Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • The need for network security operations automation

    Network World - Networking Nuggets and Security Snippets
    According to ESG research, 63 percent of networking and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe network security operations is more difficult today than it was two years ago. Why? Because enterprises have to deal with more connected devices, network traffic and applications than two years ago.What’s more 47 percent of respondents claim that it is difficult to monitor network behavior from end to end, while 41 percent say network security operations difficulties result from increasing use of cloud computing.+ Also on Network World: It’s time to pull the trigger on security automation +To read this article in full or to leave a comment, please click here
  • More on operationalizing threat intelligence

    Network World - Networking Nuggets and Security Snippets
    Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber threats. Overall malware volume is down, but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97 percent of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools, but they are also doubling down on threat intelligence. According to ESG research, 27 percent of enterprise organizations plan to spend significantly more on their threat intelligence programs over the next 12 to 18 months, while another 45 percent say they will spend somewhat more on their threat intelligence programs during this same timeframe.To read this article in full or to leave a comment, please click here
  • CISOs adopt a portfolio management approach for cybersecurity

    Network World - Networking Nuggets and Security Snippets
    Enterprise CISOs are in an unenviable position. Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets. At the same time, however, most organizations are operating with a shortage of skilled cybersecurity professionals.  According to ESG research, 46 percent of organizations claim  they have a “problematic shortage” of cybersecurity skills in 2016.In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers. Faced with today’s overwhelming responsibilities, however, many CISOs I’ve spoken with lately say they’ve changed their tune and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here
  • A few thoughts from Black Hat 2016

    Network World - Networking Nuggets and Security Snippets
    Last week’s Black Hat 2016 conference was a whirlwind of activity. Here are a few of my takeaways:1. I kind of like Black Hat better than the RSA Conference. At Black Hat, you talk about the real challenges facing our industry and discuss intellectual ways to overcome them. At RSA, everyone throws buzz words at you and tells you how they solve all your problems. And maybe it’s because RSA is in San Francisco, but you can always count on the Sand Hill Road crowd to show up at RSA and let you know how rich they’ve become protecting all of our sensitive data. Black Hat is whiskey and grit; RSA is Merlot and PR messaging. In other words, the folks who really know, live and fight for cybersecurity are at Black Hat, while those looking to make money on cybersecurity are at RSA.To read this article in full or to leave a comment, please click here
  • Anticipating Black Hat

    Network World - Networking Nuggets and Security Snippets
    I was at CiscoLive a few weeks ago in the 100 degree+ heat of Las Vegas and like other cybersecurity professionals I am off to Sin City again next week for Black Hat.Now Black Hat has become a technically-focused little brother of the RSA Security Conference, chock full of cybersecurity geeks at the beginning of the week and forensic investigators, researchers, analysts, and hackers as Black Hat turns to Defcon.  Given this focus, I’m looking forward to hearing about a number of things including:1.      Anti-ransomware fact and hyperbole.  Last December, I predicted a rise in ransomware in my blog, even going so far to talk about enterprise ransomware that impacted multiple systems on the network simultaneously.  Unfortunately, I was right about this one as ransomware has become a cybersecurity scourge of 2016.  Nasty stuff and once you’re hit, there is little you can do except replace the hard drive, reimage systems and hope you’ve done a recent full backup.  Alternatively, you can pony up a bunch of rubles to Vladimir in Odessa.  Nevertheless, there are in fact ways to prevent ransomware before it bricks your system.  New types of algorithms can scan files before execution and finger ransomware.  Virtual sandboxes can execute malware without impacting system resources.  You can also condition your employees to ignore social engineering scams using tools like PhishMe and Wombat Security.  Anyway, I expect everyone to be talking about ransomware and am anxious to learn the latest about threats, countermeasures and industry rhetoric.   To read this article in full or to leave a comment, please click here
  • Russian DNC hack – A cybersecurity microcosm

    Network World - Networking Nuggets and Security Snippets
    According to ESG research, 31 percent of cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe the threat landscape is much worse today than it was two years ago. While another 36 percent say the threat landscape is somewhat worse today than it was two years ago.Why the cynicism? Look no further than the Russian hack of the DNC as this particular data breach is a microcosm of cybersecurity at large. This one incident illustrates a few important points:
    All data is at risk. Way back when, state-sponsored cyber attacks were government-on-government affairs, typically focused on military and intelligence.  The cyber theft of design documents for the F-22 and F-35 are perfect examples here. Unfortunately, state-sponsored attacks have gone beyond spooks and soldiers. China went after The New York Times, North Korea breached Sony Pictures, and Russia blew the lid off the DNC. When matched against sophisticated state-sponsored actors, pedestrian cybersecurity defenders are simply fighting out of their weight class.
    The list of adversaries continues to grow. Beyond China, North Korea and Russia, it’s fair to add Iran, the Syrian Electronic Army, and dozens of other countries investing in offensive cyber operations. There are also plenty of private hackers with good enough skills to do extensive damages. Remember Anonymous and Lulzsec? There are plenty of loosely organized individuals and groups capable of collaborating on devastating attacks for the right political cause or price tag.
    Good guys are underprepared. Based upon my intelligence, it certainly appears like the DNC wasn’t nearly as well defended as it should have been. I’m not sure if this was because of neglect, miscalculations or hubris, but suffice it to say that this was the case. Yes, this was a mistake, but the DNC is far from alone. In spite of all the data breaches we’ve seen over the past few years, I estimate that half of all organizations have inadequate defenses and cybersecurity skills to counteract today’s threats. Oh, and let’s not forget the global cybersecurity skills shortage. Want to hire skilled cybersecurity professionals to bolster your defenses? Good luck, so do a lot of others.

