Blog

Quick Wins with DLP Webcast Next Week

By Rich
Next week I will be giving a webcast to complement my Quick Wins with Data Loss Prevention paper. This is a bit different than when I usually talk about DLP – it’s focused on showing immediate value, while also positioning for long term success. Like the paper it’s sponsored by McAfee. We’re holding it at 11am PT on May 25, and you can register by clicking here. Here’s the full description: Quick Wins with DLP – How to Make DLP Work for You Date: May 25, 2010 Time: 11am PDT / 2pm EDT When used properly, Data Loss Prevention (DLP) provides rapid

Privacy Is (Still) Personal

By Rich
I want to respond to something Adam wrote about Facebook over at Emergent Chaos, but first I’m going to excerpt my own article from TidBITS: Privacy is Personal – In the Information Age, determining what you want others to know about you isn’t always a simple decision. Aside from the potential tradeoffs of avoiding particular features or services, we all have different thresholds for what we are comfortable sharing. It’s also extremely difficult to control our information even when we do make informed decisions, and often impossible to eradicate information that escaped our control before we realized the

Australian Border Security Insanity

By Rich
Australia is my second-favorite place on the planet to visit (New Zealand is first). But it’s a darn good thing I’m not a porn fiend, since they now require you to declare porn at the border, and, well, here’s a quote: Australian customs officers have been given new powers to search incoming travellers’ laptops and mobile phones for pornography, a spokeswoman for the Australian sex industry says. … Fiona Patten, president of the Australian Sex Party, is demanding an inquiry into why a new question appears on Incoming Passenger Cards asking people if they are carrying “pornography”. They

Oracle Buys Secerno

By Adrian Lane
This morning Oracle announced that it has entered into an agreement to acquire Secerno, the UK-based Database Activity Monitoring firm. Oracle posted a FAQ on the acquisition with some generic data points. Terms of the deal have not been disclosed and, knowing Oracle, won’t be. Many of us in the security industry are chuckling at this purchase as Oracle – at least to customers – has been disparaging Database Activity Monitoring technologies as a whole and pushing Audit Vault as an equivalent solution. But when your database is Unbreakable™, maybe you don’t need a database firewall, eh? Seriously, DAM

Lessons from LifeLock’s Lucky 13

By Mike Rothman
Much of the buzz around the security industry this week revolved around Wired’s story about LifeLock’s CEO getting his identity stolen not once (which we knew about), but an additional 12 times. Guess 13 is not Todd Davis’ lucky number. Obviously the media blitz posting this guy’s Social Security number on buses, TV, and other mass media made this guy target #1. And the reality is no identity protection network is going to be foolproof for a pretty simple reason. The companies issuing credit don’t always check for fraud alerts, so a fraud alert may not be triggered when

How to Survey Data Security Outcomes?

By Rich
I received a ton of great responses to my initial post looking for survey input on what people want to see in a data security survey. The single biggest request is to research control effectiveness: which tools actually prevent incidents. Surveys are hard to build, and while I have been involved with a bunch of them, I am definitely not about to call myself an expert. There are people who spend their entire careers building surveys. As I sit here trying to put the question set together, I’m struggling for the best approach to assess outcome effectiveness, and figure

Symantec’s Identity Crisis

By Mike Rothman
After a year at the helm of Symantec, it seems Enrique Salem is taking a big page out of his predecessor’s playbook, basically buying everything that isn’t chained to the wall. The latest is a $1.28 billion deal to acquire VeriSign’s security business, which consists of the SSL and authentication arms. The price seems fair, at about 4x revenue, so at least the Big Yellow is not overpaying, but so close on the heels of the encryption deals we really have to wonder about the timing. It’s hard to believe the VRSN security businesses were a hot

Incite 5/19/2010: Benefits of Bribery

By Mike Rothman
Don’t blink – you might miss it. No I’m not talking about my prowess in the bedroom, but the school year. It’s hard to believe, but Friday is the last day of school here in Atlanta. What the hell? It feels like a few weeks ago we put the twins’ name tags on, and put them on the bus for their first day of kindergarten. The end of school also means it’s summertime. Maybe not officially, but it’s starting to feel that way. I do love the summer. The kids do as well, and what’s

Understanding and Selecting SIEM/LM: Business Justification

By Mike Rothman
It’s time to resume our series on Understanding and Selecting a SIEM/Log Management solution. We have already discussed what problems this technology solves, with Use Cases 1 & Use Cases 2, but that doesn’t get a project funded. Next we need to focus on making the business case for the project and examine how to justify the investment in bean counter lingo. End User Motivations and Business Justification Securosis has done a lot of work on the motivation for security investments. Unfortunately our research shows budgets are allocated to visceral security issues people can see and feel, rather than

Is Twitter Making Us Dumb? Bloggers, Please Come Back

By Rich
When I first started the Securosis blog back in 2006 I didn’t really know what to expect. I already had access to a publishing platform (Gartner), and figured blogging would let me talk about the sorts of things that didn’t really fit my day job. What I didn’t expect, what totally stunned me, was the incredible value of participating in a robust community holding intense debates, in the open, on the permanent record. Debates of the written word, which to be cogent in any meaningful way take at least a little time to cobble together and spell check.
Page 205 of 324 pages ‹ First  < 203 204 205 206 207 >  Last ›