Blog

Security Intelligence – But What Does It DO?

Published on August 22, 2013

It seems like everybody’s talking about security intelligence these days.  Of course, what people mean when they use the term can vary widely depending upon what they’re selling, but the primary purpose remains the same.  Some kind of machine intelligence that can detect successful cyber attacks, information theft, fraud and...

“The Snowden Case”, Lies and Marketing Communications on Insiders

Published on July 12, 2013

One of the more interesting outgrowths of the recent revelations around NSA cyber-surveillance practices is the sudden declaration from all manner of information security vendors that their product or service could have “prevented Snowden”.  Now these claims are being met with a great deal of skepticism in the security community,...

Voluntary Self-Hackery — The Blunt Truth about BYOD

Published on July 1, 2013

In a sense, the entire discussion around BYOD processes in the enterprise is moot.  Everyone has a smart phone.  Many have found they prefer a tablet to a PC, and will bring their tablet to work.  These devices connect seamlessly to the network through WiFi, and very quickly become a...

Information Security – Always Behind the Technology Curve

Published on June 28, 2013

In today’s hyper competitive business environment, it is no longer sufficient to compete on price and quality alone.  Just as InfoSec workers can be thought of as being in a war with those that would use unauthorized or fraudulent access to data and systems to enrich themselves or their employers,...

Removable Storage and the Temporal Value of Data

Published on June 20, 2013

There are a lot of ways for determined insiders to exfiltrate appropriated documents and data but by far the preferred method is good old tried and true removable media.  Edward Snowden was a SysAdmin, so in spite of a general policy against USB flash drives, he was completely comfortable making...

Security Intelligence and the Rise of the Unknown Vulnerability

Published on June 17, 2013

We spend a great deal of time talking about how to secure the Enterprise Compute and Communication environment. We talk about insider and external threats, malware, applications and risks. We talk about the importance of prevention and the necessity of real time detection. We talk about collecting and analyzing network,...

Security Intelligence – Think Outside the Logs

Published on June 12, 2013

We often consider our security posture and architecture with an eye to the threat environment. We look outside, and try to determine what we are defending against. Even in the case of insider threats, we are often trying to develop the defenses in terms of the attack vectors, vulnerabilities and...

Edward Snowden – The Ultimate Insider Threat

Published on June 10, 2013

Edward Snowden is a IT contractor, a SysAdmin employed by Booz Allen to provide Systems services to the US Intelligence Agencies. In this sense, he is just a face in the crowd, part of a small army of private-sector contractors helping the US government run its day-to-day operations. But as...

(Security) Intelligence is Power

Published on June 6, 2013

In the last year or so, we’ve seen significant growth in attacks on web servers, as opposed to the more traditional attacks on individual users. The instigators of these attacks use the higher levels of available bandwidth and processor power to unleash particularly effective DDoS attacks against banks and other...

Security Intelligence – Words with Actual Meaning

Published on May 30, 2013

It won’t come as breaking news I’m sure, but technology marketing professionals have an insatiable appetite for hot buzzwords and trendy terms. It’s easy to understand, I suppose - when a particular concept starts breaking out of tech forums and into mainstream editorial, it’s a tremendous opportunity to capitalize on...

State of Information Security – What we don’t know is KILLING us

Published on May 17, 2013

For those interested in Information Security, there is a LOT of information out there. In addition to the shows, conferences and seminars, there are vendor briefings and webinars, analyst White Papers, industry studies like those from Verizon and Mandiant, websites like Ars Technica and Dark Reading, dozens of blogs by...