Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

2017 Security Predictions - Stay Vigilant, We're in for a Wild Ride 2016 brought about more cyberattacks than we thought possible, especially involving ransomware, and we definitely won't see that trend breaking stride in 2017. By next year, we expect every single adult in the U.S. will know a blood relative that has had their identity stolen - the Internal Revenue Service reported that 2.7 million people had their identities stolen in 2014 and according to TransUnion, 19 people fall victim to identity theft every minute. Here's a quick tip: When you elect to use credit cards, stick to the ‘chip and pin' cards - no swiping. Online, use your credit card issuers ‘one-time-numbers' for purchases. Get a shredder and use it. Think of it as ‘safe recycling'. Now I'm no fortune teller, but there are a few predictions I can make for the coming year - that I think most of u... (more)

Why Security Teams Love Intelligent Deception | @CloudExpo #Cloud #Security #Analytics

Top 5 Reasons Why Security Teams Love Intelligent Deception Cyberattacks are relentless. The pace of attacks shows no sign of slowing, and organizations understand that 100 percent prevention of attacks is not possible. Traditional prevention and detection techniques are falling short, and security professionals are scrambling for new paradigms that can more effectively detect attacks and mitigate the growing levels of damage. In this climate of confusion, deception-based solutions offer a viable and proven way to stop attackers in their tracks. Why? Because instead of sitting back and waiting to be the victim, detection technologies let organizations be proactive and take the attack to the attacker. We've compiled a list of top five reasons why more security teams are opting for deception: 1. Malware Agnostic Today's cyber defenses are centered around prevention. Yet ... (more)

[video] Technical Testing with @CoalfireSys | @CloudExpo #Cloud #Security #FedRAMP

"Coalfire is a cyber-risk, security and compliance assessment and advisory services firm. We do a lot of work with the cloud service provider community," explained Ryan McGowan, Vice President, Sales (West) at Coalfire Systems, Inc., in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The World's Largest "Cloud Digital Transformation" Event @CloudExpo / @ThingsExpo 2017 New York (June 6-8, 2017, Javits Center, Manhattan) @CloudExpo / @ThingsExpo 2017 Silicon Valley (Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA) Full Conference Registration Gold Pass and Exhibit Hall ▸ Here Register For @CloudExpo ▸ Here via EventBrite Register For @ThingsExpo ▸ Here via EventBrite Register For @DevOpsSummit ▸ Here via EventBrite Sponsorship Opportunities Sponsors of Cloud Expo / @ThingsExpo wil... (more)

Load Balancing | @CloudExpo #BigData #Cloud #CyberSecurity #AI #ML #IoT

Pokeman Go has been a raging success. But its launch was marred by frequent downtimes and dropped connections. In a recent chat at the Google Cloud Platform Next Conference, Niantic CTO Phil Keslin talked about the “hair on fire” experience where the team had to firefight and upgrade key components on the live production system in order to handle the unexpected surge in new users joining in. Among the various upgrades made to the system, Niantic had to replace the network load balancer with a much more sophisticated HTTP/S load balancing system that could handle a larger overall throughput and offer faster connections. Keslin says that this timely upgrade made it possible for his team to launch in Japan without an incident although the number of new user signups at this point was triple what it was during their earlier US launch. The Pokeman Go launch is a perfect ... (more)

[video] #IoT Security with @SecureChannels | @ThingsExpo #IoT #M2M #ML

"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. The World's Largest "Cloud Digital Transformation" Event @CloudExpo / @ThingsExpo 2017 New York (June 6-8, 2017, Javits Center, Manhattan) @CloudExpo / @ThingsExpo 2017 Silicon Valley (Oct. 31 - Nov. 2, 2017, Santa Clara Convention Center, CA) Full Conference Registration Gold Pass and Exhibit Hall ▸ Here Register For @CloudExpo ▸ Here via EventBrite Register For @ThingsExpo ▸ Here via EventBrite Register For @DevOpsSummit ▸ Here via EventBrite Sponsorship Opportunities Sponsors of... (more)

