I spent last weekend at my 20th college reunion. I dutifully flew into Ithaca, NY to see many Cornell friends and (fraternity) brothers. It was a great trip, but I did have an experience that reminded me I’m no spring chicken any more.
One of the biggest problems in security is that we rarely have a good sense of which controls actually improve security outcomes. This is especially true for newer areas like data security, filled with tools and controls that haven’t been as well tested or widely deployed as things like firewalls.
You all know the story. If you need to know the time, ask the consultant, who will then proceed to tell you the time from your own watch. We all laugh, but there is a lot of truth in this joke – as there usually is. Consultants are a necessary evil for many of us. We don’t have the leeway to hire full time employees (especially when Wall Street is still watching employee rolls like hawks), but we have too much work to do. So we bring in some temporary help to get stuff done.
We in the security industry tend to lump small and medium businesses together into “SMB”, but there are massive differences between a 20-person retail outlet and even a 100-person operation. These suggestions are specifically for small businesses with limited resources, based on everything we know about the latest threats and security defenses.
If you keep up with the security news at all, you know that on June 9th the email addresses and the device ICC-ID for at least 114,000 3G iPad subscribers were exposed.
This Monday’s FireStarter prompted a few interesting behind-the-scenes conversations with a handful of security vendors centering on product strategy in the face of the recent acquisitions in Database Activity Monitoring. The questions were mostly around the state of the database activity monitoring market, where it is going, and how the technology complements and competes with other security technologies. But what I consider a common misconception came up in all of these exchanges, having to do…
Is it me or has the term “insider threat” disappeared from security marketing vernacular? Clearly insiders are still doing their thing. Check out a recent example of insider fraud at Bank of America. The perpetrator was a phone technical support rep, who would steal account records when someone called for help. Awesome.
Reporting and Forensics are the principal products of a SIEM system. We have pushed, prodded, and poked at the data to get it into a manageable format, so now we need to put it to use. Reports and forensic analysis are the features most users work with on a day to day basis. Collection, normalization, correlation and all the other things we do are just to get us to the point where we can conduct forensics and report on our findings. These features play a big part in customer satisfaction, so…
Some businesses are great at creating excitement. Take Apple, for instance. They create demand for their new (and upgraded) products, which creates a feeding frenzy when the public can finally buy the newest shiny object. 2 million iPads in 60 days is astounding. I suspect they’ll move a bunch of iPhone 4 units on June 24 as well (I know I’ll be upgrading mine and the Boss’). They’ve created a cult around their products, and it generates unbelievable excitement whenever there is a new toy to…
Hey everyone,
As mentioned the other day, I’m currently putting together a big data security survey to better understand what data security technologies you are using, and how effective they are.