Most Recent Blogs

Enterprises Are Not Monitoring Access to Sensitive Data

Posted: May 01, 2014   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Dell, Security and Privacy, Security, google, Centrify, CyberArk, Courion, Sailpoint, data security, Quest, Box, Symantec, Target, nsa, cybercrime, identity and access management, security analytics, Edward Snowden

If you want to make a cybersecurity professional uncomfortable, simply utter these two word: ‘Data exfiltration.’ Why will this term garner an emotional response? Because data exfiltration is a worst-case outcome of a cyber-attack – think Target, the NY Times, Google Aurora, Titan Rain, etc. Simply stated, ‘data exfiltration’ is a quasi-military term used to describe the theft of sensitive data like credit card numbers, health care records, manufacturing processes, or classified military plans.

Most enterprises now recognize the risks associated with data exfiltration and are now reacting with new types of security technologies, granular network segmentation, and tighter access controls. Good start but what about simply monitoring sensitive data access activities? You know, who accesses the data, how often, what they do, etc.?

Read More

Has Mobile Computing Had a Positive Impact on Cybersecurity?

Posted: March 11, 2014   /   By: Jon Oltsik   /   Tags: IBM, MDM, Cisco, Information and Risk Management, Juniper, HP, mobile, Security and Privacy, Security, endpoint security, Bradford Networks, Mobile computing, Box, Dropbox, Aruba, Vormetric, ForeScout, Veracode, Great Bay Software, NAC

I’ve heard the same story from a multitude of CISOs: “As soon as we agreed to support BYOD and mobile devices, all hell broke loose!” How? All of a sudden there were hundreds or thousands of new devices accessing the corporate network. Many of these devices were employee-owned, unmanaged, and full of questionable applications. What’s more, users were now working on multiple devices and moving sensitive data between Windows PCs, iPads, Android phones, and a slew of online file sharing sites like Box, Dropbox, and iCloud. Holy threat and vulnerability, Batman!

Most enterprise organizations are now way past this early period of mobile security chaos. Yes, there are still plenty of challenges associated with mobile computing security, but did preliminary mobile computing anarchy have any positive impact on information security in the long run? In other words, did the initial mobile computing fire drills actually help CISOs recognize risks and address systemic weaknesses?

Read More

IT's Consumerization Compliance Conundrum

Posted: March 16, 2012   /   By: Steve Duplessie   /   Tags: Information and Risk Management, Security and Privacy, Amazon, Box, Dropbox

Special thanks to Terri McClure for coming up with this one.

Read More

Files Are Killing IT - And Creating A New Market Opportunity

Posted: March 06, 2012   /   By: Steve Duplessie   /   Tags: IBM, Storage, Netapp, EMC, IT Infrastructure, HP, Box, Dropbox

Data growth is what destroys everything in IT operationally. If data stopped growing, you could actually fix all of your issues once and for all. You would be stable. What a concept!

Read More

Posts by Topic

see all