- Welcome Guest
- Sign In
- Welcome Guest
- Sign In
It's a truism that just like organizations adapt, so too do criminals. For example, anyone who has ever seen a Wells Fargo commercial knows that there was a time when stagecoaches were a normative method for transporting cash and valuables. But what modern criminals in their right mind would attem...
Those who follow security news may have noticed a disturbing trend. Late last year, we learned that Uber paid attackers $100,000 to keep under wraps their stealth of the personal information of 50 million Uber riders. More recently, we learned that Hancock Health paid approximately $55,000 in bitc...
Sometimes things happen that seem undesirable, but they actually can turn out to be advantageous when viewed in a certain light, when approached in a certain way, or depending on circumstances. For example, this can be true when it comes to "Shadow IT" -- specifically, the adoption of technology wit...
Have you ever heard of the Cullinan diamond? If you haven't, it was the largest diamond ever discovered: a 3106 carat diamond found in 1905 in South Africa. What's interesting about the Cullinan diamond isn't so much the discovery of the stone itself but what happened afterward: specifically, the cu...
This past week, a lesson about enterprise information security found its way to me via a somewhat unorthodox channel: specifically, an episode of Gordon Ramsay's Kitchen Nightmares. In this particular episode, the upshot was that Ramsay wasn't able to help. Why not? The owners weren't able to take c...
Sometimes it's a mistake to assume something -- or someone -- has outlived its usefulness just because it's already done one thing successfully. For example, many of us have a wealth of decommissioned corporate-provisioned mobile devices: We've bought them, handed them out, and seen them used succes...
Everyone knows that protecting an organization's technology footprint has always been a delicate balancing act. Nowadays, literally everything about a given organization's technology portfolio is in a near-constant state of change; technologies change, usage changes and the threat landscape changes....
Sometimes you can do everything right and still run into trouble. To see this in action, pay attention the next time you're driving at dusk -- for example during an evening commute, if you have one. If you do this, chances are good that you'll notice at least one person with their headlights turned ...
If you're a technology professional in a small or mid-sized business, chances are pretty good that information security is something you've had on your radar for quite a while now. In a smaller shop, this is usually out of necessity. As well all know, SMBs usually don't have the luxury of an expansi...
For folks on the East Coast of the United States, the past few weeks have been pretty intense. Between hurricane Sandy and the associated fallout -- flooding, lack of public transportation, power outages, dark cell towers -- many firms in impacted areas have experienced firsthand the value of their ...
Technology professionals who work in and around SMBs know that sometimes bringing up information security in a smaller IT shop can be a tough sell. In many cases, SMBs feel that they don't present an attractive or large enough target for hackers to be interested in them. For example, a small communi...
As almost everyone has probably already noticed by now, there are some radical changes going on in the way that organizations purchase, manage and use technology. Since IT is by its very nature adaptive, this is not totally unexpected. However, even though we expect technology to change, there are p...
Most cars nowadays come with driver and passenger airbags. It's a great safety feature that's helped save numerous lives since installing them routinely has become the norm. But sometimes, though it is rare, airbags fail to deploy even when circumstances arise where they should. Ask yourself: How ...
Most security professionals are probably very comfortable with using open source tools to implement technical security functionality. From nikto to snort to openssh -- there are literally hundreds of well-known, sophisticated, open source tools that perform useful and critical security functions. Th...
If you're in IT and your job involves securing your organizations' infrastructure, you've probably spent a good deal of time thinking through control selection -- in other words, picking the controls that most directly help you accomplish the goal of securing your environment. And you've probably a...
Information security has changed a lot over the years. Way back in the dinosaur days, life was simple. Companies set up a firewall at the border and life was good. Bad guys stayed on one side of the fancy flashing box, and our personnel lived in the pristine, attacker-free paradise on the inside. W...
You've probably heard the term "consumerization of IT." Some of the network and security pros reading this probably think this is yet another meaningless industry buzzword with little or no value. However, to dismiss it as such is to potentially miss out on what is both a very powerful concept ...
As many active users of IaaS can tell you, IaaS, whether implemented by an external service provider or provided by an internal service provider team, arguably grants you much more control of the underlying technology "substrate" than other cloud deployment models. In some cases, this is a good thin...
Quite a lot has been written about the importance of due-diligence in a cloud environment. Sometimes the importance of security and compliance-related vetting in the cloud is easy to justify, like when you're evaluating an off-premises public cloud hosted at a new service provider. Other times, exe...
Virtualization has been one of the most rapidly and widely adopted technologies in recent memory. It's huge, and it's here to stay. And as security professionals know, setting up a virtual environment securely isn't easy. Significant effort goes into tasks like evaluating off-premise service provid...
Loading ...
