Security / Opinions

5 computer security facts that surprise most people

As a 30-year road warrior, I’ve learned some security truths that seem wrong, but must be accepted if you really want to understand the threats you face.

Written by Roger A. Grimes06 Dec. 17 00:30

Trouble spotted on the network

No sophisticated SOC? You can still be pretty sure that you’re aware of anything potentially troublesome.

Written by By Mathias Thurman12 Sept. 16 21:00

Belgium attacks reinforce that security is everybody’s problem

In light of the tragedy in Belgium columnist Rob Enderle writes that it is more important than ever to rethink our security efforts. People seem to think security is someone else’s problem, but the reality is that security is something we all need to own.

Written by Rob Enderle26 March 16 00:05

How to convince the CFO of the budgetary security need

It had been custom for organizations to think of cyber security in terms of an information technology (IT) problem best left to IT people to address and fix. However, as more prolific breaches were publicized exposing a variety of sensitive personal, financial, and intellectual property-related data, it became clear that this was a rather myopic view in today’s increasingly interconnected world.

Written by Brian Contos10 Feb. 16 05:08

Battling cyberattacks with bombs?

Columnist Rob Enderle says a recent data breach investigation report should have you rethinking your cybersecurity strategies. Here’s why you may want to buy a bunker.

Written by Rob Enderle23 Jan. 16 03:34

Scammers target Dell customers after apparent data breach

A number of Dell customers claim to have been contacted by scammers who had access to specific customer information that should have only been available to Dell. The company claims it hasn't been hacked but won't offer an explanation for the seemingly stolen data.

Written by Bill Snyder11 Jan. 16 18:32

5 sins cybersecurity executives should avoid

With the advent of 2016, I was tempted to touch upon my thoughts on what the future of the cyber landscape will hold, prognosticating trends and shifts and what the next big threat would be. However, upon deeper reflection and further review of 2015, I’ve decided to focus on what we as cyber security executives have control of and can influence, as those have a direct and more profound impact on the organizations we steward. The “Five Sins” may seem hyperbolic but given the fact that organizations are continuing to make the same mistakes without trying to rectify them, I think it’s fitting particularly at the end of the year when we aspire to be better than we were yesterday, but not as good as we hope to be tomorrow.

Written by Brian Contos04 Jan. 16 16:39

Security threats and why you never want to name anything

There is a bit of a name fight going on with a new class of security software. Traditionally, this has been called UBA, for User Based Analysis or Analytics. However, recently newer firms are coming to market arguing that the name should have more to do with the benefit the technology provides and reflect that the breadth of analysis goes well beyond users. Thus, you have ABD, or Active Breach Detection, and this could as easily be DBD, or Dynamic Breach Detection, or even SJIASSFYCAWCTYWTAAWTAS or Some Jerk Is Already Stealing Stuff From Your Company And We Can Tell You Who They Are And What They Are Stealing.

Written by Rob Enderle04 July 15 01:57

How to create an effective data security communication plan

In today's global office, IT security leadership spends a great deal of time and resources creating a defense-in-depth approach to data security. This often includes layering on both logical and physical solutions as well as detailing out policies and procedures for accessing company data in a secure manner.

Written by Larry Ponemon05 Feb. 15 02:11

AT&T: The CIO security checklist

In the age of big data, bring-your-own-devices and internet-connected supply chains, cybercrime is big business; and cyber security has never been higher on the C-suite agenda. Here are three steps CIOs can take in this environment.

Written by Vanessa Lew26 Nov. 14 04:00

How to survive a data breach

If someone with the proper motive and means (time, money, and resources) wants what you have badly enough, they are going to get it. Many companies fail to prepare for a breach until it's too late. Unfortunately, there is not a true, tested method for preventing and/or stopping a breach. How does one survive the inevitable?

Written by Scott M. Angelo05 Sept. 14 06:14

Board of directors will have a profound impact on cybersecurity

According to a recent article in the Wall Street Journal, corporate boards are getting much more involved in cybersecurity. What's driving this behavior? While the Target breach probably influenced this behavior, corporate boards now realize that cybersecurity has become a pervasive risk that could have an adverse impact on all businesses.

Written by Jon Oltsik08 July 14 05:00