RSA Conference

Identity: The Keystone of Security

Okay, I’ve started this blog post with a deliberately controversial title, which truthfully is intended to be a bit of a thought experiment. Let’s suspend our disbelief, and think about the security landscape from this perspective for a few minutes. Really, this posting is intended to recap my thoughts and impressions from last month’s RSA…

RSAC 2015: Memory Forensics for IR – Leveraging Volatility to Hunt Advanced Actors

Memory forensics is a critical evidentiary goldmine that helps paint the picture of triage – a host is paramount; timing is everything. While it is well known, memory holds critical volatile information such as network connections, malware-based artifacts and other non-paged data, it also holds many of the same artifacts that were previously known to…

RSA Conference 2015: Re-Think Your Approach to Malware Analysis By Leveraging Intelligence

Attacks against secure infrastructure appear to grow in complexity and ambition with each passing year but, in reality, can be analyzed and defended against with very simple processes. Instead of viewing an attack as all-encompassing, a properly equipped security team can break down an intrusion attempt into clear sets of actions and indicators. With a…

Embracing the Challenge of Cyber Security

As summer draws to a close, I resumed my usual heavy schedule of travel last week with a keynote at the SIGS Technology Summit in Bern, Switzerland at which Hugh Thompson also spoke. During the panel at the end of SIGS Technology Summit, one of the most difficult questions that came up was whether we…

Stephen Colbert and the Ring of Steel

Believe it or not, the “Colbert Report” has been a Comedy Central mainstay for nearly a decade.   For me, it was a staple of weekday college nights, one that offered a refreshing (and often hilarious) take on the news stories we all-too-serious journalism majors spent five days a week over analyzing.   Keeping up with current…

Balancing Security and Privacy: Embracing an Advanced Cyber Defense Strategy

In his recent keynote at RSA Conference Europe 2013,  Art Coviello, RSA Executive Chairman, painted a sobering picture of the challenges confronting cybersecurity professionals. We face a continued increase in the sophistication and rate of cyberattacks. Attack surfaces are expanding, due to the explosion of apps, digital content, mobile devices and virtualized infrastructure.  And legacy…

An All Access Sweep – RSA Wins Big at SC Mag Awards

Another year, another RSA Conference, and the continued battle to keep companies and assets secure.  Unfortunately each new week brings us stories of major US corporations compromised and growing sophistication of attackers in gaining a foothold on networks.  However, while the circumstances, the targets and the data stolen vary, at the beginning of all of…

The next marketing buzzword in security is…

“Whatever you put out I’m gonna buy it, so what’s your latest? I wanna try it” From “I’m a sucker for your marketing” by Sarah Jaffe   Every year we seem to have a new buzz term in security.  As someone who lives in the security product marketing world I’ve seen trends come and go.…

Security Strategy and Big Data

There’s been quite a lot of discussion recently about applying big data to improving security.  My colleagues Rashmi Knowles and Barrett Mononen have written a couple of blogs about it.  Our RSA/Netwitness CSO Eddie Schwartz spoke about it at RSA Conference China and the Splunk IPO in April certainly created lots of buzz around big…

Keys, Clouds and Conferences

As I mentioned in my last blog, one of the sessions I gave recently at RSA Conference China was a discussion of “Keys and Clouds”, exploring various models for key management and encryption in the cloud. It’s a topic that comes up often in my meetings with customers about private, public and hybrid cloud strategy.…