ADS BY GOOGLE
From the Blogosphere

In the spirit of leaving Las Vegas I started thinking about the transformation of Las Vegas from a desert oasis created by organized crime to a billion-dollar industry. How did big business and Wall St. push the mob out of Vegas? Movies and television shows, such as Casino, Goodfellas,...
There are two levels of reliability for an application. There’s local and there’s global. We might want to consider it more simply as “inside” and “outside” reliability. Virtualization enables local reliability – the inside kind of reliability. Whether you’re relying upon clustering ...
Many see the terms risk and threat as interchangeable. However in the simplest of terms, risk the probability or frequency of doing harm while threat is the actual or attempted infliction of that harm. Tomato, tomahto? It’s all about keeping your IT assets protected, right? I was chat...
On 16 May 2012 I attended, with Alex Olesker and defense contractor Robert Caruso the Atlantic Council/Cyber Conflict Studies Association’s event “Lessons From Our Cyber Past: The First Cyber Cops.” Jason Healey of ACUS/CCSA moderated a discussion between the ODNI’s Steven R. Chabinsky...
Many organizations are now allowing employees to use their personally-owned devices for work purposes with the goal of achieving improved employee satisfaction and productivity. However, this comes at an IT price and can pose several challenges with ensuring security. We live and work...
No matter how secure your infrastructure is, sooner or later you will become a victim of a computer crime. Someone may point a DDoS (Distributed Denial of Service) attack at your services, may sniff your network, or may copy/delete confidential information. You may not even realize suc...
It’s really easy to quantify some of the costs associated with a security breach. Number of customers impacted times the cost of a first class stamp plus the cost of a sheet of paper plus the cost of ink divided by … you get the picture. Some of the costs are easier than others to calc...
As part of our cloud strategy, we’ve recently released a VMware version of our cloud security offering. It allows cloud providers using VMware, as well as the cloud users themselves, to create an encrypted environment within minutes, while eliminating the complexity around encryption k...
As I mentioned in my last blog post, the promise of cost reduction is compelling many enterprises to move their workloads into the Cloud but many IT leaders are reluctant to do so, for fear of compromising the security and availability of their services. These concerns are well-founded...
The mission of the Security Innovation Network™ (SINET) is to advance innovation and enable global collaboration between the public and private sectors to defeat Cybersecurity threats. SINET increases awareness between builders, buyers, researchers and investors in the Cybersecurity do...
Today’s federal cybersecurity and information technology news: U.S. Army Cyber Command operational attorney Robert Clark said that the legal frameworks are not keeping pace with cyber operations and said that claims of “cyber war” do not qualify as war defined by international l...
This week, our office came across an article by Roger A. Grimes entitled “Why you don’t need a firewall”. As a security professional working for a company whose responsibilities include firewall management, I found the article to be extremely shortsighted, and borderline offensive. Nor...
In one of the more short-sighted, narrow-minded, and just downright inane articles that I’ve read in quite sometime Roger Grimes told us all about “Why you don’t need a firewall.“ His premise is that exploits and attacks are developing at a level as to surpass the capabilities of a co...
“In the past year, one in seven large organizations detected hackers within their systems.” This is the highest level recorded, said the recently released PwC 2012 Information Security Breaches Survey.  It was completed in conjunction with Infosecurity Europe and supported ...
When developing your security architecture, look to the 500 year old medieval castle model to create layers of protection. And this best practice extends itself to the cloud as security-as-a-service. One of the true benefits of the cloud is the ability to reconfigure and create a stro...
First, let’s make it clear what an endpoint is. In Microsoft’s world this term represents any client computer, server, or laptop in an organization. Forefront Endpoint Protection is a line-of-business application developed by Microsoft to provide defense against viruses, worms, and oth...
Over the past decade, we’ve become much more robust in our approach to information security. We recognize that our company’s largest vulnerabilities have to do with its computer systems, and that data security is at the core of loss prevention, disaster recovery, and even normal operat...
According to the PCI SSC, there are 12 PCI DSS requirements that satisfy a variety of security goals.  Areas of focus include building and maintaining a secure network, protecting stored cardholder data, maintaining a vulnerability management program, implementing strong access co...
According to the PCI SSC, there are 12 PCI DSS requirements that satisfy a variety of security goals. Areas of focus include building and maintaining a secure network, protecting stored cardholder data, maintaining a vulnerability management program, implementing strong access contr...
Symantec reported this past Wednesday that the number of total Flashback infections was down to approximately 140,000 from around half a million. However, the company has since revised its estimate to note that its method for detecting infected systems is reporting “limited infec...
According to the PCI SSC, there are 12 PCI DSS requirements that satisfy a variety of security goals. Areas of focus include building and maintaining a secure network, protecting stored cardholder data, maintaining a vulnerability management program, implementing strong access control...
According to the PCI SSC, there are 12 PCI DSS requirements that satisfy a variety of security goals.  Areas of focus include building and maintaining a secure network, protecting stored cardholder data, maintaining a vulnerability management program, implementing strong access co...
According to the PCI SSC, there are 12 PCI DSS requirements that satisfy a variety of security goals. Areas of focus include building and maintaining a secure network, protecting stored cardholder data, maintaining a vulnerability management program, implementing strong access control...
The IT Dog is waggin’ his tail today with this one. I love progress and the SSD revolution is certainly pushing the storage industry forward on many fronts. New products with SSD in every segment of the IT data chain from the server side SSD to SSD raid storage. SSD capabilities has...
The idea that you might pay someone else to keep quiet a vulnerability while you fix it may seem a bit backward to some in computer security. It would also seem to invite attacks on infrastructure. It’s no surprise, then, that many companies with technological products don’...
Anonymous claimed credit for taking down the Department of Justice and Central Intelligence Agency websites, as well at the website of MI6 in the UK. More here. The Defense Advanced Research Projects Agency has issued a request for proposals for more power-efficient processes in embedd...
This post is about how traditional database backup products work and how Zetta's new SQL server backup feature, which is part of our DataProtect solution, does the job in a distinctly different way. Both the solution and this post were created because finding a database backup solution...
A recent article “Put Your Test Lab In The Cloud” outlined the pros, cons and considerations you must take into account when talking about hosting test labs in the cloud. Using the cloud for this purpose is not necessarily a new idea, and it’s one that certainly makes a lot of sense; R...
Larry Steinke of St. Francis High School needed a simple, low-maintenance data backup solution, so he could focus on other pressing IT needs at the school. With over 1700 students and 100 faculty members at the school, Steinke has a lot of data to manage. On a daily basis, the IT team ...
And you thought FourSquare was a security risk…

