Corporate Partners

Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • 0% Cybersecurity Job Unemployment in Washington

    Network World - Networking Nuggets and Security Snippets
    I’ve written a lot about the global cybersecurity skills shortage over the past few years.  Here’s some recent ESG data that illustrates this problem (note:  I am an ESG employee):
    Of those organizations hiring additional IT staff in 2015, 43% plan to hire IT security professionals – the highest percentage of all types of IT skills.
    At the same time, 28% of organizations say they have a “problematic shortage” of IT security skills – the highest problematic shortage of all types of IT skills.

    This data indicates strong demand and weak supply of IT security skills across mid-market and enterprise organizations around the world.To read this article in full or to leave a comment, please click here
  • More on network encryption and security

    Network World - Networking Nuggets and Security Snippets
    In a blog I posted last week, I described that enterprise organizations are encrypting more of their network traffic.  This is a mixed blessing in that it can protect data confidentiality and integrity but it also opens a camouflaged threat vector back into the organization.  To address this risk, a majority (87%) of organizations decrypt and then inspect SSL/TLS traffic looking for things like reconnaissance activity, malware, and C2 communications according to ESG research (note:  I am an ESG employee).Yup, over the past 5 years, many organizations have slowly increased their use of SSL/TLS in homegrown web applications and adopted cloud-based SaaS applications instrumented with Layer 5/6 encryption.  As this occurred, security and network professionals followed on, implementing a variety of SSL/TLS decryption and inspection tools on various network segments and multiple locations across global enterprise networks.  This resulted in rather haphazard SSL/TLS decryption and inspection performed by an army of technologies and operational processes/procedures. To read this article in full or to leave a comment, please click here
  • Federal Cybersecurity Duplicity

    Network World - Networking Nuggets and Security Snippets
    As part of a whistle-stop tour of Northern California, President Obama held a White House Summit on Cybersecurity and Consumer Protection at Stanford University last Friday.  Much to the delight of the Silicon Valley crowd, the President signed an executive order (right there on stage at Stanford) to promote data sharing about digital threats.  The summit also highlighted industry leaders like Apple CEO Tim Cook, and large critical infrastructure organizations like Bank of America and Pacific Gas & Electric Co.The President picked the right location for his cybersecurity bully pulpit.  The Peninsula is a nexus of technology optimism, constantly focused on the new new thing.  The event also attracted the Sand Hill Road crowd, eager to capitalize on national cybersecurity gaga. To read this article in full or to leave a comment, please click here
  • Enterprises Are Encrypting and Inspecting More Network Traffic

    Network World - Networking Nuggets and Security Snippets
    Encrypted traffic has become increasingly ubiquitous at most organizations. According to new ESG research, a vast majority (87%) of organizations surveyed encrypt at least 25% of their overall network traffic today (note: I am an ESG employee) Network encryption is a security best practice as it protects the privacy and confidentiality of network traffic as it travels from source to destination.While network encryption protects the confidentiality and integrity of data-in-transit, security professionals also understand that network encryption can also be used for malicious purposes. Cyber-criminals and hackers can use encrypted channels to hide reconnaissance activities, malware distribution, and command-and-control (C&C or C2) traffic alongside benign SSL/TLS sessions. Are organizations vulnerable to cyber-attacks that use network encryption as a cloaking technique? ESG research suggest that the answer is “yes,” – 22% say that their organization is extremely vulnerable to some type of cybersecurity attack that uses SSL/TLS encryption as a cloaking technique to circumvent their existing security controls while 40% believe that their organization is somewhat vulnerable to some type of cybersecurity attack that uses SSL/TLS encryption as a cloaking technique to circumvent their existing security controls.To read this article in full or to leave a comment, please click here
  • Book Report: Countdown to Zero Day

    Network World - Networking Nuggets and Security Snippets
    When you work in the cybersecurity domain you face some daunting challenges. For one thing, cybersecurity is always changing – there are new offensive and defensive tactics, techniques, and procedures (TTPs) constantly that you try to keep up with.  Alternatively, cybersecurity is an extremely broad topic, spanning technology, regulations, law enforcement, geo-political conflict, critical infrastructure, etc. When people ask me how to learn about disparate cybersecurity topics, I reply with a single word – “read.”  More specifically, I recommend that they go to their public library and take out one of the many fantastic books written in the past few years on malware (Worm, by Mark Bowden), cybercrime (Kingpin, by Kevin Poulsen), hackers (We Are Anonymous, Parmy Olson), Cyberwar (Cyberwar, Richard Clarke), etc.  There are loads of others good books available by authors like James Bamford, Steven Levy, John Markoff, Kevin Mitnick, Bruce Schneier, and Cliff Stoll as well. To read this article in full or to leave a comment, please click here
  • Antivirus Usage Patterns Reveal Hints about its Effectiveness

