Time to Get Serious About Upping Your Cyber Security Game

The welcoming in of a New Year always seems to entice once-a-year prophets to dust off their crystal ball and offer predictions for the coming twelve months. The security community is not immune. I’ve read with interest the efforts of various security pundits, consultants, vendors, etc. to provide guidance for their readers, partners, and customers.

> Read More

Two Bets on 2012

Yet another year has nearly come and gone but information security remains as interesting, challenging and relevant as ever – if not more since organized crime and foreign states have eclipsed the traditional lone hacker.  Looking back, the endpoint continues to be the focus of criminal organizations.  Case in point, out of 86 Microsoft security bulletins so far in 2011,

> Read More

2012 Endpoint Security Trends

What’s in Store for 2012?

A new year brings a new IT security landscape and smart IT pros are planning ahead. To find out more about what 2012 will look like and what IT departments can be doing now to prepare, Lumension asked three experts to make their predictions and offer practical steps on what to do next.

> Read More

What Security Companies Can Expect in 2012

‘Tis the season for predictions….and here’s an obvious one. Security manufacturers definitely have their work cut out for them in 2012. (Also listen to the podcast with Paul Henry and Randy Franklin Smith.)

IT has big concerns about what the coming year will bring. In our newly-completed State of the Endpoint survey conducted by the Ponemon Institute,

> Read More

2010 Predictions Redux- 2nd Half Predictions and Looming Threats

As we ended 2009 and entered 2010, many predicted that 2010 was poised to go down in history as “the year of insider threats”. It was not a risky prediction to make considering our economic peril and our industries continued unwavering albeit misplaced focus on the gateway rather then endpoint security.

The Worldwide State of the Endpoint Survey 2010 highlighted the reasons why the neglect of the endpoint is poised to increase enterprise risk:

  • Organization’s increasing use of technologies that improve productivity and reduce costs but create endpoint risks.

> Read More

Insights from America’s Growth Capital and RSA Conferences

Last week, I attended two security-related events in San Francisco. I spoke on the topic of the converging endpoint on a panel at America’s Growth Capital’s 6th Annual Information Security and West Coast Emerging Growth Conference. And I walked the floor at the RSA Conference, where Lumension exhibited. Here are my thoughts on the key themes and big takeaways from these events.

> Read More

The Worldwide State of the Endpoint: What Organizations Should Pay Attention to in 2010

We’ve been discussing how unprepared organizations in the U.S. are for cyber attacks, and now there’s new research that backs up these concerns and illustrates the inherent weaknesses that must be addressed if we’re to adequately safeguard our information and vital systems.

A new Ponemon-Lumension survey on the worldwide state of the endpoint shows that companies feel less secure than they did last year,

> Read More

Operationalizing Endpoint Security: Striking a Balance between IT Operations and IT Security

Gartner recently released a report on operationalizing endpoint security – on how signature-based anti-malware is losing effectiveness in the face of an overwhelming volume of threats. I have a few thoughts about the report’s findings and what organizations can do to better protect their endpoints.

As the Gartner report made clear, signature-based anti-malware is losing its effectiveness.

> Read More

Profile of the World’s Top Hackers – How the Game has Changed

My take:

  • New Internet-based technologies bring new opportunities for the bad guys.
  • The growth of the applications we use has gone from dozens to nearly 1,000.
  • The losses are huge, and while the top-line number is disputable, no one can argue that cybercrime losses have reached previously unforeseen levels.
  • Regardless of whose survey you read,

> Read More

Large-Scale Home Office Espionage – An Unintended Consequence of Cloud Computing?

I recently fielded a request to contribute to an article on cloud computing – as it applies to the federal government.  As part of Obama’s budget request, he is asking agencies to make cloud computing a major part of technology modernization efforts in the federal government. One of the questions I addressed was:

What role will cloud computing play in tele-work and work at a distance?

> Read More

The Berkeley Breach: Is SaaS the Answer to Keeping my Lateral Epicondylitis Confidential?

On Friday afternoon I took time off to visit two new health providers:  a new dentist (nearer my home) and an orthopedic (to look at my lateral epicondylitis).  In both cases, as a new patient, I filled in page after page of medical history and personal information, including my Social Security Number.   I did pause,

> Read More

RSA Conference: Evolutionary Rather than Revolutionary

It didn’t take a long study of the show floor at this year’s RSA conference to find that the security vendor community has left the big picture themes of security conferences of the past in the rear-view mirror. Clearly, there was no major new product category such as a NAC or a DLP or an IPS to wow the crowd into a ‘gotta have it’ mentality.

> Read More

Executive Overview of 2009 Security Mega Trends

What are the biggest threats to your organization’s sensitive and confidential data in the next 12 to 24 months?  To help answer this question, we partnered with the Ponemon Institute, a leading research firm, to charter our first 2009 Security Mega Trends Survey to gain greater insight into the key threats and challenges facing organizations in 2009. 

> Read More