Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Security Journal
Radware has announced that TeraGo Networks has chosen Radware’s DDoS Attack Mitigation solution to power their new suite of security services. Headquartered in Ontario, Canada, TeraGo Networks owns and manages a national IP network, providing service to 46 major markets across Canada....
SYS-CON Events announced today that LeaseWeb USA Inc., one of the world's largest hosting brands, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. LeaseWeb USA has announced that its platform ...
In December 1998 when transitioning into a job doing intelligence support to DoD computer network defense, one of my mentors reminded me of a Reagan-era publication that helped the public better understand the Soviet threat called "Soviet Military Power." This document was based on th...
Recently I changed some of my passwords. Some due to typical rotation time and a couple due to potential breaches and encouragement from the affected site. No, I’m not going to tell you which ones or how I go about it but I noticed that it took about 3 days for my fingers to key the co...
In the 1946 classic ‘Hair Raising Hare,’ Bugs Bunny asks, ‘Have you ever have the feeling you were being watched? Like the eyes of strange things are upon you?’ Like Bugs often did, he breaks the fourth wall and involves the audience directly, invoking a feeling that someone is looking...
This post provides an update on the ongoing battle between Apple and the U.S. government regarding Syed Rizwan Farook's iPhone, recovered by police after the horrific massacre in San Bernadino on December 2, 2015. It is just days before the March 22, 2016 hearing in this long-running...
In part one of this series, "Rugged DevOps: Survival is Not Mandatory", I shared news that 1 in 16 open source and third-party components downloaded last year included a known vulnerability. That may not seem like too many until you realize the average company downloads well over 200,...
SYS-CON Events announced today that Alert Logic, Inc., the leading provider of Security-as-a-Service solutions for the cloud, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Alert Logic has a...
DevOps simply represents the better fusion of the usually quite distinct departments of software engineering and IT operations. The goal is faster and safer rates of software innovation. A simple objective but a troublesome one in reality – As many experts explain the core issue is th...
How well do you know your code? It sounds like a strange question, but please indulge me. Maybe you're a manager or business analyst. If this is the case, you ‘know' the code through a translation layer in which the developers in your organization explain what it does. Sometimes ...
I am sure you are aware, the business computing environment is evolving. From all of us and the multitude of devices we now carry and interact with, along with the various ways we access information…to all of the applications and the interdependency among those applications that we req...
There once was a time when organizations wouldn’t consider deploying critical applications in the cloud. It was too much of a business risk from both an access and an attack perspective—and for good reason, since 28 percent of enterprises have experienced more security breaches in the ...
For more than 10 years, the rapid rise of cloud computing has enabled an even more rapid application of cloud to genomic medicine. In fact, since the U.S. National Institutes of Health (NIH) lifted a 2007 ban on uploading their genomic data into cloud storage, the explosion in cloud us...
We’re doing something a little different this year at #RSA with a Security Octagon. Everyone loves a good debate and in the security community discussions pop up constantly around a myriad of topics at any given point – with individuals or groups in the community taking opposing sides ...
The battle lines are clear: the FBI is using the courts to try to force Apple to write malware that will provide a backdoor into the iPhone the Feds recovered at the recent San Bernardino terrorist shootings – but Apple is fighting the order tooth and nail, as such malware would weaken...
I’m sure you’ve heard the saying ‘wearing your heart on your sleeve’ to indicate that someone expresses their emotions freely or exposes their true emotions without caution. This can be good in that you become open and vulnerable when showing your true feelings but can jade areas like ...
We protect our homes with a single front door (generally speaking) don’t we? Should our approach to cyber security be any different? Shouldn’t we be able to look to one single security layer for protection? Given the proliferation and diversity of malware, viruses, hacks, phishing, on...
In a recent market study offering by Transparency Market Research (TMR), the global cloud security market is projected to grow at a CAGR of 12.80% from 2015 to 2022. The report, titled "Cloud Security Market - Global Industry Analysis, Size, Share, Growth, Trends and Forecast 2014 - 20...
Earlier this week it was reported that researchers at Boston-based security company, Rapid7, identified several security flaws in an app connected to a new toy from Mattel's Fisher-Price brand. The news of the security vulnerability caught our attention for a few reasons: The name of...
