Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Security Journal
2014 was a year of cloud security and compliance accomplishments and 2015 will certainly bring new challenges and new successes. In 2014, we worked closely with many customers who needed to adhere to HIPAA and PCI DSS compliance requirements. We made sure all bases were covered, data ...
While a year ago the big breach of the day involved likes of Target, now the breach landscape – which was once about financial gain – has exploded. It’s exploded to a world of state-sponsored attacks, of hackers getting more intelligent and of political organizations cyber-attacking al...
From Baby Boomers to Gen X, Y, & Z, there are certain characteristics that define, at least according to demographers and historians, each generation. Generation X, specifically, might also remember a Rush song called The Analog Kid. While not as frequently played as Tom Sawyer or Subd...
Reliable access to mission-critical applications is a key success factor for enterprises. For many organizations, moving applications from physical data centers to the cloud can increase resource capacity and ensure availability while reducing system management and IT infrastructure co...
Web app attacks are on the rise. According to Verizon's Data Breach Investigations Report, web app attacks doubled in frequency from 2012 to 2013, jumping from under 20% to 40% of recorded incidents. That should be a concern, because it's an application world and that means we're also...
DPS, or damage per second, is a somewhat self-describing term for the amount of damage that can be dealt (by a single person or a group) in one second. It's typically used by players of online games such as World of Warcraft or Diablo. Not that us old skool table top gamers don't calcu...
How much risk do you have of someone stealing disks from your datacenter? Take the average life span of a hard drive. The enterprise class hard drive is designed to last a minimum of 5 years. During that 5 years a SAN or NAS filled with hard disks is expected to have at least 99.999 pe...
Now that we’re past the New Year, it’s time to learn from what happened in 2013 and 2014, especially when it comes to IT Security. One of those things we in IT Security should learn, is that there has been a strong insider related component in the vast majority of the large breaches th...
The shift to the cloud is in full swing. More and more organizations are adopting Software-as-a-Service(SaaS), forcing IT organizations to develop new strategies to secure the onslaught of data created and stored in cloud applications. Failure to develop strategies to close security g...
In 2014, we saw AWS customers (especially in the small and mid-size segments) start to lay claim that they couldn’t make their own networks as secure as using Amazon’s EC2/S3 infrastructure services. This trend will accelerate in 2015. Small and medium businesses usage of cloud applic...
Once again after a couple weeks off and the calendar odometer flipping another year, I’m sitting here with a blinking curser wondering what to write about. And the thing that pops into my head are Things. The Everythings. While 2014 was the hype year for the Internet of Things (IoT), a...
The Internet of Things or IoT is the next big trend promising to connect literally every device on the planet to the internet. IoT will fuel a data explosion that will provide the data needed to improve services, offerings and life in general by analysis and use of the information gene...
Tis’ the season – the season where I look back at predictions I made last year, the season where I evaluate and take a deep dive into the breach landscape and the season where I look into where 2015 is headed. In a March 2014 blog post, I discussed how the sheer amount of data breaches...
Long story short, remote wipes aren’t a perfect solution. The original intent had some validity, but it also raises too many concerns. Wiping is really only an effective solution in an ideal world. Unfortunately, thieves don’t play by the rules and find ways around our solutions. For t...
I try to keep on top of the news, particularly as it relates to the nature and severity of cyber attacks taking place. Sadly, there’s been no shortage of reading material lately. Last month, there were reports on breaches at Kmart and Dairy Queen (my family loves Blizzards). Updates t...
Increased Security: Perhaps the most controversial benefit of SDS is that it offers increased security. Hardware enthusiasts will argue that there is nothing stronger than the sticks and bricks of the physical data center and the metal of the hardware devices. But this is not necessari...
When asked how companies can protect themselves, Schmidt says “They need to properly scope encryption [and] use encryption where it is available.” According to another expert, BBC.com writer Paul Rubens, “Even if cloud service providers are infiltrated or compelled to disclose data,...
There are boggling challenges on the planet, each of them affecting all of us, one way or another. Food. Clean water. Vaccinations. Health care in general. Then those second-level concerns which are also catalysts for the big problems: transportation, communications, finance. There ...
By Bob Gourley The FBI just posted the first official written articulation of why they believe North Korea is linked to the ongoing Sony Hack. As someone who has worked with FBI investigators in the past I have to tell you they do not go public like this unless they have evidence. It ...
By Anup Ghosh Editor’s note: As an advisor to Invincea I closely track not only their capabilities but the context they provide the community. Anup Ghosh, CEO of Invincea published well reasoned context on the Sony Hack at the Invincea blog, it is reposted below for your conside...
