Top IT Security Bloggers

Network World - Networking Nuggets and Security Snippets
  • Keeping up with incident response

    Network World - Networking Nuggets and Security Snippets
    A fire department in a large city certainly has a difficult job, but its mission is fairly straightforward. When a fire is detected, the fire department dispatches an appropriately sized staff to assess, contain and put out the fire, clean up, investigate what happened, and prepare themselves for the next blaze.Yup, it's a pretty simple process when a manageable number of fires are burning. But what would happen if there were hundreds or thousands of simultaneous infernos?My guess is that a senior fire chief (and perhaps other participants from local government and law enforcement) would have to make decisions on which blazes to resource and which to ignore. These decisions would certainly be based upon information analysis and best practices, but there is still some risk that the disregarded fires would end up being far worse than expected, turn into disasters, and call into question the judgement of all involved.To read this article in full or to leave a comment, please click here
  • SIEM market dynamics in play

    Network World - Networking Nuggets and Security Snippets
    When I started focusing on the security market 14 years ago, the security information and event management (SIEM) market was a burgeoning market populated by vendors such as CA, e-Security, Intellitactics and NetForensics. In the intervening timeframe, the SIEM market has grown, thrived and changed every few years. SIEM started as a central repository for event correlation for perimeter security devices. It then morphed into a reporting engine for governance and compliance. In a subsequent phase, SIEM became more of a query and log management tool for security analysts. Fast forward to 2016, and SIEM has taken on a much bigger scope—an enterprise software platform that anchors security operations centers (SOCs). In this role, SIEM platforms can also include:To read this article in full or to leave a comment, please click here
  • The era of identity-based applications

    Network World - Networking Nuggets and Security Snippets
    Identity and access management (IAM) has always been a heavy burden for large organizations. Why? Multiple folks across companies—business people, software developers, IT operations, human resources, security, compliance auditors, etc.— play some role across the IAM spectrum.As a result of this IAM group hug, technology decisions tend to be made tactically without any central oversight or integrated strategy. But this behavior may be changing. According to ESG research, 49 percent of large organizations claim they now have a formal enterprise-wide strategy in which IAM technology decisions are managed by central IT. In other words, someone in IT is now responsible and accountable for all IAM technology.To read this article in full or to leave a comment, please click here
  • Cybersecurity Goes Private: McAfee and RSA

    Network World - Networking Nuggets and Security Snippets
    There are some interesting industry dynamics going on in the cybersecurity market.  Just a few months ago, Symantec bought Blue Coat taking a private company public and forming a cybersecurity industry colossus in the process. Now two other historical cybersecurity powerhouses are heading in the other direction and going private.  When the Dell/EMC deal was approved this week, industry veteran RSA became the security division of the world’s largest diversified private technology company.  Not to be outdone, Intel and partner TPG are spinning out McAfee as an independent private company.The good news for both companies is that the market for cybersecurity products and services is quite healthy, and large customers are looking for enterprise-class security vendors with integrated product suites, managed/professional services, and business process experience to partner with.  Cybersecurity vendors like Cisco and IBM that fit this description are doing quite well in the enterprise so McAfee and RSA (as well as Forcepoint, Palo Alto Networks, Symantec, Trend Micro, and a few others) could join this exclusive club. To read this article in full or to leave a comment, please click here
  • VMworld: My Cybersecurity-Centric Impressions

    Network World - Networking Nuggets and Security Snippets
    In my last blog, I wrote about what I was anticipating as far as cybersecurity for VMworld.  Now that I’m back from Vegas, it’s time for me to report on how reality aligned with my expectations.1.      NSX penetration.  It seems like VMware has made progress in terms of NSX market penetration over the past year.  At VMworld 2015, VMware talked about around 1,000 production environments for NSX while at VMworld 2016, VMware mentioned somewhere between 1,700 to 2,000 production NSX customers.  Still a small percentage of the total VMware installed base but at least 70% growth year-over-year.  Yes, some of these customers are likely just getting started or are using NSX on an extremely limited basis, but I still see good progress happening as more and more organizations begin playing with and using NSX.  VMware describes three primary uses for NSX:  Disaster recovery, security, and network operations automation.  It is worth noting that around 60% to 70% of NSX deployment is skewed toward security use cases. To read this article in full or to leave a comment, please click here
  • Cybersecurity and VMworld

