Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Security Journal
As 2016 has arrived, we reflect upon one of the most debated issues around DevOps in 2015 – Information Security (InfoSec) and compliance. Needless to say, both are critical to an enterprise (especially given past examples of data breaches and looming cybersecurity threats). As a resul...
Imagine if Ben Grimm, aka The Thing, didn’t have such distinctive characteristics like an orange rocky body, blue eyes or his battle cry, ‘It’s Clobberin’ Time!’ and had to provide a photo ID and password to prove he was a founding member of the Fantastic Four. Or if the alien in John ...
Contextual Analytics of various threat data provides a deeper understanding of a given threat and enables identification of unknown threat vectors. In his session at @ThingsExpo, David Dufour, Head of Security Architecture, IoT, Webroot, Inc., discussed how through the use of Big Dat...
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. I...
Eliminating waste is by far my favorite part of the agile approach to software. In a world where the entirety of a piece of software is designed up front, I might ship and learn only after the fact that nobody ever uses the software's WhizBang feature. That's brutal - the entire ...
Fusion has announced that a major East Coast hospital system has signed a three year, $1.5 million agreement with Fusion to upgrade the healthcare institution's communications infrastructure, facilitating its migration to the cloud while protecting its significant technology investment...
Shadow IT is here to stay. IT departments need to appreciate that it is so culturally inbuilt that shutting it down is now impossible; in fact, policies punishing the use of third-party apps would more likely push rogue users deeper into the darkness. The battle that can be won is to b...
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2015 blog entries. If you missed any of the 89 attempts including 59 videos, here they are wrapped in one simple entry. I read somew...
The year 2015 is soon coming to an end as the year 2016 looks to be ushering in exciting new ways in which the Internet of Things (IoT) is changing our way of life. It’s easy to see these transformations taking shape on the consumer side (home automation, smart appliances, connected ca...
ThoughtWorks has issued the latest Technology Radar, an assessment of trends significantly impacting software development and business strategy. The Technology Radar sets out the current changes in software development - things in motion to pay attention to based upon ThoughtWorks' day...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delive...
The United States government houses a massive data set, and utilizing it in a transparent and ethical manner is vital to our economy, our environment and our overall well-being as a society. Distrust in the public sector is at an all-time high. At the same time that Americans share "...
This morning on #c9d9 we spoke with two industry veterans and published authors - James DeLuccia and Jonathan McAllister - on how to bake-in security and compliance into your DevOps processes, and how DevOps and automation can essentially help you pass your next audit.
The quest to understand production and operational factors, distribute this information to business systems and people within an organization, and directly improve business processes and profitability as a result is not new. In fact, it has been embraced by companies for decades. This ...
"We enable organizations to solve the key challenges around the security and compliance of hybrid clouds. We like to also capitalize on this new phenomenon called DevSecOps, which is making sure that security is built in as you release these platforms into the cloud," explained JD Sher...
Wi-Fi has become a necessity of the digital age, and like everything, everyone loves it even more when it is free. Whether it’s used to access a presentation at a new client meeting, to host a video conference call, or edit and email important documents, public Wi-Fi means nearly anywh...
We all argue, especially if you’re passionate about something. Sometimes it’s with our spouse, sometimes with friends or co-workers and sometimes we scold objects that aren’t doing what we want them to do, ‘Ah, come on pen…don’t run out of ink now!!’ As more of these things get connect...
I didn’t want to be so dramatic, but I couldn’t help but be completely honest as well. The end possibility is that your entire organization may suffer the fate as Sony Pictures, Target, Anthem and others that have been shaken by hacks and vulnerabilities in their networks. In some case...
For the last 15 years, companies operating in the United States and Europe have benefited from Safe Harbor - a streamlined process that allowed U.S. companies to transfer and store European citizens' data in the U.S. provided a level of privacy protections were adhered to according to ...
It is important to accept that threats come in many forms and can affect businesses greatly, for example, 15 per cent of large organisations suffered from a security or data breach in the last year involving smartphones or tablets. With increased employee mobility, businesses must equi...
