We have long been fans of security awareness training. Employees remain the last line of defense, and in all too many cases, those defenses fail. There are many challenges facing security awareness programs, and over the past 5 years, we’ve seen modest improvement in some of those areas. But few organizations rave about their security awareness training, which means we still have work to do. In this paper, Making an Impact with Security Awareness Training, we will put the changes of the last few years into proper context, and lay out our thoughts on how security awareness training needs to evolve to provide sustainable risk reduction.
With the continuing insatiable demand for network bandwidth, networks continue growing to address that demand every year, which stresses our ability to protect them. But network security solutions still need to inspect and enforce policies, regardless of how fast the network gets. Looking for attack patterns on today’s networks requires an entirely different amount of computing power than it did in the old days. So an essential requirement is to ensure that your network security controls can keep pace with network bandwidth. In this Scaling Network Security paper, we will look at where secure networking started and why it needs to change. We present requirements for today’s networks which take you into the future. Finally, we wrap up the paper with some architectural constructs that can help scale up your network security controls.
With the continued challenge of detecting attacks and the increasing focus on detection and response, it’s time to take a step back and make sure that the efforts (and investments) are done with an eye towards a more strategic means of making decisions about how to allocate scarce security resources and which alerts need which priority. In this paper, we present our ideas around achieving true enterprise visibility, what role analytics plays in the decision making process, and finally how to Evolve to Security Decision Support.