RSA Conference

Four Characteristics of Top-Notch Threat Intelligence

Threat intelligence is a hot topic these days and was arguably one of the top themes of RSA Conference 2016. However, organizations need to realize that simply having more data about the latest threats, vulnerabilities, and exploits is not the answer to all their cybersecurity problems. On the contrary, threat intelligence is only helpful if…

Dude, Where Is My Archer Summit?

We have all had that moment walking out of the shopping mall or the airport.  Everyone knows the feeling when that rush of doubt takes hold of our brains.  We stand frozen and frantically wait for our cerebral cortex to do its thing and pluck that single memory out of our vast network of synapses……

A Trip Report from RSA Conference 2016: Modern Identity Management

For anyone who went to RSA Conference 2016 to get updated on the state of modern identity management technologies and practices, you undoubtedly got your money’s worth and came back to your office with plenty of ideas on how to improve your organization’s approach. Given its foundational role in information security, the topic of identity…

Privacy: THE HOT TOPIC at #RSAC

Data privacy dominated the discourse at RSA Conference last week, unlike any hot-topic of years past. If you’re fascinated by this debate, as I am, and missed-out on some or all of RSAC this year, here is a list of talks that caught my attention. In addition to these keynote talks, the discussion spilled-out into…

Identity: The Keystone of Security

Okay, I’ve started this blog post with a deliberately controversial title, which truthfully is intended to be a bit of a thought experiment. Let’s suspend our disbelief, and think about the security landscape from this perspective for a few minutes. Really, this posting is intended to recap my thoughts and impressions from last month’s RSA…

RSAC 2015: Memory Forensics for IR – Leveraging Volatility to Hunt Advanced Actors

Memory forensics is a critical evidentiary goldmine that helps paint the picture of triage – a host is paramount; timing is everything. While it is well known, memory holds critical volatile information such as network connections, malware-based artifacts and other non-paged data, it also holds many of the same artifacts that were previously known to…

RSA Conference 2015: Re-Think Your Approach to Malware Analysis By Leveraging Intelligence

Attacks against secure infrastructure appear to grow in complexity and ambition with each passing year but, in reality, can be analyzed and defended against with very simple processes. Instead of viewing an attack as all-encompassing, a properly equipped security team can break down an intrusion attempt into clear sets of actions and indicators. With a…

Embracing the Challenge of Cyber Security

As summer draws to a close, I resumed my usual heavy schedule of travel last week with a keynote at the SIGS Technology Summit in Bern, Switzerland at which Hugh Thompson also spoke. During the panel at the end of SIGS Technology Summit, one of the most difficult questions that came up was whether we…

Stephen Colbert and the Ring of Steel

Believe it or not, the “Colbert Report” has been a Comedy Central mainstay for nearly a decade.   For me, it was a staple of weekday college nights, one that offered a refreshing (and often hilarious) take on the news stories we all-too-serious journalism majors spent five days a week over analyzing.   Keeping up with current…

Balancing Security and Privacy: Embracing an Advanced Cyber Defense Strategy

In his recent keynote at RSA Conference Europe 2013,  Art Coviello, RSA Executive Chairman, painted a sobering picture of the challenges confronting cybersecurity professionals. We face a continued increase in the sophistication and rate of cyberattacks. Attack surfaces are expanding, due to the explosion of apps, digital content, mobile devices and virtualized infrastructure.  And legacy…