Mobile phones with great cameras are an a...

I keep reading these stories about how various cloud service providers are building up their consulting practices around cloud computing mostly to address the enterprise market (see my previous post for some thoughts on that subject). These articles mostly read like it's a surprising r...
As the bad guys get more sophisticated with launching online attacks on your business PCs, you have to get smarter about how you are protecting them. And in the past year, many of the traditional anti-virus vendors have improved their … Mar. 29, 2012 07:30 AM EDT  Reads: 2,106
Cloud computing brings many advantages including elasticity, flexibility, and pay-per-use. But when looking at cloud security, and specifically encrypted cloud storage the picture is much more complex. Cloud security (in IaaS and PaaS scenarios) is a shared responsibility. The cloud pr...
We have previously written about Kyrus Tech Inc and have highlighted their unique capability called Carbon Black. We have worked with the team of experts there in the past and I am very proud to have been professionally associated with Michael Tanji since we were both in government in ...
Transparent Data Encryption (TDE), sometimes also called Transparent Database Encryption, is one way to encrypt database content. TDE offers encryption at a column, table, and tablespace level. This makes TDE one of the more highly configurable ways to encrypt database content, though ...
Security is a pretty big word. It’s used to represent everything from attack prevention to authentication and authorization to securing transport protocols. It’s used as an umbrella term for such a wide variety of concerns that it has become virtually meaningless when applied to techno...
We’ve always had a close relationship with cloud providers, such as Amazon Web Services and Red Hat OpenShift. Lately we have been hearing from an ever wider spectrum of the cloud provider industry, and their cloud data security requirements show a pattern. Providers need to different...
In the last week or two, the security community has been abuzz with two different papers on the security of RSA keys. It turns out there are tens of thousands of RSA keys out there that are weak: they share a prime modulus with another public key, allowing both keys to be factored (i.e...
Stewardship is a term implying the responsible use of important resources. The concept of stewardship can be applied to a variety of domains and has long been part of human dialog on what is right and wrong. A great dialog on stewardship in cyberspace is now underway, and it just took ...
What better way to spend 5 Minutes or Less on a Friday than watch someone else’s flubs. Here are the video bloopers, outtakes, mistakes and laughs while we shot video during the RSA2012 conference. Enjoy.


ADS BY GOOGLE