Big data security context

Big data security context

Cyber attacks have greater range than a jet fighter or ICBM, regardless of whether they're perpetrated by nation-states, cyber criminals or activists. To address this issue, organizations are trying to optimize their use of big data...

04/15/2014

Security analysts evolving from security administrators

Security analysts evolving from security administrators

There seems to be a global evolution in security talent worldwide - partly from want and partly from need. The technology, talent and techniques once necessary to support a sound security posture are changing as threats and business...

03/24/2014

A cyber army in formation at South Korea’s hacker school

A cyber army in formation at South Korea’s hacker school

Many countries around the world are making large investments in cyber warfare from both an offensive and a defensive perspective. This is particularly true in emerging markets where finding parity in kinetic strength –- tanks,...

03/05/2014

Big security data: What to keep, for how long?

Over the last 10 years investments made by Brazilian banks in cyber security have grown substantially. As has the data. Now, at least two camps are emerging in the debate about what data should be kept for various time intervals.

02/25/2014

Security analytics needed in Singapore

Security analytics needed in Singapore

I recently concluded a week in Singapore this January. I’ve been to Singapore many times over the last few years, but this most recent visit was focused squarely on the need for security analytics (SA). More specifically, how critical...

01/28/2014

‘More’ meaningful metadata – for network security

‘More’ meaningful metadata – for network security

A couple weeks ago I wrote my first blog about metadata. In that blog I highlighted five of the core requirements of a successful metadata program from privacy concerns to data retrieval. This blog will go deeper into metadata for...

11/12/2013

Making metadata meaningful for network security

Making metadata meaningful for network security

Metadata is most simply data about data. From a network security perspective it has multiple uses ranging from real-time incident detection to post-prevention forensic analysis. Before you start exploring the many uses of metadata...

10/30/2013

Malaysian security goes mainstream

Malaysian security goes mainstream

What I observed during my time in Malaysia was that because of the rapid economic growth across multiple business verticals within the country there is an “eyes wide open” approach to information security.

10/08/2013

5 'more' reasons SCADA security is fragile

5 'more' reasons SCADA security is fragile

Industrial control systems (ICS), like any complex system, are vulnerable to accidents and attacks. These systems that help maintain our way of life are fragile and in many cases are unable to mitigate cyber attacks.

09/23/2013

5 reasons SCADA security is fragile

5 reasons SCADA security is fragile

Most of us interact with industrial control systems every day without even knowing it. They support our way of life, and yet they are fragile.

09/16/2013

Dude, where’s my security ROI?

Dude, where’s my security ROI?

Much of what's done in IT is measured. How much money will be saved if we provide this service online; or how many more customers will we attract if we offer a smartphone application? Security isn’t always that quantitative. In fact...

09/03/2013

6 technical measures to mitigate insider threats

6 technical measures to mitigate insider threats

But we needn’t throw up our hands and surrender. There are technical measures that can be embraced to help mitigate the risks brought upon by malicious insiders. These technical measures work in tandem with non-technical measures...

08/19/2013

Maturing information security in Mexico

Maturing information security in Mexico

I’ve visited Mexico many times over the years. Besides great Puerco Pibil and greater Tequila, I’ve found alarming norms. Public and private sector organizations were substantially behind in information security. They were even behind...

08/12/2013

4 non-technical measures for mitigating insidious insiders

4 non-technical measures for mitigating insidious insiders

Can threats from insiders be proactively mitigated with non-technical measures?  The short answer is "yes and no." An incident associated with a careless or malicious insider can be mitigated, sometimes, but it is highly dependent on...

07/23/2013

Information sharing: Motherhood and apple pie or risky business

Information sharing: Motherhood and apple pie or risky business

Just as the bad guys can use the distributed power of millions of compromised computers within their botnets, the good guys can use collective intelligence to prevent, detect and respond to those attacks.

07/16/2013

Load More