Information sharing: Motherhood and apple pie or risky business
Just as the bad guys can use the distributed power of millions of compromised computers within their botnets, the good guys can use collective intelligence to prevent, detect and respond to those...
View ArticleClik here to view.
4 non-technical measures for mitigating insidious insiders
Can threats from insiders be proactively mitigated with non-technical measures? The short answer is "yes and no." And promise, this isn’t going to turn into a blog on quantum computing to explain...
View ArticleClik here to view.
Maturing information security in Mexico
I just returned from Mexico City and was pleasantly surprised to find much more strategic visions relating to information security and the alignment of that vision with the business. The puerco pibil...
View ArticleClik here to view.
6 technical measures to mitigate insider threats
But we needn’t throw up our hands and surrender. There are technical measures that can be embraced to help mitigate the risks brought upon by malicious insiders. These technical measures work in...
View ArticleClik here to view.
Dude, where’s my security ROI?
This isn’t to say that ROSI or measuring security in qualitative terms isn’t valuable. Of course it is; we want to stop bad things and we want to know that our security solutions are working...
View ArticleClik here to view.
5 reasons SCADA security is fragile
To understand why they are fragile it’s important to first understand a bit of the ICS architecture. At a high level, most of these organizations have three operational zones. Zone one This zone...
View ArticleClik here to view.
5 'more' reasons SCADA security is fragile
1. The Black Box More often than not devices within critical infrastructure operate as a black box. The organization operating them is not allowed to make system changes because it will void the...
View ArticleClik here to view.
Malaysian security goes mainstream
What I observed during my time in Malaysia was that because of the rapid economic growth across multiple business verticals within the country there is an “eyes wide open” approach to information...
View ArticleClik here to view.
Making metadata meaningful for network security
01 Big Brother Regulatory mandates govern data collection in many countries and some countries much more than others. Several European countries, such as France and Germany, have strong privacy laws...
View ArticleClik here to view.
‘More’ meaningful metadata – for network security
06 Make it all work together You've implemented a solution like that outlined in the first metadata blog, and you are able to derive some pretty interesting results using it in a silo. While...
View ArticleClik here to view.
Security analytics needed in Singapore
SA is one of those terms that can have multiple definitions and usually depends on who you are, your background, what you do, whom you work for, etc. When I'm talking about SA I'm referencing the...
View ArticleClik here to view.
Big security data: What to keep, for how long?
Brazil has always been a pioneer in financial services. It was one of the first countries in the world to offer Internet banking, which also means it was one of the first countries in the world trying...
View ArticleA cyber army in formation at South Korea’s hacker school
In my last blog I wrote about my trip to Brazil. In a grueling two-week tour, my following week took me directly from Brazil to Seoul, South Korea. Besides switching from tropical to frigid...
View ArticleSecurity analysts evolving from security administrators
Colombia Last week I was fortunate to return to Bogota, Colombia. Much like my recent travels and blogs around Brazil, Singapore and South Korea, I was able to spend time with government agencies and...
View ArticleBig data security context
I just finished up a lengthy tour through Latin America and Asia, as described in many of my latest blogs. Most recently I was in Australia and New Zealand (ANZ). I had the opportunity to work with...
View ArticleLet's say goodbye to passwords
For decades we’ve been using passwords to protect computers and for decades they’ve only somewhat worked. For example, within critical infrastructure I’ve seen cases where there is a well-known,...
View ArticlePhishing, football and frauds: 15 ways to safeguard yourself during the World...
I just returned from Brazil where the anticipation around the 2014 FIFA World Cup was astounding. Even though Brazil has won the Word Cup several times, this is the first year they’ve hosted since...
View ArticleIDG Contributor Network: Top 10 threats, trends and business priorities for...
I've been getting a number of inquires regarding by blog. More the the point, folks have been wanting to know why I haven't published recently. Two major factors contributed to my lack of contribution...
View ArticleIDG Contributor Network: Number 1 on my top 10 list for security executives:...
I recently kicked off a new series of blogs based on the top 10 threats, trends and business priorities for security executives. This is part one: History's lessons.Stability is an illusionIn...
View ArticleClik here to view.
IDG Contributor Network: Number 2 on my top 10 list for security executives:...
Toon Pool I recently kicked off a new series of blogs based on the top 10 threats, trends and business priorities for security executives. On September 15, I published my first blog on the subject:...
View Article
