Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • Handicapping Enterprise Security Vendors

    Network World - Networking Nuggets and Security Snippets
    In the course of my average work day, I try to read all the cybersecurity news I can. I came across a very good article in Forbes that looks at the cybersecurity opportunities for companies like IBM, Cisco, Dell, and others. The article points out that the market for cybersecurity products and services is estimated at $77 billion today, growing to $120 billion by 2020. That’s a lot of firewalls, AV software, and identity tokens!Since I agree with some of the author’s points and disagree with others, I decided to post my own thoughts on my list of leading enterprise security vendors.To read this article in full or to leave a comment, please click here
  • Cybersecurity Lessons Learned from the 9/11 Commission Report

    Network World - Networking Nuggets and Security Snippets
    Cybersecurity and IT professionals would be wise to review the findings of the 9/11 Commission report published in 2004. The report provides a comprehensive analysis of events surrounding the attacks and points to a number of systemic problems in several areas:
    Management. “The missed opportunities to thwart the 9/11 plot were symptoms of a broader inability to adapt the way government manages problems to the new challenges of the twenty-first century… Management should have ensured that information was shared and duties were clearly assigned across agencies, and across the foreign-domestic divide.”
    The chain of command. “At more senior levels, communication was poor. Senior military and FAA leaders had no effective communication with each other. The chain of command did not function well.”
    Emergency response. “Effective decision making in New York was hampered by problems in command and control and in internal communications. Within the Fire Department of New York, this was true for several reasons: the magnitude of the incident was unforeseen; commanders had difficulty communicating with their units; more units were actually dispatched than were ordered by the chiefs; some units self-dispatched; and once units arrived at the World Trade Center, they were neither comprehensively accounted for nor coordinated.”

    These findings are frighteningly similar to what I observe at enterprise organizations all the time. Cybersecurity organizations continue to address risks as they did in 2005, with an assortment of disconnected point tools and manual processes. Enterprise organizations struggle to operationalize and share threat intelligence efficiently or effectively. Incident response processes are haphazard and IT-centric, while emergency response is often hampered by organizational friction and communication/collaboration issues between cybersecurity and network operations teams.To read this article in full or to leave a comment, please click here
  • The State of Cyber Insurance

    Network World - Networking Nuggets and Security Snippets
    All this year I’ve been researching the burgeoning cyber insurance market. Admittedly, this is a bit of a detour from covering endpoint security, network security, and security analytics, but cyber insurance is becoming an increasingly important puzzle piece in any organization’s risk mitigation strategy, so it’s worth paying attention to. Given all of the highly visible data breaches over the past few years, it shouldn’t be surprising that cyber insurance is on fire. Between 30% and 40% of companies have some type of cyber insurance today, and the market is growing at 35% or more on an annual basis. It is estimated that the U.S. market for cyber insurance is around $2.5 billion today with about 50 insurance companies competing for business. PWC estimates that this market will grow to over $7.5 billion by 2020.To read this article in full or to leave a comment, please click here
  • Cloud Computing And Network Security Challenges

    Network World - Networking Nuggets and Security Snippets
    A majority of enterprise organizations are embracing cloud computing in one form or another. According to ESG research, 67% of enterprises use public or private cloud infrastructure today, while 66% use one or several SaaS applications (note: I am an ESG employee).So what about network security? It’s a bit of a struggle today as many organizations move to cloud computing long before they have the right infosec skills, processes, or tools in place. As proof of this deficit, ESG asked 145 cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) whether they agreed or disagreed with a number of statements about cloud computing security.  Here are the results:To read this article in full or to leave a comment, please click here
  • Cisco Acquires Lancope: Great Fit, Great Deal

