rsa

2017 is the Year for RSA Business-Driven Security™ Solutions

This week, RSA will be making a global announcement during the 2017 RSA Conference to formally unveil RSA Business-Driven Security solutions, a new approach to help customers manage cyber risk. This architecture, along with several concurrent solution and service announcements, enables customers to take command of their risk posture and secure what matters most. BUSINESS-DRIVEN…

Launching the Security Operations Center (SOC) at RSA Conference

Welcome to RSA Conference 2017! The RSA Conference SOC team set up the Security Operations Center over the weekend. We were here along with scores of construction crews re building huge booth displays for some of the largest security companies in the world. It was a long weekend of building, lighting – and of course…

Joining RSA’s Mission To Deliver Business-Driven Security – From RSA’s New President Rohit Ghai

I am delighted to be joining RSA at such an exciting and transformational time in the security industry. 2016 brought an unprecedented focus on the global cybersecurity situation. From the use of IoT vulnerabilities to halt the largest global websites, to politically motivated intrusions, to power grids being targeted – threats that were previously unimaginable…

TALES FROM THE BLACK HAT NOC: WHAT’S IN YOUR CLASSROOM?

  Hanging in the NOC these last couple of days has confirmed one thing.  Creation of content to support an information security program is an ongoing process.  It starts with the identification and deployment of out-of-the-box content useful for the audience, but a good security operations plan does not stop there. The RSA NOC team…

TALES FROM THE BLACK HAT NOC: Data in the Clear

        I started my day by reading an article about how to stay safe during Black Hat and DEF CON.  There were suggestions like – don’t bring a laptop, not to bring your smartphone, to leave your wallet at home, and only carry cash.  Why would such recommendations be made?  Black Hat and DEF CON attract security professionals, as well…

Governance is the Center of the Universe

We all know by now that granting access to our sensitive applications introduces all sorts of “what-ifs” in an organization. What if my accounts payable admin, disgruntled and upset, decides to abuse her access to my payment system to funnel funds outside of the company? Or what if she decides to plug in her USB…

Help Wanted: Growing the Pipeline of Cyber Talent

In my last blog post , I started a discussion on my experience at the National Institute for Cyber Education (NICE) Conference 2015. Here, I’ll give you actions and key ideas on how we can make a difference and develop the next generation of cyber professionals. We need more industry representation on this issue of…

Thoughts on the Plane from the Cyber Education Conference- and Feeling Energized

I’m fresh off the National Institute for Cyber Education (NICE) Conference 2015, the premier gathering for academics, government and industry to advance cyber education. The mission of the conference was clear: to develop the next generation of US cybersecurity professionals, and help close the massive skills gap (the gap between the number of cybersecurity job…

Advanced Won’t Replace Situational Awareness

Who hasn’t observed their leadership chase the proverbial silver bullet for targeted attack detection? Often, as practitioners, we fall victim to chasing the perfect detection system and we forget about the basics. Countless times we work with organizations that fail to establish proper situational awareness.  Without situational awareness, a domino effect occurs with the response…

Beautiful Women Make for Excellent Hackers

There’s nothing particularly revelatory in saying women hold certain powers of persuasion over men. Odysseus was nearly shipwrecked by beckoning Sirens, St. John the Baptist was beheaded at the request of a gyrating Salomé, and I, in third grade, gave some of the more prized Beanie Babies in my collection to Shawna Jones because she…