• Automated threat management: No signature required

    The industry approach to detecting threats is inherently reactive, ceding the first-mover advantage to the cyber criminals. Defenses – based on signatures, reputation lists and blacklists – are only designed to recognize threats that have been previously seen. This means someone needs to be the first victim, and everyone hopes it’s not them.

    We keep doing the same thing over and over, expecting different results. The security industry has put a massive effort into delivering signatures faster and faster, trying to close the gap between when a new threat is detected to when the corresponding new signature is delivered.

  • Internet of Things: Bracing for the data flood

    There’s a real opportunity now to incorporate the scaling and management (including security management) needs for the IoT in the way we plan our enterprise and consumer services. How will those services work within the context of the IoT? Can they support the proliferation of potential connection points? Do we understand how they might respond when they need to deal with the complexity of management of so many users and devices? And perhaps most importantly, can those systems, and the security processes around them, cope with the explosion in raw data?

  • Three steps to a successful cloud migration

    People are hoarders by nature. Year after year, we accumulate new things – some that we need, and some that we will never touch again after one use. This stockpile adds up, and when it comes time to move, you have no idea what you have packed away behind closed doors.

    The same notion rings true for the data collected at your company, except you must consider privacy and safety concerns as you pack. While the movement toward the cloud provides an opportunity to eliminate the expense of on-premises server maintenance, assessing your information prior to migration is essential to ensure that you are adhering to compliance regulations, retaining and classifying information, and enforcing the specific policies of your organization.

  • A data security guy's musings on the OPM data breach train wreck

    Despite all the media attention to breaches, there is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT Security neglect. While it's dismal security posture is unjustifiable, the people and process challenges that hindered the implementation of appropriate security measures are pervasive.

  • Why cloud business continuity is critical for your organization

    Business continuity, the ability of a company to continue or quickly restart operations following a systems outage, tends to be a topic overlooked by business leaders. Many see it as a responsibility of their IT teams, and think no more of it. However, this is a dangerous abrogation of responsibility, as any CEO who has suffered through a prolonged systems outage can vouch for.

  • The challenges of implementing tokenization in a medium-sized enterprise

    We have seen a concerning pattern in the recent data breaches, including the breach at the Internal Revenue Services (IRS) and other US government agencies in that the primary target was Social Security Numbers (SSN) and other Personal Identifying Information (PII). Criminals typically started by stealing data from smaller, less protected organizations and then used that data to attack larger but better protected organizations.

  • Passwords are not treated as critical to security

    A steady drumbeat of high visibility security breaches caused by insecure passwords continuously demonstrate the fallibility of inadequate password management. Passwords continue to be a critical part of security policy in most organizations, which is why it’s confounding that many employees are still allowed to set their own passwords for corporate assets. If we are honest with ourselves and aware of human limitations, we shouldn’t rely on human users to choose a properly complex password for our most sensitive accounts.

  • How to apply threat intelligence feeds to remediate threats

    IT organizations are recognizing the value of threat intelligence feeds, and that’s good. Threat intelligence is a must-have for identifying malware and other threats that evade preventive security controls. But threat intelligence is only as good as how you apply it – and many organizations aren’t applying it in a way that enables them to get the full value.

  • Reflections on virtualization security and the VENOM vulnerability

    In this podcast recorded at Infosecurity Europe 2015, Wolfgang Kandek, CTO at Qualys, talks about the benefits, challenges and security implications of virtualization. He also discusses VENOM, a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine guest and potentially obtain code-execution access to the host.

  • The NYSE system crash was an infosec incident

    On Wednesday, July 8, a number of information systems suffered “glitches,” causing speculation that the US may be under a coordinated cyber attack. In the morning, United Airline grounded more than thousand of flights due to computer issues; around noon, the New York Stock Exchange (NYSE) suspended trading due to a “technical issue;” shortly after, the Wall Street Journal’s (WSJ) website went down; and during all this, the New York subway had train issues, and thousands of customers in D.C. lost power. It must be the Cyber Armageddon, right?

Videos      Podcasts


Internet of Things: Bracing for the data flood

Whether we think we should be connecting the IoT and our existing systems together or not, the basic imperative to extract business intelligence from the raw information will demand that the connection takes place.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Jul 28th