    Network World - Networking Nuggets and Security Snippets
    Just before Halloween (October 27th) Cisco announced its acquisition of security analytics veteran Lancope for $453 million. Given the timing of the deal, it’s fair to ask an appropriate question: Trick or treat?There’s no debate here – treat. With the Lancope purchase, Cisco walked into the security analytics neighborhood, knocked on just one door, and grabbed a bag full of candy. Okay, enough of the Halloween metaphors, this was a very good deal for Cisco for several reasons:
    Lancope was already extremely Cisco friendly. The two companies have had a close sales and marketing relationship for years and a good chunk of Lancope revenue was directly attributable to the Cisco salesforce. Heck, Cisco is a Lancope customer itself. As Cisco dedicates more resources to Lancope, it will pull StealthWatch (Lancope’s product) into even more deals, especially in geographies where Lancope had a minimal presence. 
    Lancope complements Cisco’s cybersecurity strategy. Over the past year, Cisco has been pushing a strategy highlighting the network as an infosec sensor and enforcer. In other words, networks offer great security telemetry for analysis and when security issues are detected, networks can be instrumented for automated remediation as part of incident response (note: see my blog on this topic). Lancope is already tightly coupled with this strategy as it analyzes network telemetry (NetFlow, PCAP, etc.) and is integrated with Cisco technologies for network profiling and enforcement like its identity services engine (ISE) and TrustSec. In this way, Lancope can make Cisco products work more effectively and efficiently.
    Lancope adds deep network security knowledge resources. Before anyone focuses on Lancope’s payout it’s important to recognize that the company paid its dues to achieve this ultimate goal. Lancope has been around since 2000 and remained independent and successful after many other network behavior anomaly detection (NBAD) vendors were long gone. Over the years, Lancope has built a very experienced team that knows how to instrument networks, collect telemetry, and analyze L3-7 data at a level that few can match. This skill set is a great match with Cisco managed and professional services, including Neohapsis,OpenDNS, ThreatGrid, etc. 

    In closing, I want to add a few additional points:To read this article in full or to leave a comment, please click here
  • IT Vendor Risk Management: Improving but Still Inadequate

    Network World - Networking Nuggets and Security Snippets
    One of the fundamental best practices of cyber supply chain security is IT vendor risk management. When organizations purchase and deploy application software, routers, servers, and storage devices, they are in essence placing their trust in the IT vendors that develop and sell these products. Unfortunately, this trust can be misplaced. Some IT vendors (especially startups) focus on feature/functionality rather than security when they develop products resulting in buggy vulnerable products. In other cases, hardware vendors unknowingly build systems using malicious components sourced through their own supply chain. IT products are also often purchased through global networks of third-party distributors that have ample opportunity to turn innocent IT products into malicious confederates for cybercrime.To read this article in full or to leave a comment, please click here
  • The Return of AV Leaders?

    Network World - Networking Nuggets and Security Snippets
    When I started covering the infosec market around 13 years ago, anti-spyware was the hot topic Du Jour.  The market went through a common cycle – VCs funded companies and cranked up the hype machine.  Some product companies were acquired (CA purchased PestPatrol, Microsoft acquired Giant Software, etc.), while others pivoted from anti-spyware alone to endpoint security (Webroot).  Ultimately however, the anti-spyware boom cycle went bust when incumbent endpoint security leaders like Intel Security (McAfee), Kaspersky, Sophos, Symantec, and Trend Micro added anti-spyware to their existing AV products, turning a product category into a product feature. To read this article in full or to leave a comment, please click here
  • Stop CISA!

    Network World - Networking Nuggets and Security Snippets
    I've been following cybersecurity legislation for a number of years, including all the proceedings with the Cybersecurity Information Sharing Act (CISA). After much deliberation, I believe that CISA remains fundamentally flawed and needs a lot more work before it becomes the law of the land. To be clear, I understand and support the basic objective CISA seeks to promote. Real-time threat intelligence sharing and analysis could help public and private sector organizations proactively react to emerging cyber-threats, mitigating risk and/or minimizing the potential damages associated with devastating data breaches (i.e. Anthem, OMB, Sony Pictures, Target, etc.).To read this article in full or to leave a comment, please click here
  • Oracle M7 Enhances CPU-level Security

    Network World - Networking Nuggets and Security Snippets
    As summer turned to fall, the IT industry got together at VMworld and then Re:Invent to celebrate cloud computing.  This translated to software-defined everything – data centers, networking, storage, etc.Yup, we are deep into a hype cycle where the entire industry is in a state of gaga over all things associated with software like flexibility and agility.  Great stuff but software has to run somewhere so there is and always will be market for high-performance hardware. This week at Oracle Open World, Oracle (a company synonymous with software) actually introduced a new piece of hardware along these lines, the SPARC M7.  Now any CPU announcement is bound to focus on raw horsepower and this one is no different.  The M7 is a 32-core, 256-thread CPU built for high-performance computing.  Perfect for database queries and big data analytics but Oracle’s new processor also provides some built-in cybersecurity improvements including:To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place