Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • New York State cybersecurity regulations: Who wins?

    Network World - Networking Nuggets and Security Snippets
    As you probably know by now, on February 16, the State of New York’s Department of Financial Services (DFS) finalized its new cybersecurity regulations, which take effect on March 1, 2017. These regulations are somewhat redundant with others in the financial services industry (i.e. FFIEC, GLBA, NIST CSF, OCC, etc.) but tend to go a bit further with several specific prescriptive requirements. For example, the New York State cybersecurity regulations cover nonpublic data (rather than customer data), mandate the presence of a CISO (or third-party equivalent) and require a program for secure data destruction.To read this article in full or to leave a comment, please click here
  • New York State cybersecurity rules and the skills shortage

    Network World - Networking Nuggets and Security Snippets
    While the cybersecurity industry was knee-deep in vision, rhetoric and endless cocktail parties at the RSA Conference, the State of New York introduced new cybersecurity regulations for the financial services industry. The Department of Financial Services (DFS) rules (23 NYCRR 500) go into effect next week on March 1, 2017.Anyone who has reviewed similar cybersecurity regulations will find requirements in 23 NYCRR 500 familiar, so while the regulations are somewhat broader than others, there are obvious common threads. In reviewing the document, however, section 500.10 caught my eye. Here is the text from this section:To read this article in full or to leave a comment, please click here
  • In and Around the 2017 RSA Conference

    Network World - Networking Nuggets and Security Snippets
    As you may have guessed from my blogs, I was really excited about the year’s RSA Security Conference.  At the end of January, I wrote a blog about my expectations for endpoint security at RSA.  I followed up with another ditty about network security banter at this year’s show and concluded the series with a blog about security analytics and operations talk at RSA. To read this article in full or to leave a comment, please click here
  • RSA Conference 2017: Security analytics and operations

    Network World - Networking Nuggets and Security Snippets
    So far, I’ve written two blogs about my expectations for the upcoming RSA Security Conference next week. The first blog was about my outlook for endpoint security, while the second focused on network security. I am also in the middle of a big research project on security analytics and operations right now and believe that many independent technologies will be integrated into a comprehensive architecture that ESG calls SOAPA (i.e. security operations and analytics platform architecture).To read this article in full or to leave a comment, please click here
  • RSA 2017: Anticipating network security chatter

    Network World - Networking Nuggets and Security Snippets
    Earlier this week, I  wrote about my expectations for endpoint security at the upcoming RSA Conference. Similarly, here’s what I anticipate hearing about regarding network security:1. DDoS protection. While data breaches get front page, above-the-fold headlines, DDoS attacks remain relatively invisible by comparison. This is puzzling because DDoS attacks happen almost daily. A quick review of the news shows that the Trump hotel website, Sonic (ISP in CA), Emsisoft and Lloyd’s Bank have all been hit with DDoS attacks over the past few weeks. These are relatively pedestrian attacks compared to the now infamous Mirai botnet DDoS attack on Dyn back in October and the subsequent attack on French hosting provider OVH a week later. To read this article in full or to leave a comment, please click here
  • RSA Conference 2017: Endpoint security in the spotlight

    Network World - Networking Nuggets and Security Snippets
    As the calendar shifts from January to February, cybersecurity professionals are gearing up for the RSA Security Conference in a few short weeks. Remarkably, the management team is expecting more than 50,000 attendees this year. So, what can we expect from RSA 2017? Well, cybersecurity is being driven by dangerous threats, digital transformation and the need for massive scalability. This means innovation and change in just about every aspect of cybersecurity technology, so I plan to write a few posts about my expectations for the RSA Conference. I’ll start with this one about endpoint security.To be clear, endpoint security should no longer be defined as antivirus software. No disrespect to tried-and-true AV, but endpoint security now spans a continuum that includes advanced prevention technologies, endpoint security controls and advanced detection/response tools. My colleague Doug Cahill and I are currently tracking more than 50 endpoint security vendors, demonstrating just how much activity there is today.To read this article in full or to leave a comment, please click here
  • Commuting Chelsea Manning’s sentence was just and proper

    Network World - Networking Nuggets and Security Snippets
    Before leaving office, President Barack Obama commuted the sentence of former Army soldier Chelsea (Bradley) Manning. At the time, Manning was serving a sentence of 35 years for leaking classified material to WikiLeaks in 2010. This material was subsequently published by WikiLeaks, embarrassing the U.S. government and exposing several previously undocumented war crimes that took place in Afghanistan and Iraq.  The President’s decision to commute Manning’s sentence was extremely controversial.  The verdict was made over the objection of Secretary of Defense Ashton Carter, while other military and government officials quickly criticized Obama’s pronouncement.   Just today, President Trump on Twitter referred to Manning as an “ungrateful traitor” who should have never been released from prison.To read this article in full or to leave a comment, please click here
  • Many Organizations Still Opt for “Good Enough” Cybersecurity

    Network World - Networking Nuggets and Security Snippets
    Late last year, ESG published a research report titled, Through the Eyes of Cyber Security Professionals, in collaboration with the Information Systems Security Association (ISSA).  As part of this report, 437 cybersecurity professionals and ISSA members were asked if they’d experienced a number of types of security incidents.  The research revealed that:
    39% of organizations experienced one or several security incidents resulting in the need to reimage one or several endpoints or servers.
    27% of organizations experienced one or several incidents of ransomware.
    20% of organizations experienced one or several incidents resulting in the disruption of a business application.
    19% of organizations experienced one or several incidents resulting in the disruption of a business process.

    It should be noted that between 23% and 30% of the survey population responded “don’t know” or “prefer not to say” when asked about different types of security incidents so the percentages represented above are likely much higher.To read this article in full or to leave a comment, please click here
  • Endpoint security in 2017

    Network World - Networking Nuggets and Security Snippets
    Just a few years ago, there were about 6 to 10 well regarded AV vendors that dominated the market. Fast forward to 2017, and my colleague Doug Cahill and I are currently tracking around 50 endpoint security vendors. Why has this market changed so much in such a short timeframe? New types of targeted threats regularly circumvented signature-based AV software over the past few years. This weakness led to system compromises, data breaches and panicky CISOs in search of AV alternatives. This in turn persuaded the fat cats on Sand Hill Road to throw VC dollars at anything that hinted at endpoint security innovation.OK, I get the need for more than signature-based AV, but there simply isn’t room in the market for 50 endpoint security vendors. Thus, it’s safe to assume we'll see a lot of M&A activity and outright business failures this year. To read this article in full or to leave a comment, please click here
  • Thoughts on incident response automation and orchestration

    Network World - Networking Nuggets and Security Snippets
    Just this week, I was reviewing several interviews I conducted with cybersecurity professionals on their organizations’ processes and tools for incident response (IR) automation and orchestration. Here are a few things that jumped out at me:1. IR is still often anchored by basic tools, manual processes, and key personnel. While trouble ticketing and ITSM tools are pervasive and fairly mature, too many enterprise organizations still “ham and egg” it through incident response. In other words, they rely on paper forms, spreadsheets, email handoffs and some socially challenged security analyst who’s really good a finding compromised systems and malicious network traffic. To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release

Market Place