    Network World - Networking Nuggets and Security Snippets
    For the past few years, everyone seems to be down on antivirus software.  This sentiment was exhibited in a recent ESG research report titled, The Endpoint Security Paradox (note:  I am an ESG employee).  When asked to identify challenges associated with their antivirus software, 34% of security professionals complained about too many false positives that classify benign flies/software as malware, while 33% said that products are not nearly as effective at blocking and/or detecting malware as they should be.This and other data give the impression that AV software simply doesn’t work but there may be other factors in play here.  For example, ESG found that 73% of enterprise organizations have two or more unique AV products deployed across the enterprise.  Amazingly, 29% of large organizations have three or more unique AV products deployed across the enterprise. To read this article in full or to leave a comment, please click here
  • Factors Shaping Network Security at Enterprise Organizations

    Network World - Networking Nuggets and Security Snippets
    As part of my job, I speak with lots of CISOs about their day-to-day activities, challenges, and responsibilities.  Motivated by a few of these discussions last summer, I posted a blog called the CISO-centric Information Security Triad, which defined the three primary CISO priorities:  1) Security efficacy, 2) Operational efficiency, and 3) Business enablement. How do these priorities influence network security?  In a 2014, research report about network security, Network Security Trends in the Era of Cloud and Mobile Computing, ESG asked security professionals to identify the factors most influencing their organization’s network security strategies (note:  I am an ESG employee).  Interestingly, these factors align perfectly with CISO priorities as follows:To read this article in full or to leave a comment, please click here
  • Endpoint Security Has Grown More Difficult and Tedious

    Network World - Networking Nuggets and Security Snippets
    As I’ve written several times, endpoint security used to be synonymous with a single software product category – antivirus software.  As a result, the endpoint security market was really dominated by five major vendors:  Kaspersky, McAfee, Sophos, Symantec, and Trend Micro.Fast forward to the past few years and APTs, sophisticated malware, targeted attacks, and zero-day exploits are now changing the endpoint security landscape. This situation is illustrated in a recently-published ESG research report titled, The Endpoint Security Paradox (note:  I am an ESG employee).  As part of this research, ESG surveyed 340 IT and security professionals working at enterprise organizations (i.e. more than 1,000 employees).  Survey respondents were asked whether they agreed or disagreed with a series of statements about endpoint security.  Here are three data points that characterize the state of endpoint security:To read this article in full or to leave a comment, please click here
  • Is it Time for Two CISOs at Large Organizations?

    Network World - Networking Nuggets and Security Snippets
    I was able to get out of snowy Boston this week to give a presentation on enterprise security to a Federal IT audience in Washington D.C. As usual, I stated my opinion that enterprises are in the midst of a profound transformation with how they address cybersecurity risk. This change will require a new strategy around security technology AND a new type of leadership from CISOs.What type of leadership? Well, CISOs at large organizations need visibility in the boardroom and thus possess the ability to communicate cyber risk to non-technical executives and help craft cybersecurity strategies that truly align business and IT priorities.This led to a discussion on CISO skills in general. Some audience members complained that federal CISOs had no such skills or power, and that this position was mostly technical in nature. Others stated that they thought it might be extremely difficult to find a single individual with the right mix of business, leadership, and technical skills to take on the growing number of responsibilities of the emerging CISO role.To read this article in full or to leave a comment, please click here
  • Enterprise Organizations are Replacing Commercial Antivirus with Freeware

    Network World - Networking Nuggets and Security Snippets
    For the past 15 to 20 years, the vast majority of organizations install commercial antivirus software on just about every PC residing on their networks.  This resulted in a multi-billion dollar industry dominated by five vendors:  Kaspersky Lab, McAfee (Intel Security), Sophos, Symantec, and Trend Micro.  AV security efficacy has come into question over the past few years however, as cyber-criminals and State-sponsored hackers regularly used customized malware and zero-day attacks to circumvent AV and compromise PCs. Given the limitations of traditional AV, some organizations are adding new endpoint anti-malware tools from vendors such as Bit9, Bromium, Cisco, Confer, Cylance, CrowdStrike, FireEye, IBM, Malwarebytes, Palo Alto Networks and Triumfant.  Others are implementing endpoint forensic capture/analysis tools (i.e. Guidance Software, RSA, SentinelOne, Viewfinity) to gain a better understanding of endpoint activity and anomalous behavior.To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place