    Network World - Networking Nuggets and Security Snippets
    With memories of Black Hat still in my head, I’m back in Las Vegas for VMworld.  I’m sure there will be plenty of generic VMware and partner announcements but I’m here to assess how VMware is addressing enterprise security requirements with its technologies and partner relationships.  I will be focusing on a few key areas:1.      NSX penetration.  Last year, VMware talked a lot about emerging demand for NSX but I’ve seen a lot of momentum over the past 12 months.  From a security perspective, large organizations adopt NSX to do a better job of segmenting workloads and network traffic, as well as network security operations.  I’m interested to see how VMware security use cases are maturing and how VMware customers are moving toward building additional security controls and monitoring on top of NSX capabilities.To read this article in full or to leave a comment, please click here
  • The need for network security operations automation

    Network World - Networking Nuggets and Security Snippets
    According to ESG research, 63 percent of networking and cybersecurity professionals working at enterprise organizations (i.e. more than 1,000 employees) believe network security operations is more difficult today than it was two years ago. Why? Because enterprises have to deal with more connected devices, network traffic and applications than two years ago.What’s more 47 percent of respondents claim that it is difficult to monitor network behavior from end to end, while 41 percent say network security operations difficulties result from increasing use of cloud computing.+ Also on Network World: It’s time to pull the trigger on security automation +To read this article in full or to leave a comment, please click here
  • More on operationalizing threat intelligence

    Network World - Networking Nuggets and Security Snippets
    Coming out of Black Hat a few weeks ago, it’s pretty frightening what’s going on with cyber threats. Overall malware volume is down, but the number of variants has gone up precipitously. In fact, according to the Webroot threat report, about 97 percent of all malware variants are seen only one time. In other words, they are designed to target and attack specific organizations.Yes, enterprise organizations are bolstering defenses with anti-malware gateways and next-generation endpoint security tools, but they are also doubling down on threat intelligence. According to ESG research, 27 percent of enterprise organizations plan to spend significantly more on their threat intelligence programs over the next 12 to 18 months, while another 45 percent say they will spend somewhat more on their threat intelligence programs during this same timeframe.To read this article in full or to leave a comment, please click here
  • CISOs adopt a portfolio management approach for cybersecurity

    Network World - Networking Nuggets and Security Snippets
    Enterprise CISOs are in an unenviable position. Given today’s dangerous threat landscape and rapidly evolving IT initiatives, CISOs have a long list of tasks necessary for protecting sensitive data and IT assets. At the same time, however, most organizations are operating with a shortage of skilled cybersecurity professionals.  According to ESG research, 46 percent of organizations claim  they have a “problematic shortage” of cybersecurity skills in 2016.In the past, CISOs (and let’s face it, all cybersecurity professionals) were control freaks often suspicious of vendors and service providers. Faced with today’s overwhelming responsibilities, however, many CISOs I’ve spoken with lately say they’ve changed their tune and have adopted more of a portfolio management approach to their jobs. To read this article in full or to leave a comment, please click here
  • A few thoughts from Black Hat 2016

    Network World - Networking Nuggets and Security Snippets
    Last week’s Black Hat 2016 conference was a whirlwind of activity. Here are a few of my takeaways:1. I kind of like Black Hat better than the RSA Conference. At Black Hat, you talk about the real challenges facing our industry and discuss intellectual ways to overcome them. At RSA, everyone throws buzz words at you and tells you how they solve all your problems. And maybe it’s because RSA is in San Francisco, but you can always count on the Sand Hill Road crowd to show up at RSA and let you know how rich they’ve become protecting all of our sensitive data. Black Hat is whiskey and grit; RSA is Merlot and PR messaging. In other words, the folks who really know, live and fight for cybersecurity are at Black Hat, while those looking to make money on cybersecurity are at RSA.To read this article in full or to leave a comment, please click here

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Media Release

More media release

Market Place