    Just yesterday, President Obama warned of a "revolution" of computer-generated threats to the U.S. and issued an executive directive to outline a response plan. Good effort, but not nearly enough. In truth, we as a nation are extremely vulnerable and the DNC hack may be just the beginning. To read this article in full or to leave a comment, please click here
  • Cybersecurity: A vertical industry application?

    Network World - Networking Nuggets and Security Snippets
    Cybersecurity has always been a horizontal technology practice that’s roughly the same across all industry sectors. Yes, some industries have different regulations, use cases or business processes that demand specific security controls, but overall every company needs things like firewalls, IDS/IPS, threat management gateways and antivirus software regardless.Generic security requirements will remain forever, but I see a burgeoning trend transforming cybersecurity from a set of horizontal technologies to a vertical industry application. These drivers include:
    Increasing business focus on cybersecurity. While it sounds like industry hype, cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits. To accommodate these corporate executives, CISOs will need communications skills, as well as tools and technologies that help translate cybersecurity data into meaningful industry and corporate risk intelligence that can drive investment and decision making. Security intelligence vendors like BitSight and SecurityScorecard are already exploiting this need, offering industry-centric cybersecurity metrics for business use.
    CISO progression. The present generation of CISOs grew up through the ranks of IT and security with career development responsibilities such as network operations and firewall administration. Yes, the next generation of CISOs will still need some technology chops, but this role is moving closer and closer to business management. In fact, the best CISOs understand industry business processes, regulations and risk above and beyond technology.  Business-centric CISO resumes are a “nice-to-have” today but will evolve into a true requirement over the next few years. In the near future, cybersecurity executives will build their careers as financial services CISO, healthcare CISO or public sector CISO rather than vanilla CISO.
    Advancing regulations. While there are already a lot of industry regulations, such as FISMA, HIPAA/HITECH and NERC, additional industry regulations are bound to occur. This will happen quite quickly if a major data breach disrupts operations in a particular industry.   
    Industry-focused threats. Targeted threats can generally be traced back to cyber adversaries that specialize on a particular industry in a particular geography. This makes sense: Attacking a U.S. bank demands language skills and business process and regulatory knowledge that isn’t applicable for attacking banks in France or Germany.  These industry-centric threats are precisely why we have specific industry Information Sharing and Analysis Centers (ISACs). Cybersecurity professionals are often encouraged to “think like the enemy.” Increasingly, this demands industry-specific business and IT knowledge—not just a broad understanding of cyber adversary tactics, techniques and procedures (TTPs).
    IoT. This is the big Papi of change agents for cybersecurity, as industry IoT applications will radically alter business processes, technology elements and threats. And while we’ve created an uber technology category called IoT, the fact remains that IoT healthcare applications will be vastly different than those designed for energy, manufacturing, retail or transportation. As an example, think about the specific industry, business process and technology knowledge you would need to prevent, detect or remediate a Stuxnet-like attack. 

    As I previously mentioned, there will always be a need for horizontal security technologies, but CISOs will increasingly judge these technologies based upon two criteria: 1) best-of-breed security efficacy and 2) how well these point tools can be integrated into enterprise solutions that encompass vertical industry-specific requirements.To read this article in full or to leave a comment, please click here
  • Crypto: Nominated to the Cybersecurity Canon

    Network World - Networking Nuggets and Security Snippets
    If you are a cybersecurity professional or interested in cybersecurity at all, you should be familiar with the Cybersecurity Canon. What is a canon? There are lots of definitions, but the one that applies here is “a sanctioned or accepted group or body of related works.” With this definition in mind, the stated goal of the Cybersecurity Canon is:
    “To identify a list of must-read books for all cybersecurity practitioners—be they from industry, government or academia—where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.”To read this article in full or to leave a comment, please click here
  • Cybersecurity highlights from Cisco Live

    Network World - Networking Nuggets and Security Snippets
    Cisco is wrapping up its annual Cisco Live customer event. This year’s proceedings took over Las Vegas, occupying the Bellagio, Luxor, Mandalay Bay and MGM Grand hotel. At least for this week, Cisco was bigger in Vegas than Wayne Newton, Steve Wynn and even Carrot Top.
    While digital transformation served as the main theme at Cisco Live, cybersecurity had a strong supporting role throughout the event. For example, of all of the technology and business initiatives at Cisco, CEO Chuck Robbins highlighted cybersecurity in his keynote presentation by bringing the GM of Cisco’s cybersecurity business unit, David Goeckeler, on stage to describe his division’s progress. To read this article in full or to leave a comment, please click here
  • Operationalizing Threat Intelligence

    Network World - Networking Nuggets and Security Snippets
    In 2015, I conducted some in-depth research around enterprise organizations’ consumption, use, and sharing of threat intelligence.  Time and time again, I heard cybersecurity professionals proclaim that their organizations had to do a better job “operationalizing” threat intelligence. Hmm, sounds like a worthwhile security management goal if I’ve ever heard one but what exactly does this mean?  Some ESG research may be helpful here (note: I am an ESG analyst).  ESG surveyed 304 IT and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) and asked them to identify their organization’s top threat intelligence challenges.  The data reveals that:To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place