Most Recent Blogs

Enterprises Need to Improve IT Vendor Risk Management

Posted: December 03, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, incident detection and response

cybersecurityI had the pleasure of attending a presentation given by Dr. Ron Ross, a fellow at the National Institute of Standards and Technology (NIST). Ron’s areas of specialization include information security, risk management, and systems security engineering.

Read More

Enterprises Need Advanced Incident Prevention

Posted: June 25, 2015   /   By: Jon Oltsik   /   Tags: incident detection and response, NAC, incident prevention

digital_lockGiven the booming state of the cybersecurity market, industry rhetoric is at an all-time high. One of the more nonsensical infosec banalities goes something like this: Cybersecurity has always been anchored by incident prevention technologies like AV software, firewalls, and IDS/IPS systems, but sophisticated cyber-adversaries have become extremely adept at circumventing status quo security controls. Therefore, organizations should give up on prevention and focus all their attention on incident detection and response.

Now I certainly get the logic of this platitude. Yes, the bad guys do know how to get around our defenses and organizations should in fact improve their detection and response capabilities. But abandon or minimize incident prevention? Poppycock! 

Read More

What IBM Can Learn from Its Own Cybersecurity Business

Posted: October 29, 2014   /   By: Jon Oltsik   /   Tags: IBM, Cybersecurity, incident detection and response

IBM’s fortunes in cybersecurity improved substantially when it abandoned its internally-focused strategy and built a business to meet customer requirements.

Read More

Big Data Security Analytics Can Become the Nexus of Information Security Integration

Posted: June 10, 2014   /   By: Jon Oltsik   /   Tags: Data Management & Analytics, Information and Risk Management, Security and Privacy, risk management, incident detection and response, big data security analytics, enterprise security

In a recent ESG research survey, security professionals working at enterprise organizations (i.e., more than 1,000 employees) were asked the following question: How do you believe that your organization will change its security technology strategy decisions in any of the following ways over the next 24 months in order to improve its security management? In response:

Read More

Posts by Topic

see all