Blog

Candid Camera, Threats from the inside and Beyond

Published on May 15, 2013

Those of us of a certain age can remember very well when the first webcam went online. It was pointed at the coffee pot at a computer science lab within Cambridge University, and provided a simple method for employees to determine if the pot was empty before walking down the...

Upgrade Your Information Security

Published on May 10, 2013

Upgrades or lack there of, a major concern for information security operations Systems and network administration is an endless balancing act.  On the one hand, availability, stability and performance are paramount concerns, while adding functionality and security are less well understood demands outside the IT organization.  Everyone has felt the...

Inside Out

Published on May 2, 2013

Insider attacks aren’t new. The very first sysadmin probably didn’t go rogue, but it wasn’t very long after him that the first one did. The reason these are among the most problematic attacks are obvious - these are the most trusted users, who, in order to be able to do...

Technological Problems, Technological Solutions

Published on April 29, 2013

We’ve seen it countless times over the years. Someone will speak up in a meeting, saying something to the effect of “not all problems have technological solutions - just throwing more technology at it may not be the best option”. They say it because it’s self-evidently true, but also because...

May You Live in Interesting Times

Published on April 25, 2013

It’s not exactly news.  For years, the conventional wisdom has been that hackers out of Russia and Eastern Europe were criminals, intent on stealing money by way of fraud and extortion, and hackers out of mainland China were mostly focused on industrial espionage, stealing trade secrets and intellectual property on...

What (Who) is in Your Network?

Published on April 2, 2013

Recent events have caused IT security professionals to reevaluate the way they think about the threat environment.  First, DDoS attacks can go from a minor annoyance to an existential threat, given sufficient compute resources and bandwidth.  Second, state sponsored hacking and espionage is going to be a huge ongoing problem...

The Best Defense…

Published on March 29, 2013

"Strategy without tactics is the slowest route to victory. Tactics without strategy is the noise before defeat." ― Sun Tzu, The Art of War Despite all the facile metaphors in common usage, the “battle” between information security professionals and their various opponents, hackers and thieves in particular, can not in...

The Human Factor – Monitoring for High Privileged Accounts

Published on March 26, 2013

People tasked with securing network infrastructure, digital data and applications have always been faced with an insoluble dilemma.  There has to be a staff of experts and technicians to maintain the system, repair it when it fails, and solve problems extending to the most critical systems.  Those people need the...

The Trouble with SIEM

Published on March 18, 2013

It is an article of faith that information security is a giant game of cat and mouse, played out on millions of corporate and university networks around the globe.  Hackers, criminals, vandals and thieves seek some kind of technological advantage while the network admins and their InfoSec allies try desperately...

From Analytics to Intelligence

Published on November 8, 2012

Over the past decade, businesses have gotten to the point that they are creating so much information that it has become almost impossible to track and understand.  When businesses want to gain insights into their operations, they no longer print a couple of reports to look at, the amount of...