Most Recent Blogs

Enterprises Are Not Monitoring Access to Sensitive Data

Posted: May 01, 2014   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Dell, Security and Privacy, Security, google, Centrify, CyberArk, Courion, Sailpoint, data security, Quest, Box, Symantec, Target, nsa, cybercrime, identity and access management, security analytics, Edward Snowden

If you want to make a cybersecurity professional uncomfortable, simply utter these two word: ‘Data exfiltration.’ Why will this term garner an emotional response? Because data exfiltration is a worst-case outcome of a cyber-attack – think Target, the NY Times, Google Aurora, Titan Rain, etc. Simply stated, ‘data exfiltration’ is a quasi-military term used to describe the theft of sensitive data like credit card numbers, health care records, manufacturing processes, or classified military plans.

Most enterprises now recognize the risks associated with data exfiltration and are now reacting with new types of security technologies, granular network segmentation, and tighter access controls. Good start but what about simply monitoring sensitive data access activities? You know, who accesses the data, how often, what they do, etc.?

Read More

“Cold” Topics at RSA that Should Receive More Attention

Posted: February 21, 2014   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, Security, cybersecurity skills shortage, google, Bradford Networks, Cybereason, LogRhythm, compliance, DHS, ForeScout, CybOX, Great Bay Software, Lancope, Edward Snowden, Facebook, FIDO

In my blog yesterday, I outlined the hot topics I anticipate at this year’s RSA Security Conference. Since the show is dominated by security vendors, the show hype will focus on products, services, and various technologies.

So what’s missing? A broader discussion on cybersecurity issues, trends, collective efforts, and best practices. Yes, these subjects will get some attention in presentations and break-out sessions but the show floor and cocktail party banter will lean toward a myopic security perspective around bits and bytes.

Read More

Good News and Bad News on Cybersecurity Priorities and Spending in 2014

Posted: February 10, 2014   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, Security, Mandiant, rsa conference, nsa, Edward Snowden, cyber attack

With the Winter Olympics in full-swing, the cybersecurity community anxiously awaits another global event, the 2014 RSA Conference. Like Sochi, the RSA Conference comes with its own controversy, but I still anticipate that most of the global information security glitterati will be in San Francisco two weeks hence.

Read More

Security Professionals Identify IT Risks Associated with Cloud Computing

Posted: January 28, 2014   /   By: Jon Oltsik   /   Tags: Cloud Computing, Information and Risk Management, McAfee, Security and Privacy, Security, Amazon, trend micro, CloudPassage, Target, nsa, Edward Snowden, privacy, Octa, HyTrust

It’s highly likely that cloud security will be one of the hot topics at this year’s RSA Security Conference coming up in February. Yes, there will surely be a lot of rhetoric and hype, but this is a very important topic for our industry to discuss as cloud computing continues to gain momentum with enterprise organizations.

While information security is still the primary concern around cloud computing, enterprise organizations aren’t holding back on deployment, albeit with non-sensitive workloads for the most part.

Read More

Organizations Remain Vulnerable to Insider Attacks

Posted: September 23, 2013   /   By: Jon Oltsik   /   Tags: Cloud Computing, Information and Risk Management, Security and Privacy, Security, malware, Booz Allen Hamilton, nsa, Edward Snowden, Anti-malware, APT

Over the past few years, the security community has focused its attention on attacks coming from Odessa, Tehran, and Beijing. On balance this is a good thing as we are learning more about our cyber adversaries. That said, what about insider attacks? Back around 2008, insider attacks were viewed as the most dangerous of all since insiders tend to know what they want, where it is, and how to get it.

Read More

Why Aren’t We Questioning the Effectiveness of the NSA Program?

Posted: June 11, 2013   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, Security, Booz Allen, saic, nsa, cybercrime, Edward Snowden

Full disclosure, I am extremely uncomfortable with the intrusive intelligence programs going on at NSA. If it weren’t for Edward Snowden and Mark Klein (former AT&T technician) we wouldn’t know about NSA activities on telephony and data networks. It makes you wonder what additional data the NSA is collecting that we don’t know about.

Beyond the privacy issue however, there are a few other fundamental questions here and I don’t hear anyone asking them. Allow me to chime in:

  1. How effective are these programs? PRISM is just one of several programs based upon data collection and mining. We’ve heard rhetoric about how these programs have protected us by detecting and preventing terrorist attacks but no one has provided any detail. Yeah, I know this is classified information but this means that we U.S. Citizens have to take the government’s word for it which has proved to be a fool’s choice in the past. We do know that in spite of these massive programs, the intelligence community missed the underwear bomber (spelling error in database), the Time Square bomber, and Tamerlan Tsarnaev. Given these “swings and misses,” how often did the intelligence community deliver base hits?
  2. How much does it cost? The NSA budget is classified but you've got to figure that the U.S. is spending multiple billions of dollars on data collection, storage, and mining. Heck, the NSA is building a $1.2 billion data center in Utah, capable of holding yottabytes of data. Big dollars for government integrators but is this investment really worth it in an era of budget deficits and bridges falling apart? Without an answer to question #1, we can’t understand whether we are throwing good money after bad to keep K Street lobbyists and “Beltway Bandits” fat and happy.
  3. How secure are these programs? In my mind, Booz Allen has a bit more explaining to do. How was Edward Snowden, a new employee, able to walk out the door with classified data so easily? At a higher level, how many others working at L3, CACI, and SAIC could expose similar data to the press or sell it to Iran, North Korea, or other nations? A disgruntled worker could make the damage caused by Bradley Manning look like nothing.
Read More

Posts by Topic

see all