Time for a blog about personal privacy, before we all have forgotten about the concept. The Circle is both the title of an 2009 album by Bon Jovi as a 2013 novel by Dave Eggers. A novel relevant for a cloud blog because it describes a future in which one company (the Circle) largely co...
The start of a new year is always a good time for many businesses to get their IT strategies in place. However, there has been one issue in the past couple of months that may potentially cause a lot of complications in IT departments across the US and EU; the implications for cloud com...
For nearly 12 years at F5, I’ve had only two job titles – Security Systems Architect from 2004-06 and Technical Marketing Manager since 2006. Whenever anyone asks what I do at F5, I typically answer, ‘Writer, speaker and video producer,’ in that order. Above all, I focused on covering ...
As 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 – Information Security (InfoSec) and compliance. Needless to say, both are critical to an enterprise (especially given past examples of data breaches and looming cybersecurity threats). As a resul...
Imagine if Ben Grimm, aka The Thing, didn’t have such distinctive characteristics like an orange rocky body, blue eyes or his battle cry, ‘It’s Clobberin’ Time!’ and had to provide a photo ID and password to prove he was a founding member of the Fantastic Four. Or if the alien in John ...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Dat...
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. I...
Eliminating waste is by far my favorite part of the agile approach to software. In a world where the entirety of a piece of software is designed up front, I might ship and learn only after the fact that nobody ever uses the software's WhizBang feature. That's brutal - the entire ...
Fusion has announced that a major East Coast hospital system has signed a three year, $1.5 million agreement with Fusion to upgrade the healthcare institution's communications infrastructure, facilitating its migration to the cloud while protecting its significant technology investment...
Shadow IT is here to stay. IT departments need to appreciate that it is so culturally inbuilt that shutting it down is now impossible; in fact, policies punishing the use of third-party apps would more likely push rogue users deeper into the darkness. The battle that can be won is to b...
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2015 blog entries. If you missed any of the 89 attempts including 59 videos, here they are wrapped in one simple entry. I read somew...
The year 2015 is soon coming to an end as the year 2016 looks to be ushering in exciting new ways in which the Internet of Things (IoT) is changing our way of life. It’s easy to see these transformations taking shape on the consumer side (home automation, smart appliances, connected ca...
ThoughtWorks has issued the latest Technology Radar, an assessment of trends significantly impacting software development and business strategy. The Technology Radar sets out the current changes in software development - things in motion to pay attention to based upon ThoughtWorks' day...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delive...
The United States government houses a massive data set, and utilizing it in a transparent and ethical manner is vital to our economy, our environment and our overall well-being as a society. Distrust in the public sector is at an all-time high. At the same time that Americans share "...
This morning on #c9d9 we spoke with two industry veterans and published authors - James DeLuccia and Jonathan McAllister - on how to bake-in security and compliance into your DevOps processes, and how DevOps and automation can essentially help you pass your next audit.
The quest to understand production and operational factors, distribute this information to business systems and people within an organization, and directly improve business processes and profitability as a result is not new. In fact, it has been embraced by companies for decades. This ...
"We enable organizations to solve the key challenges around the security and compliance of hybrid clouds. We like to also capitalize on this new phenomenon called DevSecOps, which is making sure that security is built in as you release these platforms into the cloud," explained JD Sher...
Wi-Fi has become a necessity of the digital age, and like everything, everyone loves it even more when it is free. Whether it’s used to access a presentation at a new client meeting, to host a video conference call, or edit and email important documents, public Wi-Fi means nearly anywh...
We all argue, especially if you’re passionate about something. Sometimes it’s with our spouse, sometimes with friends or co-workers and sometimes we scold objects that aren’t doing what we want them to do, ‘Ah, come on pen…don’t run out of ink now!!’ As more of these things get connect...
I didn’t want to be so dramatic, but I couldn’t help but be completely honest as well. The end possibility is that your entire organization may suffer the fate as Sony Pictures, Target, Anthem and others that have been shaken by hacks and vulnerabilities in their networks. In some case...