Most Recent Blogs

NY State Cybersecurity Regulations: Who Wins?

Posted: February 23, 2017   /   By: Jon Oltsik   /   Tags: Cybersecurity, CISO, IAM, encryption, SOAPA, financial services, DFS 23 NYCRR 500

hero-newyork.jpgAs you probably know by now, on February 16, the State of New York’s Department of Financial Services (DFS) finalized its new cybersecurity regulations which take effect on March 1, 2017. 

Read More

Crypto:  Nominated to the Cybersecurity Canon

Posted: July 19, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, encryption, PKI, data privacy

security_books.jpgIf you are a cybersecurity professional or interested in cybersecurity at all, you should be familiar with the Cybersecurity Canon. Just what is a Canon? There are lots of definitions but that one that applies here is, “a sanctioned or accepted group or body of related works.” With this definition in mind, the stated goal of the Cybersecurity Canon is:

“To identify a list of must-read books for all cybersecurity practitioners -- be they from industry, government, or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.”

Read More

Data and Identity: Two New Security Perimeters

Posted: April 04, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, identity, data security, encryption

critical-infrastructure-city.jpgCISOs tend to spend the bulk of their cybersecurity technology budgets on endpoint, server, and network security controls. This makes sense from a historical perspective, but these IT assets are in a state of flux today. Endpoints are often mobile devices rather than Windows PCs, while servers are virtual or cloud-based workloads. Meanwhile, networks are also moving to a virtual model composed of public and private network segments.

Read More

Apple vs. DOJ Doesn’t Really Matter

Posted: February 19, 2016   /   By: Jon Oltsik   /   Tags: Cybersecurity, encryption, crytography

apple encryptionAnyone remember the Crypto wars of the 1990s? Back in the early 1990s, the U.S. placed strict regulations on the exportation of cryptography and even put encryption technologies it on the munitions list as auxiliary military equipment. This restriction was a real burden to software firms like Lotus, Microsoft, and Novell as they wanted to offer data confidentiality and integrity features for PC users. Eventually the NSA offered a compromise by approving a weak 40-bit encryption algorithm for export purposes.

Read More

Oracle M7 Enhances CPU-level Security

Posted: October 27, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, Oracle, encryption, SPARC

software-definedAs summer turned to fall, the IT industry got together at VMworld and then Re:Invent to celebrate cloud computing. This translated to software-defined everything – data centers, networking, storage, etc.

Read More

Dell’s Most Secure PC Initiative Presents a New Opportunity

Posted: September 06, 2013   /   By: Jon Oltsik   /   Tags: IBM, EMC, Cisco, Information and Risk Management, HP, Dell, Security and Privacy, Security, Kaspersky Lab, trend micro, Symantec, Invincea, antivirus, Sophos, Anti-malware, encryption

When it comes to selling PCs to business organizations, Dell has long held a well-deserved reputation for aggressive pricing, tailored customization services, and strong customer service. Okay, but what about endpoint security? In the past, Dell sales reps would simply open their catalog and let the customer choose from a vast list of partner options. Want AV software, full-disk encryption, or biometric authentication? Dell would simply ask its customers to choose dozen of partner options in each area.

Read More

It's Time for an Enterprise Encryption Strategy

Posted: March 16, 2012   /   By: Jon Oltsik   /   Tags: Information and Risk Management, Security and Privacy, Vormetric, Symantec, CISO, Intel, NIST, encryption

A few years ago, I began writing and talking about data encryption management problems on the horizon. I was right about the issues, but a bit aggressive on the timing. Based on what I'm seeing lately, however, the encryption management sky may finally be falling (or at least starting to fall).

Read More

Posts by Topic

see all