For business leaders today, it’s not enough to drive company growth, seek competitive advantages and provide vision. In this era of advanced cyberattacks, executives also need to keep their companies’ data security strategies top of mind. The Ponemon Institute’s 2014 Cost of Data Breac...
Successful hacks can paralyze websites, enable corporate or personal data to fall into the wrong hands and potentially damage the image, reputation and sales pipeline of the organization under attack. For many, this begs the question ‘Why us?’ To find out, let’s delve into the psyche o...
For many of us in the enterprise software industry, modernizing IT while maintaining legacy systems is a tightrope walk where it pays to look ahead, stay balanced, and be nimble. As 2014 races to a close, those of us focused on terminal emulation software solutions have a responsibil...
It’s that time of year when we gift and re-gift, just like this text from last year. And the perfect opportunity to re-post, re-purpose and re-use all my 2014 blog entries. If you missed any of the 96 attempts including 57 videos, here they are wrapped in one simple entry. I read somew...
Now that cloud services have become part of IT’s “new normal,” commonly referred to as “hybrid,” it seems obvious that the approaches and tools we use to manage IT would also evolve and mature, though the pace of evolution varies amongst companies, of course. According to a Website Mag...
The time of year that crystal balls get a viewing and many pundits put out their annual predictions for the coming year. Rather than thinking up my own, I figured I’d regurgitate what many others are expecting to happen.
Data security has long been thought the exclusive domain of large enterprises. Why would cyber-criminals bother with small and midsized companies when the big prizes are to be found hacking into large organizations? Unfortunately an increasing number of smaller companies find themselv...
Eighty-nine percent of knowledge workers retain access to the sensitive corporate applications and files of former employers. Earlier this year, a member of the team at Site-Eye, one of the top time-lapse film companies in the UK, noticed a disturbing problem with one of its client'...
Driven by applications and workloads, a hybrid data center is really a technology strategy of the entire infrastructure mix of on-premises and off-premises data compute resources.
Like an application delivery oasis popping out of the ground, follow along and watch as I almost trip showing you how to find F5 Booth 253 at Gartner Data Center 2014. #GartnerDC is all about IT Infrastructure and Operations Management and BIG-IP sits in the strategic point of control ...
If you thought the Bring Your Own Device (BYOD) craze was a headache, just wait until button cameras, smart watches, and spy glasses (already here) are a daily occurrence in the office. Workplace #Wearables will be a huge challenge in the coming years as more devices, clothing and pret...
#IoT #IDM #SDAS #infosec As the Internet of Things continues to expand (and it is expanding rapidly) the issue of access to applications is going to get a lot more messy. One of the benefits of cloud, so I'm told, is it is "easy access" for everyone. Indeed, it matt...
You wouldn't think of having a Thanksgiving meal without pie... but did you know that that pie can be just as essential for development as it is for a hearty Thanksgiving feast?
The US Federal Communications Commission has recently reported that "theft of digital information has become the most commonly reported fraud, surpassing physical theft." Businesses can do a lot to protect themselves. The FCC issued a Tip Sheet for small businesses to promote employee ...
Enable continuous testing and expand test coverage and traceability by integrating API testing, service virtualization, and test environment management. We're excited to announce Parasoft's latest release: a consolidated platform uniting API testing, service virtualization, and test ...
Sporting a cool LineRate t-shirt, I show you how to find F5 booth 303 at AWS re:Invent. AWS re:Invent is a learning conference that offers 3 days of technical content so attendees can dive deeper into the AWS cloud computing platform. F5 storylines this week include an offering of a BI...
Despite the data privacy protections supposedly conferred by regulations like HIPAA and HITECH, consumers’ confidential health and personal information is still not safe enough. That’s the lesson to be learned from Franklin, TN-based Community Health Systems’ (CHS) August 18 regulatory...
The Amazon Web Services public infrastructure cloud is seeing massive adoption, and for good reason. Using AWS arms companies with advanced infrastructure that, in most cases, they could not possibly achieve in their own datacenters. In fact, According to Gartner, AWS has 5 times more ...
What do software testers most want to do while at work? What do software testers enjoy the most about their job? What do many testers struggle to find the time for each and every day? What’s absolutely critical to the success of your enterprise? There’s one simple answer to these ...
New deadline of September 19th to reflect new categories of IoT and FinTech London, UK - August 28th 2014 - The highly successful Tech Trailblazers Awards today announced a new bursary for early stage non VC backed startups, the Firestarter program. This has been created to ensure that...