Big Challenges of #BigData | @CloudExpo @Gemalto #Security #AI #ML #DL

Download White Paper ▸ Here Between 2005 and 2020, data volumes will grow by a factor of 300 - enough data to stack CDs from the earth to the moon 162 times. This has come to be known as the ‘Big Data' phenomenon. Unfortunately, traditional approaches to handling, storing and analyzing data aren't adequate at this scale: they're too costly, slow and physically cumbersome to keep up. Fortunately, in response a new breed of technology has emerged that is cheaper, faster and more scalable. Yet, in meeting these new needs they break many of the traditional security approaches on which enterprises depended. In these massive data volumes, how are organizations going to ensure that their customer information is safe from people looking to exploit it? Is it possible to adopt Big Data technologies while demonstrating compliance with industry regulations? Will security get i... (more)

Serverless Security | @DevOpsSummit #DevOps #LowCode #Serverless

In case you haven’t heard, the new hotness in app architectures is serverless. Mainly restricted to cloud environments (Amazon Lambda, Google Cloud Functions, Microsoft Azure Functions) the general concept is that you don’t have to worry about anything but the small snippets of code (functions) you write to do something when something happens. That’s an event-driven model, by the way, that should be very familiar to anyone who has taken advantage of a programmable proxy to do app or API routing and rewriting or executed inspection of requests or responses for malicious content. The “events” that trigger functions in a serverless app architecture are, by nature, related to application interaction with users. When a user clicks this button, or enters data in that field, a function is triggered that does something interesting. In the network, the “events” that trigge... (more)

Encryption in the Cloud | @CloudExpo #BigData #IoT #M2M #ML #AI #InfoSec

Download Slide Deck: ▸ Here Download Slide Deck: ▸ Here Encryption in the Cloud: What You Need to Know Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. Download Slide Deck: ▸ Here In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud. Topics will include: Choosing secure cloud vendors - third-party penetration testing, security audits and certifications. Depending on your business requirements, you may need to verify that your cloud vendor is certified to handle your data properly. If you process or store credit cards, PCI-DSS is a necessity. Additionally, depending on your security needs, a certifica... (more)

[slides] Empowering Enterprise Security with IoT | @ThingsExpo @SecureChannels #IoT #IIoT #M2M

Download Slide Deck: ▸ Here Download Slide Deck: ▸ Here Convergence: Empowering Enterprise Security with the Internet of Things The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can have devastating, if not catastrophic results. Download Slide Deck: ▸ Here In his session at 19th @ThingsExpo, Richard Blech, Chief Executive Officer at Secure Channels, explored the promise and the pitfalls inherent to IoT and offered a novel way... (more)

Clash of Ops | @DevOpsSummit #BigData #APM #DevOps #Docker #Monitoring

It was a Monday. I was reading the Internet. Okay, I was skimming feeds. Anyway, I happened across a title that intrigued me, "Stateful Apps and Containers: Squaring the Circle." It had all the right buzzwords (containers) and mentioned state, a topic near and dear to this application networking-oriented gal, so I happily clicked on through. Turns out that Stateful Apps are not Stateful Apps. Seriously. To be fair, I should really say that when a devops guy talks about ‘stateful apps' it is not the same thing as when a netops gal uses the term ‘stateful apps.'  That's because the devops guy is referring to persistent data storage for applications. File systems, databases, etc... When a netops gal talks about stateful apps, they're talking about the unique characteristics that identify existing TCP connections between two systems, like a client and an app. Devops thi... (more)

[session] Empowering Enterprise Security with the IoT By @SecureChannels | @ThingsExpo #IoT #IIoT #M2M #API

Convergence: Empowering Enterprise Security with the Internet of Things The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can have devastating, if not catastrophic results. In his session at 19th @ThingsExpo, Richard Blech, Chief Executive Officer at Secure Channels, will explore the promise and the pitfalls inherent to IoT and offers a novel way of incorporating an effective security paradigm in which IoT "watchmen" monitor an... (more)