Facebook’s Threat Intelligence Sharing Potential

Enterprise organizations are actively consuming external threat intelligence, purchasing additional threat intelligence feeds, and sharing internally-derived threat intelligence with small circles of trusted third-parties. Based upon these trends, it certainly seems like the threat intelligence market is well-established but in this case, appearances are far from reality.

Topics: Cybersecurity Facebook threat intelligence sharing

Managing IT Risk Associated with Mobile Computing Security

When BYOD was coming to fruition a few years ago, it had a sudden and deep impact on IT risk. Why? Many CISOs I spoke with at the time said it was purely a matter of scale. All of a sudden, large enterprises had thousands of additional devices on their networks and they struggled to figure out what these devices were doing and how these activities impacted organizational risk.

Topics: IBM End-User Computing Check Point Fortinet Cisco Information and Risk Management mobile Security and Privacy Security BYOD Citrix data security Fiberlink android Dropbox Good Technology Airwatch Blue Coat CISO Bit9 Anti-malware Facebook

“Cold” Topics at RSA that Should Receive More Attention

In my blog yesterday, I outlined the hot topics I anticipate at this year’s RSA Security Conference. Since the show is dominated by security vendors, the show hype will focus on products, services, and various technologies.

So what’s missing? A broader discussion on cybersecurity issues, trends, collective efforts, and best practices. Yes, these subjects will get some attention in presentations and break-out sessions but the show floor and cocktail party banter will lean toward a myopic security perspective around bits and bytes.

Topics: Information and Risk Management Security and Privacy Security cybersecurity skills shortage google Bradford Networks Cybereason LogRhythm compliance DHS ForeScout CybOX Great Bay Software Lancope Edward Snowden Facebook FIDO

Social Analytics, Facebook, and $19 BILLION

Over the last years, I’ve had the pleasure of having lunch with LinkedIn’s founder Reid Hoffman, hearing Twitter’s CEO speak, dinner with SnapChat investors, and many other meetings or casual conversations with people closely involved with or passionate about popular social networking services.

Last week at Strata there was a lot of talk about “people are data,” integrating social data, and how analytics could provide a far deeper understanding of your business and clients.

Topics: IBM Analytics Data Management & Analytics Enterprise Software social Facebook

Can the FIDO Alliance Act as a Game-Changer and Help Obsolete User Name/Password Authentication?

It seems like yesterday when I was logging onto the VAX system at my alma mater UMass so I could work on a market research project with a statistics program. When my time slot came up, I would sit in front of a VT100 terminal, input my username and password, and voila – a timesharing session at the cutting-edge of high tech.

Well this memory may seem recent but in truth it was back in the mid-1980s. I probably had a mullet and was hankering to listen to Flock of Seagulls at the time. The VAX, mullet, and new wave music are now ancient history but we’re still using user names and passwords for authentication most of the time.

Topics: IBM Apple Microsoft End-User Computing Information and Risk Management mobile Security and Privacy Security google Lenovo endpoint security mobile device multi-factor authentication RSA Security Facebook

RSA Security Conference 2013: The Most Important RSA Ever?

It wasn’t long ago that the annual RSA Security Conference was an oasis from mainstream IT. While CIOs were focused on business process automation, the RSA crowd was celebrating technologies like DLP, web security, and key management. Yup, security was an under-funded IT stepchild and the RSA Conference was still centered on bits and bytes.

That was then, this is now and cybersecurity is everywhere – newspapers, magazines, television news, etc. Off the top of my head, here are some of the big cybersecurity news stories from the first two months of 2013:

Topics: Apple Information and Risk Management Security and Privacy Security Mandiant rsa conference cybercrime Facebook Barack Obama DoD