It’s a given that employee access to corporate systems should be both as secure and simple as possible. Up until recently however, time-strapped CIOs, under pressure from demanding staff and challenged with authenticating users all over the world on multiple devices, have been torn bet...
Cyber insurance is an important element for companies as it covers the damage and liability caused by a hack, which are usually excluded from traditional liability coverage. Stricter data privacy notification laws, government incentives, cloud adoption and the increase in high-profile...
Big Data is a growing trend, making it possible for businesses of every kind to gather, store, and use the unlimited personal and private data found on the internet. This massive collection allows them to predict trends, determine consumer tastes, and hone marketing plans for the great...
This article originally appeared on F5.com on 10.20.15. With Halloween in our rearview mirror and the holiday shopping season upon us, a couple surveys are out examining our fears and in particular, our concerns about identity theft. Apparently, ID theft is not so scary anymore –...
The next few years could see a paradigm shift in the way anti-virus applications work. A number of businesses have started migrating from traditional desktop based anti-virus packages to "lighter" software apps that process desktop security on the cloud. At the outset, this change is n...
How often do you get questions like ‘Have you gone to the cloud yet?’, or ‘Why aren’t we in the cloud?’, or a myriad of others along those same lines. People still talk like the cloud is a destination. I discussed this tendency last year in a blog, “The Cloud – Is It Your Actual Destin...
The age of mobile applications, pervasive use of social media and growing demand for accurate consumer data are converging to drive significant changes in how organizations connect with and market to their respective customer bases — as well as the technologies they use to do so. It’s ...
Soha Systems Co-Founder and CEO Haseeb Budhani will be a featured speaker in the “Dev” Developer Focus track during DevOps Summit 2015, November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Budhani’s presentation, “Security Practices that Can Hinder Your Business...
I attend a lot of technology trade shows throughout the year and still remember going to my first technology event for F5 back in 2004. Small, almost high school science fair type booths handing out glossy flyers of the latest product along with our famous squeeze balls. And for the ye...
The traditional, on-premise computing model has established processes, accreditations, certifications, governance and compliance rules - FISMA, NERC CIP, HIPAA, PCI-DSS, IRS 1075. While the security industry is aggressively addressing the technical security gaps in cloud-driven service...
Cloud computing delivers on-demand resources that provide businesses with flexibility and cost-savings. The challenge in moving workloads to the cloud has been the cost and complexity of ensuring the initial and ongoing security and regulatory (PCI, HIPAA, FFIEC) compliance across priv...
Thomas Stanley, Product Management Engineer, discusses the challenges organizations face when implementing a SSL Everywhere strategy even in the cloud. He gets into areas like SSL certificates, key management, multiple interfaces and the learning curves involved with deploying SSL Ever...
SYS-CON Events announced today that DataClear Inc. will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. The DataClear ‘BlackBox’ is the only solution that moves your PC, browsing and d...
SYS-CON Events announced today that Key Information Systems, Inc. (KeyInfo), a leading cloud and infrastructure provider offering integrated solutions to enterprises, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Con...
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS pro...
SYS-CON Events announced today that Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo® and DevOps Summit 2015 Silicon Valley, which will take place November 3–5, 2015, at the Sa...
Mobile has become standard in the enterprise with smartphones and tablets common in the workplace. Anywhere, anytime access to company systems is expected and systems must work flawlessly on these devices! This demand is requiring that corporate IT departments figure out the best mobi...
SYS-CON Events announced today that Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, has been named “Bronze Sponsor” of SYS-CON's 17th International Cloud Expo® and DevOps Summit 2015 Silicon Valley, which will take place November 3–5, 2015, at the Sa...
A recent report from The Infoblox DNS Threat Index (in conjunction with Internet Identity) shows that phishing attacks has raised the DNS threat level to a record high of 133 for second quarter of 2015, up 58% from the same time last year. The biggest factor for the jump is the creatio...
‘FDA tells hospitals to stop using a pump that is vulnerable to hackers.’.This headline was all over the internet and news this weekend, with the pump in question being a medical infusion pump that automatically administers dosages of medication to patients in a hospital. A vulnerabili...