Big Data Security Analytics – Where do you Start?

In my recent blog series, ‘learning to cook ’, I created the recipes required for protecting against Advanced Threats. Big data analytics plays a key role in this as we really need to collect all of the data in our environment. So ,where do we start with analyzing this data ? I see it as…

This Too Shall Pass

Let us have a little less of “hands across the sea,” and a little more of that elemental distrust that is the security of nations. War loves to come like a thief in the night; professions of eternal amity provide the night. -Ambrose Bierce, “The Devil’s Dictionary” — As I’ve said before, the best practical…

Air Gaps and Smart Grid

As more information about the attack on Saudi Aramco has emerged, such as in the article in Dark Reading last week, it increasingly appears to be an aggressive and significant attack, with one attacker claiming to have compromised 30,000 of the company’s clients and servers. As described in the Saudi Aramco press release, however, the…

The Space between the 1’s and 0’s

In the movie Sneakers (one of my favorite all-time movies), the bad guy makes the prophetic statement ‘It’s all about the data’ in his pseudo mob voice.  With that utterance, he is describing where all of the power resides to control the world.  For those of you that have not seen the movie, the plot…

Phishing in Season: A Look at Online Fraud in 2012

The results are in for the first half of 2012, and once again, phishing attack numbers mark a notable increase on the global scale. Compared with H2 2011, end of June numbers show a 19% increase as phishers heavily target the UK, U.S. and Canada – and their associated brands – with the same old online…

Keeping Me with Me FINALLY!

One of my recent blogs was called ‘Taking me with me’  where  I talked about the concept of having all my personal information held somewhere securely which I could access and allow others like government bodies, medical professionals, financial institutions etc. to access for ‘one time transactions’ only. The idea was that you are in…

Looking for the Unknown Risk

A couple of weeks ago, I spoke at the annual Computerlinks Forum in Münich, sharing the agenda with a number of other major security vendors.  We decided that a good topic would be  “The Next Generation Security Operations Center”,  a discussion about the fundamental shift in security strategy  that is driven by the changes in…

Stalking the Kill Chain: The Attacker’s Chain

By Alex Cox, Sr. Researcher, RSA In 2009, incident responder Mike Cloppert with the Lockheed Martin CERT, published a series of articles that discussed security intelligence and leveraging indicators. In this series, he introduced a concept known as the “attacker kill chain”. This concept breaks attacker methodology into a series of sequential stages. Each stage…

Call to Arms: it’s time to make multi-factor authentication commonplace

“History will have to record that the greatest tragedy of this period of social transition was not the strident clamor of the bad people, but the appalling silence of the good people.” -Martin Luther King, Jr. “I like the dreams of the future better than the history of the past.” -Thomas Jefferson “A well regulated…

Social Media Fraud and the Olympics

With the 2012 London games more than halfway complete, the world’s nations continue to battle for Olympic glory.  As we follow our favorite athletes and pay attention to the daily medal count, most people don’t know about the other epic competition happening in the cyber underground. Fraudsters look at events like The Games as an…