Most Recent Blogs

Big Data Security Analytics Meets Identity and Access Management (IAM)

Posted: May 19, 2014   /   By: Jon Oltsik   /   Tags: IBM, End-User Computing, Data Management & Analytics, Information and Risk Management, Enterprise Software, Security and Privacy, Security, big data security analytics, Courion, Sailpoint, compliance, IAM, Governance, cybercrime, Anti-malware

While most enterprise organizations have SIEM installed, they now realize that these venerable security systems cannot address today’s dangerous threat landscape alone. As a result, many are adding network forensics and big data analytics systems for capturing, processing, and analyzing a whole bunch of additional security data.

In the majority of cases, big data security analytics systems are applied to data such as network packets, packet metadata, e-mails, and transaction systems to help security teams detect malware, phishing sites, and online fraud. Great start, but I’m starting to see another burgeoning focus area – IAM. Of course, many large organizations have IAM tools for user provisioning, SSO, and identity governance, but tracking all the instantiations of user activity remains elusive. In a recent ESG research survey, security professionals were asked to identify their weakest area of security monitoring. More than one-quarter (28%) pointed to “user behavior activity monitoring/visibility,” – the highest percentage of all categories.

Read More

Software Defined Everything (SDM) Includes Management

Posted: March 25, 2014   /   By: ESG   /   Tags: Cloud Computing, cloud, Private Cloud Infrastructure, compliance, Governance, Public Cloud Service

I find it fascinating that when new technologies are invented that are designed to improve efficiency and drive down costs, they end up having the reverse effect – especially the more disruptive ones. Let’s take cloud computing as an example. On the one hand, it provides an enterprise this wonderful ability to offload all of the basal tasks of ordering, installing, and configuring server/storage/network stacks with virtualization and potentially guest OSs on them. This alone is non-trivial and time consuming. For some of the more advanced clouds, you can actually change the size of (virtual) memory, processor, or storage sizes on the fly! What about patching? Hot patching anyone? Automated patches and updates for the core technology such as the guest OSs? These are additional, great benefits found on some cloud providers. And this is just the easy stuff. What happens when a VM becomes a zombie? Who finds, kills, and restarts the zombie? The list goes on …

Now what happens if you realize that one cloud platform was really great for development and scale testing, but when it came to the operational standard that has come to be expected in the enterprise, it can’t be easily replicated on that provider so you decide to build and test on one cloud and deploy on another? Oh and wait … what if you also want to be able to standup just enough to get by on-premises for a last resort, disaster recovery location?

Read More

“Cold” Topics at RSA that Should Receive More Attention

Posted: February 21, 2014   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, Security, cybersecurity skills shortage, google, Bradford Networks, Cybereason, LogRhythm, compliance, DHS, ForeScout, CybOX, Great Bay Software, Lancope, Edward Snowden, Facebook, FIDO

In my blog yesterday, I outlined the hot topics I anticipate at this year’s RSA Security Conference. Since the show is dominated by security vendors, the show hype will focus on products, services, and various technologies.

So what’s missing? A broader discussion on cybersecurity issues, trends, collective efforts, and best practices. Yes, these subjects will get some attention in presentations and break-out sessions but the show floor and cocktail party banter will lean toward a myopic security perspective around bits and bytes.

Read More

The Enterprise Security Model Is Experiencing “Death by a Thousand Cuts”

Posted: August 15, 2013   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, Information and Risk Management, Security and Privacy, Security, endpoint security, enterprise security, compliance, CISO, mssp, security operations, security services, CISSP, identity management

If enterprise security were an automobile it would be a Ford Taurus circa 1995. Good car way back when and still running but burning oil, barely passing inspection, and held together by bondo today.

Read More

The Curse of Compliance

Posted: February 20, 2013   /   By: Jon Oltsik   /   Tags: IBM, Information and Risk Management, Sourcefire, FireEye, Security and Privacy, Security, big data security analytics, LogRhythm, compliance, trend micro, Symantec, RSA Security, Solera Networks, Damballa

I used to work with a guy who was significantly overweight. I ran into him in the cafeteria one day and he mentioned that his doctor recommended that he eschew large lunches in favor of lighter foods like salads. He proceeded to the salad bar where he buried a few greens, onions, and tomatoes under a mountain of cheese, deli meats, and blue cheese dressing.

Read More

Posts by Topic

see all