Announcing the Marriage of Technical and Traditional Security Skills

RSA recently published the SBIC report entitled ‘Getting Ahead of Advanced Threats’. One of the recommendations from the report is about finding the right people with the right skills to become Cyber Security Analysts. Dave Martin, CSO for the EMC suggests “ Cyber Risk intelligence requires a skill set combining abilities to understand threats, the business environment and security controls in order to determine the risks to the business and what controls would mitigate this risk.” This is a pretty tall order for most organizations. They may have many individuals whose skills match one of these areas, but rarely all of them.

Contextual Deep Content Inspection for Security

It’s 2012 and the reality of 2011′s shifting security landscape should have set in by now. As much as many of you may want to go back to the days of worrying about Anti-Virus definition files, basic patching, and a single border firewall as the makeup of your entire security posture, its time to take a serious look at how you will plan your defenses for 2012.

Happy Anniversary to Microsoft Trustworthy Computing Initiative

Ten years ago this month, Bill Gates issued a memo to all Microsoft employees announcing the Trustworthy Computing Initiative. Development was halted for several weeks to review code and to train Microsoft software engineers on security. This memo was later followed by the publication of Microsoft’s Security Development Lifecycle, as well as the release of multiple security tools. Michael Howard from Microsoft recently provided in a blog post an insider view of this anniversary. Let me share with you my views on the impact of Microsoft security push on EMC and on the industry as a whole.

All Those Years Ago: Looking back at the early days of cybercrime & fraud at RSA

Over the past 6+ years at RSA I’ve seen a lot of changes at RSA from acquisitions to new product launches to the dreaded “end of life” of a product.  I’ve seen the group I originally start in grow from less than a dozen people to one of the largest segments of the company.  I’ve [...]

Guest Post: Getting Management to Buy into ITSM

Despite large amounts of data and case studies singing the praises of ITSM, there are still managers reluctant to adapt to a change toward an ITSM system for a variety of reasons, including…

Corporate Responsibility with Ben Tomhave

This is part two in a conversation that I had with Ben Tomhave (@falconsview) last week over Twitter. What started out as a quick question about busting PCI myths turned into corporate responsibility. If you haven’t seen this article about a company who is facing massive penalties, give it a read. It will help set [...]

The Future of SIEM and the SOC

Perhaps no product is more associated with an organization’s Security Operations Center (SOC) than its SIEM. Given that a SOC, as its name implies, is operationally responsible for the enterprise’s security, it is not surprising that it depends heavily on a tool which collects, analyzes, and reports in near real-time on security related activity from around the enterprise. As the SOC goes so too goes its SIEM. Or at least it must for the SIEM/SOC relationship to remain a healthy one.

For Fraudsters by Fraudsters: iFrame Traffic Shop Opens for Business

A new iFrame traffic service opened for business to service cybercriminals came from an underground operator who apparently wished to provide his fraudster-buyers with an easy online platform through which they could buy or sell web traffic. Evidently, when used in the context of fraud, one can expect to see junk traffic leading to exploit kit infections, Trojan drive-by download sites, and live phishing pages.

Intelligence-driven Security: New RSA research from the Security for Business Innovation Council – Podcast #233

Sam Curry, CTO of RSA Identity & Data Protection talks about the new SBIC research report “Getting Ahead of Advanced Threats: Achieving Intelligence-driven Information Security,” and his perspective on the importance of using data from many different sources to give security teams a clearer picture of cyber threats that may be both outside and inside the enterprise.

Smart Security: The Evolution of Higher Security Forms

Last august, I wrote about needing a different answer to the traditional security problem because the changing landscape over time was making conventional protocols, applications and skill obsolete. I wrote there about time and intelligence: these are the essential assets in any security autonomic system. Why? To really boil it down to its basics, it’s a race. In a race, you care about being first, not second. Intel helps you run the race better and time is the only currency that matter. It’s a race to the data, and you want to win. So it’s all about time and intelligence.