Archive for category Security

Organizations Need to Understand the Role of the Security Officer to Maximize Impact

iStock_000022530655XSmallRegardless of organization vertical or size, security has been and will continue to be an incredibly important part of the risk management portfolio.  It’s how security is handled that will determine the overall effectiveness of chief security office position, though.

The security spectrum

Security is generally seen as a spectrum.  At one end of the spectrum is the wild west kind of environment.  In the wild west, anything goes and security is an afterthought.  In such environments, there is generally no security officer and every employee just does what they want when they want it.  If there is any security, it’s left up to the individual.  In these environments, employees can always get their job done thanks to the lack of red tape, but there is a high risk of downtime and data compromise.

Share

5 Comments

Securing Information in the Snowden Age – From Discovery to Classification

data-backupSecurity services and security products are critical to helping organizations identify security issues and mitigate risks through the years.  One of the critical challenges in today’s IT environments however is a bit more fundamental and it starts with getting a handle on securing sensitive information.

Every environment has their own mix of technologies.  Some shops have some obvious deficiencies, while others are armed to the max.  The right mix of technology, policies and practices around security can be hard to attain, it takes time.  And sometimes unfortunately you have to work with what you have.  The one thing that can be counted on for consistency are fortunately fundamental.  If you isolate those top priorities that little bit of help can go a long way and get you to the best security posture possible.

Share

No Comments

Splunk Makes Its Platform Play

A Massachusetts company called Prelert released a new application yesterday that combines machine learning and predictive analytics to detect and report anomalous behavior emanating from  IT infrastructure. If that sounds a lot like what Splunk does, you’re right.

In fact,  Anomaly Detective is a downloadable app that runs on top of Splunk Enterprise. The release ties into Splunk’s push to position Splunk Enterprise as a Big Data application development platform as much as a suite of Big Data applications itself. Splunk released a software development kit for JavaScript to GA in October, followed by two new SDKs, one for Java and another for Python, in December.

Share

No Comments

Stealth IT | The Consumerization of IT

Stealth ITThe mobile transformation is at the intersection of every large IT trend including cloud, big data and application modernization. Think about the major changes IT will face over the next five to ten years.

As more people become comfortable with technology, new strains will be placed on the IT group, which will have to adapt to meet evolving business demands. Tablets and smart phones will continue to be white-hot technologies that spans between the consumer and business worlds.

CIOs needs to tackle issues such as BYOD and the consumerization of IT so they can build a stronger partnership with the workforce in order to tackle future transformational projects.

Share

4 Comments

Unhackable Encryption

It’s not news that quantum mechanics can be used to send secret messages without concern of them being intercepted.  For years, physicists have been using this technology to do so.  However, a true quantum link has only recently been successful.  Originally, the messages were sent using quantum mechanics, but then had to be decoded at each node in order to continue the message.  Since the nodes weren’t quantum mechanical, this left the information vulnerable to hacking at each node.  A quantum link means the message never has to be decoded.  By combining many quantum links, a true quantum network could be created.  This would mean a completely unhackable telecommunications network.

Share

, , , ,

1 Comment

VDI still on the rise

Virtual Desktop Infrastructure or VDI has long been kind of the lesser flashy sidekick to server virtualization and the cloud.  We often hear so much about virtualization, and especially the cloud, because they are flashy, they do have that element of consumerization of IT.  VDI however has been making consistent increased presence in the enterprise for a number of years now.  For some organizations, it can be complicated to ingest the kind of changes that VDI introduces and the advantages it brings about.  VDI products typically build on virtualization platforms, and that is one sure advantage.  It also delivers improvements and efficiencies to the enterprise environment that is changing the ways a lot of environments are conducting business. 

Share

,

No Comments

The case for Network Security Forensics

Network security forensics is often overlooked or lightly regarded when composing an overall security strategy.  Be it forecasting a budget for forensic tools, or planning of an all-new green-field environment, the protection that proper forensics strategy provides in an environment can save countless resources when it comes to restoring a stable state, ensuring integrity, analyzing an intrusion or outage event, and learning information that can be used in the future.  Forensic concepts also aid in reinforcing that secure data remains confidential.  Forensic tools buttress the elements of a network that ensure integrity and availability.  Sometimes this means a secure chain of custody or access, touching on the administrative model, it is often affected or in compliance with legal assertions or mandate.

Share

,

No Comments

Making the case for Network Security

As we continue this journey into the age of big data, cloud, mobility, social media and so forth, vast amounts of data are being generated daily.  The volume of digital information continues to grow with no end in sight.  More and more, personal and company information are becoming more and more digitized, both in storage and transfer.  Securing this information is a growing challenge, and is becoming more complex by the day.  Protecting digital assets means utilizing the best of available technologies and methodologies to achieve security goals.  Not only must they ensure that the quality and performance of the solution is maintained, they must also assure undoubtedly that the information they seek to protect stays uncompromised.

Share

,

No Comments

Hacker #FAIL

With an abundant array of ways to hack and numerous reasons to do so, it’s no wonder that hacking has come such a long way since the old school hackers of yesterday.  While a good number of today’s hackers are untouchable geniuses, some of them have yet to overcome the first rule of hacking– don’t get caught!  Here is a list of the greatest Hacker #FAILS:

Busted by Boasting

Share

, , , , , , ,

6 Comments

Rise of the Hacktivist [Infographic]

Hacktivism was intended to refer to the development and use of technology to foster human rights and the open exchange of information (via Wired). Hacktivism could also be defined as “the nonviolent use of legal and/or illegal digital tools in pursuit of political ends.”

The tools used in Hacktivism include web site defacement, redirects, denial-of-service attacks, information theft, web site parodies, virtual sit-ins, typo-squatting, and virtual sabotage.

The team at SiliconANGLE and Wikibon have been following and reporting on the rise of several significant hacktivist groups over the past year plus. Here is a visual representation of the most recent Hacktivist Timeline, with links and additional references below.

Share

, , , ,

4 Comments