Welcome!


From the Blogosphere

Log data provides the most granular view into what is happening across your systems, applications, and end users. Logs can show you where the issues are in real-time, and provide a historical trending view over time. Logs give you the whole picture. So you've started to build applica...
While news about the malicious hacking trade and the actions of elusive cyber-criminals continue to grab headlines, the third of our annual Insider Threat reports confirm that the risk posed by those legitimately ‘inside the fence’ continues to top business data security concerns. Of c...
Recent data breaches involved an unclassified computer network used by President Obama’s senior staff, prompting countermeasures by the administration and resulting in temporary system outages. Officials said the attack did not appear to be aimed at destruction of either data or hardwa...
When properly implemented and managed, secure enterprise file sync-and-share (EFSS) applications can improve project management and empower your workforce. Unfortunately, making the business case for secure EFSS isn’t always easy – especially when users and management aren’t aware of t...
With every New Year it is time to look back at the industry events of the past 12 months, and use our expertise to predict what lies ahead, in order to be more prepared. With regards to DDoS attacks, here is a short list of what to expect in 2015. We expect to see an increase in DDoS...
Cloud security is a top concern for chief security officers. In almost any enterprise, cloud migration is a given fact and recent attacks have proven, yet again, that data security is a critical component in any cloud migration strategy. Below are four tips, specific to Infrastructur...
2014 was a year of cloud security and compliance accomplishments and 2015 will certainly bring new challenges and new successes. In 2014, we worked closely with many customers who needed to adhere to HIPAA and PCI DSS compliance requirements. We made sure all bases were covered, data ...
Orbograph is an innovative healthcare ISV that provides Healthcare Revenue Cycle Management (HRCM) solutions, online medical scheduling, PHR, and other services to hospitals and clinics. The Leader: Ran Rothschild, Director of Operations The Project: The company’s next generation of ...
With all the news these days about cyberterrorism and hacking the cloud may seem like the last place you would want to put your precious information. Pew Research has even suggested that cyber-attacks are likely to increase. Some 61% of over 1600 security expert respondents to a recent...
While a year ago the big breach of the day involved likes of Target, now the breach landscape – which was once about financial gain – has exploded. It’s exploded to a world of state-sponsored attacks, of hackers getting more intelligent and of political organizations cyber-attacking al...
Reliable access to mission-critical applications is a key success factor for enterprises. For many organizations, moving applications from physical data centers to the cloud can increase resource capacity and ensure availability while reducing system management and IT infrastructure co...
Web app attacks are on the rise. According to Verizon's Data Breach Investigations Report, web app attacks doubled in frequency from 2012 to 2013, jumping from under 20% to 40% of recorded incidents. That should be a concern, because it's an application world and that means we're also...
DPS, or damage per second, is a somewhat self-describing term for the amount of damage that can be dealt (by a single person or a group) in one second. It's typically used by players of online games such as World of Warcraft or Diablo. Not that us old skool table top gamers don't calcu...
How much risk do you have of someone stealing disks from your datacenter? Take the average life span of a hard drive. The enterprise class hard drive is designed to last a minimum of 5 years. During that 5 years a SAN or NAS filled with hard disks is expected to have at least 99.999 pe...
Cyber security is rapidly becoming a significant issue in the C-suite as well as the population at large. The results of Dell's Global Technology Adoption Index(GTAI) [1] show that security is a top concern for most of the 2000 global small and medium businesses surveyed. The outcomes ...
In the last two years, IT security breaches have hit the White House, the State Department, the top federal intelligence agency, the largest American bank, the top hospital operator, energy companies, retailers and even the Postal Service. Melvin Greer, Senior Fellow and Chief Strategi...
In 2014, we saw AWS customers (especially in the small and mid-size segments) start to lay claim that they couldn’t make their own networks as secure as using Amazon’s EC2/S3 infrastructure services. This trend will accelerate in 2015. Small and medium businesses usage of cloud applic...
The Internet of Things or IoT is the next big trend promising to connect literally every device on the planet to the internet. IoT will fuel a data explosion that will provide the data needed to improve services, offerings and life in general by analysis and use of the information gene...
Tis’ the season – the season where I look back at predictions I made last year, the season where I evaluate and take a deep dive into the breach landscape and the season where I look into where 2015 is headed. In a March 2014 blog post, I discussed how the sheer amount of data breaches...
Simply by having access, privileged users may unwittingly put data at risk – or be used by an outside actor as a conduit for siphoning data. Unsurprisingly, privileged accounts are very attractive targets for attackers seeking to leverage access privileges for their own nefarious purpo...
I try to keep on top of the news, particularly as it relates to the nature and severity of cyber attacks taking place. Sadly, there’s been no shortage of reading material lately. Last month, there were reports on breaches at Kmart and Dairy Queen (my family loves Blizzards). Updates t...
A little while back, we blogged on key performance metrics that top Operations teams track. Mean time to resolution (MTTR) was one of those metrics. It’s the time between failure & recovery from failure, and it’s directly linked to your uptime. MTTR is a great metric to track; however,...
With so much concern revolving around security, the release and spread of FIDO’s Security Key is a welcome development. It by no means solves all security problems, but it’s a cheap, convenient, and effective way to enhance security and keep cyber attackers at bay. Security Key can be ...
Fraud is definitely top of mind for all banks. Steve Rosenbush at the Wall Street Journal recently wrote about Visa’s new Big Data analytic engine which has changed the way the company combats fraud. Visa estimates that its new Big Data fraud platform has identified $2 billion in poten...
Learn about the relationship between business risks and Continuous Testing, misperceptions about Continuous Testing, and how it helps both business and technical managers to make better trade-off decisions between release scope, time, and quality. Stickyminds' Cameron Philipp-Edmonds...
I'll explain the difference between two major categories in in-memory computing: In-Memory Database and In-Memory Data Grid. A few months ago, I spoke at the conference where I explained the difference between caching and an in-memory data grid. Today, having realized that many people...
Increased Security: Perhaps the most controversial benefit of SDS is that it offers increased security. Hardware enthusiasts will argue that there is nothing stronger than the sticks and bricks of the physical data center and the metal of the hardware devices. But this is not necessari...
Much of what human beings experience as commonplace today - social networking, on-line gaming, mobile and wearable computing -- was impossible a decade ago. One thing is certain: we're going to see even more impressive advances in the next few years. However, this will be the result of...
When asked how companies can protect themselves, Schmidt says “They need to properly scope encryption [and] use encryption where it is available.” According to another expert, BBC.com writer Paul Rubens, “Even if cloud service providers are infiltrated or compelled to disclose data,...
There are boggling challenges on the planet, each of them affecting all of us, one way or another. Food. Clean water. Vaccinations. Health care in general. Then those second-level concerns which are also catalysts for the big problems: transportation, communications, finance. There ...
Cloud computing is increasingly becoming part of the enterprise IT landscape. In fact, a recent cloud security survey conducted by HP reveals that 70 percent of all respondents say their company is using some form of the cloud. The study also found that cloud penetration jumps to 80 pe...

