and business associates. These two key provisions will drive how CIOs and CISOs in the healthcare industry must develop processes and policies for compliance and enforcement.

Read More

The Power of Observation

The move from “log correlation” to “behavioral risk” requires a paradigm shift.

The first generation of cybersecurity solutions leveraged the power of “logs”. This was based on the credence that ad-hoc events once captured and preserved may be correlated in the future to provide historical evidence. Logs are valuable for technical support, troubleshooting and audits. The log centric model was designed to fulfill compliance requirements and verify security controls implemented for access management.

Read More

Waiting for the Shoe to Drop(box): The Danger Of Cloud-Based Storage Services

For would-be attackers, cloud services like Dropbox offer a convenient end-run around the perimeter-based firewalls, intrusion detection systems, web gateways and anti-malware sandboxes commonly used by many enterprises. Employees and contractors regularly bring personal devices into their enterprise networks, while some organizations openly allow cloud services to operate within their managed domains. The convenience and rapid adoption of cloud-based file storage makes it an almost ubiquitous problem for enterprise security.

Read More

Why Breaches Happen

No intricate grid of security point controls, howsoever strategically deployed at the perimeter and in the core of the network can respond reliably and effectively without real-time threat information sharing. Actionable intelligence will require risk metrics, interoperability across multi-vendor security products, velocity of remediation and diversity of detection methods for resilience against advanced evasion techniques of emerging threats.

Read More

Cyber Security Essentials for Enterprise Risk Management

The core foundation of cyber security needs to be reinforced from the exposed limitations of legacy controls that have outlived the compliance and signature based paradigm. The new paradigm for Enterprise Risk Management (ERM) is based on real evidence from active behavior recognition, reducing false positives (the fog) through automation that augments human-level IQ, real-time threat intelligence sharing to enrich context, and partnerships that streamline workflow.

Read More

Anthem & Cyber Risk: Defending the Back Door

Yesterday we learned about yet another massive data breach, this time at Anthem, Inc., the second largest U.S. health insurance provider.

While we don't yet have any specific information on how this data breach occurred, as a cyber security professional, it reminds me of how simple mistakes at small companies can lead to big problems up the supply chain.

Read More

Technology Plays A Critical Role in Detection and Incident Response

Today, standard operating procedure for security organizations dealing with increasing threats is bolting on increasingly sophisticated technologies: anti-virus, router ACL lists, firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), web reputation services, web application firewalls, Security Information Event Management (SIEM), anti-malware gateways, endpoint virtualization, etc. 

Read More

Why The Mid-Market Needs to Change the Rules of the Cyber Threat Game

It’s become a daily occurrence to learn of the latest breach when reading the news each day during your morning coffee. They are so frequent, and the volume of records breached so astronomical, that people are starting to get desensitized. This is both good and bad for information security professionals. On the positive side, there is no longer any issue convincing management that malware, hacking and breaches are serious issues.

Read More

Companies Must Be Cyber-prepared

One of the nation’s largest financial institutions, J.P. Morgan Chase & Co., is still reeling from a massive cyber-assault which compromised the personal information of millions of their customers.

Read More
Subscribe to RSS - blogs