Most Recent Blogs

My Thoughts on the NY Times Security Breach

Posted: February 01, 2013   /   By: Jon Oltsik   /   Tags: IBM, Information and Risk Management, Sourcefire, FireEye, Security and Privacy, Security, big data security analytics, RSA, cybercrime, Damballa, APT, advanced persistent threat

As a former New Yorker and regular reader of the New York Times, I was appalled when I read about the recent security breach yesterday. Appalled but not surprised. Regardless of the security talents and controls implemented at the NY Times, the bad guys were easily able to find a back door or open window and get inside.

Read More

Advanced Malware Protection: Network or Host?

Posted: July 30, 2012   /   By: Jon Oltsik   /   Tags: Check Point, Palo Alto Networks, Fortinet, Cisco, Information and Risk Management, Juniper, Sourcefire, FireEye, McAfee, Enterprise Software, mobile, Security and Privacy, Security, bromium, Invincea, Fidelis, Bit9, Anti-malware, Damballa, APT, advanced persistent threat, Trend M, Countertack

Large organizations have legitimate cause for concern. Malware creation and proliferation is increasing rapidly as cyber criminals and state-sponsored organizations create the next round of APTs, botnets, Trojans, and rootkits. What's more, we've entered the era of micro attacks designed to compromise a targeted organization, business unit, or individual.

Read More

Cybersecurity Legislation and APTs

Posted: July 23, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, cybercrime, APT, advanced persistent threat, president obama, cybersecurity legislation

We are entering a new phase in the lengthy cybersecurity legislation saga. Last Thursday, Senators Lieberman (I-CT), Collins (R-ME), Rockefeller (D-WV), and Carper (D-DE) introduced the revised Cybersecurity Act of 2012 out of the Homeland Security and Government Affairs Committee. Old name, but the new bill (S.3414) is a true compromise. Rather than mandating that critical infrastructure organizations comply with a DHS cybersecurity framework, the new bill provides incentives to organizations that comply with cybersecurity best practices voluntarily. Furthermore, the new bill borrows from the best of the Republican-sponsored alternative, SecureIT Act, as well as some of the more palatable measures outlined in the controversial CyberInformation Sharing & Protection Act (CISPA).

As of today (Monday, July 23, 2012), there is no schedule for debate or a vote, but President Obama already declared his support for the new bill and publicized his opinion in the Wall Street Journal.

Read More

The Advanced Malware Detection/Prevention Market

Posted: July 10, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Endpoint & Application Virtualization, IT Infrastructure, Networking, Information and Risk Management, FireEye, Security and Privacy, malware, Mandiant, trend micro, Invincea, cybercrime, Damballa, APT, advanced persistent threat, SSL, Countertack

I've been thinking a lot about the Advanced Malware Detection/Prevention (AMD/P) market lately. This market is most often associated with Advanced Persistent Threats (APTs) and vendors like Countertack, Damballa, FireEye, Invincea, and Trend Micro.

Read More

Cybersecurity Bill Soap Opera

Posted: March 21, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, APT, advanced persistent threat, president obama, senator joseph lieberman

It's been about a month since I last blogged about cybersecurity legislation, so here's a brief review of where we stand.

Read More

Should Congress Pass Cybersecurity legislation? Let Us Know What You Think!

Posted: February 17, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, APT, advanced persistent threat, Critical Infrastructure

In my most recent note-to-congress-pass-cybersecurity-legislation-now/index.html">blog, I got on my soapbox and stated my opinion that Congress should pass cybersecurity legislation to better protect U.S. Critical Infrastructure as soon as possible.

Read More

Note to Congress: Pass Cybersecurity Legislation Now

Posted: February 16, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, advanced persistent threat, senator joseph lieberman, Critical Infrastructure, Critical Infrastructure Protection

Earlier this week, the Senate Homeland Security and Government Affairs Committee (HSGAC) introduced a cybersecurity bill that would outline the Department of Homeland Security's responsibilities for overseeing cybersecurity at privately-owned critical infrastructure organizations.

Read More

Cybersecurity Lessons from the Battlefields of Europe

Posted: January 31, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, security intelligence, security analytics, APT, advanced persistent threat

At the beginning of WWI, battlefield tactics had not advanced much since the U.S. Civil War. The general goal was to continually advance on the enemy with waves of infantry attacks and eventually break through the lines by overwhelming enemy defenses.

Read More

ESG Video Highlights APT Research

Posted: January 05, 2012   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, malware, APT, advanced persistent threat

I've written many blogs about the recently-published ESG Research Report, U.S. Advanced Persistent Threat Analysis, but there is a lot of data I haven't detailed. Since I can talk faster than I can type, ESG just posted this video that highlights the report data and some of its most important implications.

Read More

2012 Should Be The Year Of Security Incident Response

Posted: January 03, 2012   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, SIEM, incident response, log management, APT, advanced persistent threat

According to ESG Research, 20% of large organizations are certain that they've been the target of an APT attack while another 39% say that it is likely they have been targeted. Can organizations detect and react to sophisticated attacks like APTs?

Read More

Posts by Topic

see all