Malware – and specifically ransomware – tends to regularly make headlines with some business somewhere in the world reporting having its data encrypted by it. Due to this routine occurrence, companies need to acknowledge that their standard first line defenses such as cybersecurity and backup software no longer completely suffice to detect malware. To augment these defenses, companies need to take new steps to shore up these traditional defenses which, for many, will start with creating a secondary perimeter around their backup stores to detect the presence of malware.
Yesterday I broke away from my normal routine of analyzing enterprise data protection and data storage technologies to take a closer look at enterprise security. To do so, I stopped by the Omaha Tech Security Conference held at the local Hilton Omaha conference center and visited some of the vendors’ booths to learn more about their respective technologies. In so doing, it quickly became evident from my conversations with a number of security providers that they recognize their need to introduce Big Data analytics into their products to convert the data, events, and incidents that they record and log into meaningful analysis that organizations can consume and act upon.
DCIG is pleased to announce the availability of its DCIG 2014-15 Security Information and Event Management (SIEM) Appliance Buyer’s Guide. In this Buyer’s Guide, DCIG weights, scores and ranks 29 SIEM appliances respectively from nine (9) different providers. Like all previous DCIG Buyer’s Guides, this Buyer’s Guide provides the critical information that all size organizations need when selecting a SIEM appliance to help provide visibility into their security posture by providing usable and actionable information.
Data security is a part of the IT infrastructure that should take care of itself. Companies have enough to worry about without always looking over their shoulder to make sure no one is stealing vital information. As most organizations recognize, this is NOT the case.
DCIG is pleased to announce the release of its 2014 Mobile Data Management (MDM) Buyer’s Guide that weight, score and rank over 100 features. Like previous Buyer’s Guides, this Buyer’s Guide provides the critical information that organizations need when selecting Mobile Data Management software to help meet the security, compliance and Bring-Your-Own-Device (BYOD) challenges in an ever increasing mobile enterprises.
Security-in-depth is rarely discussed without including desktop antivirus with antivirus software being a cornerstone of corporate network protection since the advent of the computer virus. The danger that antivirus software presents is that within most organizations it presents the last line of defense so any threat capable of breaching this defense has the ability to wreak havoc within the enterprise.
In the last few years security has shifted from being an issue that organizations only deal with when a crisis occurs to one with which they must now daily confront. This is putting pressure on organizations to stop taking a knee jerk reaction as their means of ongoing security management and instead adopt a systematic approach to effectively deal with both external and internal threats. The problems that internal threats present and why they are so difficult to detect were openly discussed this past Wednesday morning during that morning’s keynote at Symantec Vision 2013.
Since the advent of the TCP/IP protocol, network administrators have had a major blind spot: the ability to reliably determine the identity of an individual device or user. BlackRidge’s new Eclipse™ solution, built on BlackRidge’s patented Transport Access Control (TAC), uses client drivers or gateway appliances to insert unique identity information to every TCP packet. In this third and final post in our blog interview series, BlackRidge Technology CTO John Hayes and I discuss where BlackRidge is heading and the challenge of managing infrastructures from the perspective of devices rather than networks.
The keynote given by Symantec’s CEO Enrique Salem this past Tuesday and the series of presentations that followed exposed every attendee at Symantec Vision 2012 to just how dangerous today’s internet world really has become. Yet the larger threat that every business faces is not putting in place a solution to address them. Rather it is the danger that dealing with these threats will cause organizations to take their eyes off of the ball and fail to focus on where their business needs to go next.
Followers of my previous blog entries should recognize the next company in DCIG’s Executive Interview series. I have previously discussed both the technical and operational impact of BlackRidge Technology’s patented breakthrough technology known as Transport Access Control (TAC). Today, BlackRidge announces their first product, Eclipse, based on their TAC technology. I begin a discussion of this release, in the form of a multi-part interview series, with BlackRidge Technology’s CTO John Hayes.
MetaFlows is a network security monitoring tool implementing some unique capabilities in today’s ever-changing security environment. They are allowing security administrators access to not only aggregated threat information for their own network, but are also alerting them to potential global threats in their enterprise spaces. I am finishing up my interview today with MetaFlows CEO Livio Ricciulli, looking at how they are able to aggregate threat information while maintaining security in a cloud-based solution.
Network security monitoring is a constantly changing environment of both tools and methodologies. Most of them today, however, have used a lone “cowboy” mentality where datacenter solutions operate independently. MetaFlows is changing that. Today, I am continuing my interview with MetaFlows CEO Livio Ricciulli, discussing how their product is optimizing network security monitoring and performance.
Enterprise organizations face the daily challenge of ever-growing threats to their network and IT infrastructure. Not only are these threats growing, but they are constantly changing as well, forcing companies to adapt by changing not only their tools but also their training. Today, I’m talking with MetaFlows CEO Livio Ricciulli about how MetaFlows is addressing these problems by delivering network security monitoring using the “Software as a Service” model.
The 2008 Crypto Conference provided a lot to talk about this year. If you didn’t know a Crypto Conference existed, you aren’t alone, but it is where the best and brightest mathematicians gather to discuss cryptographic and cryptoanalytic research. However at this conference Adi Shamir (the “S” in RSA Security that stands for Rivest, Shamir and Adleman and that is now owned by EMC) gave a presentation for a new attack on encryption systems called the “cube attack”. The ramifications of this attack sent a collective shockwave across the data security sector. Since encryption is revered as our best alternative and last safe harbor from data exposure, any weakness shown by encryption algorithms can have a dramatic ripple effect in data security.
The Federal Trade Commission (FTC) recently issued a reminder to financial companies of the upcoming November 1st 2008 deadline to be in compliance with the identity theft prevention program, and the pursuant FTC “Red Flag Rules.” If this is news to you, then you probably aren’t alone; but you should make yourself aware as your company might be subject to this regulation.