By Bob Gourley

The FBI just posted the first official written articulation of why they believe North Korea is linked to the ongoing Sony Hack. As someone who has worked with FBI investigators in the past I have...

Several current trends in cloud computing leading into 2015 actually exhibit a tension between themselves. One trend, a well-known fact that will continue in the New Year to a greater extent, is that enterprises are rapidly moving to the cloud because of its operational efficiencies. T...
Sitting through a number of presentations at various cyber conferences recently I’m struck that many enterprises cyber security planning comes down to having ‘the best people’ doing really pretty boring jobs. Jobs like keeping software updated, tracking down holes in the firewalls, wai...

By Anup Ghosh

Editor’s note: As an advisor to Invincea I closely track not only their capabilities but the context they provide the community. Anup Ghosh, CEO of Invincea published well reasoned conte...

As this year comes to a close, let's take one last look at the most pervasive cloud computing trends -- including increased usage across the different cloud service models, the key business drivers and the impact of agile innovation strategies.

Cloud computing adoption has m...
For more than a decade we have heard constant warnings about the coming of “cyber war” and “cyber terrorism.” The prophets of cyber doom have promised that cyber attacks are just around the corner that will be on par with natural disasters or the use of weapons of mass destruction. Wit...
For business leaders today, it’s not enough to drive company growth, seek competitive advantages and provide vision. In this era of advanced cyberattacks, executives also need to keep their companies’ data security strategies top of mind. The Ponemon Institute’s 2014 Cost of Data Breac...
The book The Cyber Threat was written to provide business and government executives insight into the nature of the dynamic adversaries attacking our networks. Understanding the Cyber Threat is critical to preparing your defenses prior to attack and also instrumental in mounting a de...
Successful hacks can paralyze websites, enable corporate or personal data to fall into the wrong hands and potentially damage the image, reputation and sales pipeline of the organization under attack. For many, this begs the question ‘Why us?’ To find out, let’s delve into the psyche o...