Most Recent Blogs

Goodbye NAC, Hello Software-defined Perimeter (SDP)

Posted: November 15, 2016   /   By: Jon Oltsik   /   Tags: Network Security, Cybersecurity, NAC, SDP

digital_lock.jpgThose of use who’ve been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco’s network admission control (a.k.a. Cisco NAC), Microsoft’s network access protection (NAP), and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).

Read More

Enterprises Need Advanced Incident Prevention

Posted: June 25, 2015   /   By: Jon Oltsik   /   Tags: incident detection and response, NAC, incident prevention

digital_lockGiven the booming state of the cybersecurity market, industry rhetoric is at an all-time high. One of the more nonsensical infosec banalities goes something like this: Cybersecurity has always been anchored by incident prevention technologies like AV software, firewalls, and IDS/IPS systems, but sophisticated cyber-adversaries have become extremely adept at circumventing status quo security controls. Therefore, organizations should give up on prevention and focus all their attention on incident detection and response.

Now I certainly get the logic of this platitude. Yes, the bad guys do know how to get around our defenses and organizations should in fact improve their detection and response capabilities. But abandon or minimize incident prevention? Poppycock! 

Read More

Has Mobile Computing Had a Positive Impact on Cybersecurity?

Posted: March 11, 2014   /   By: Jon Oltsik   /   Tags: IBM, MDM, Cisco, Information and Risk Management, Juniper, HP, mobile, Security and Privacy, Security, endpoint security, Bradford Networks, Mobile computing, Box, Dropbox, Aruba, Vormetric, ForeScout, Veracode, Great Bay Software, NAC

I’ve heard the same story from a multitude of CISOs: “As soon as we agreed to support BYOD and mobile devices, all hell broke loose!” How? All of a sudden there were hundreds or thousands of new devices accessing the corporate network. Many of these devices were employee-owned, unmanaged, and full of questionable applications. What’s more, users were now working on multiple devices and moving sensitive data between Windows PCs, iPads, Android phones, and a slew of online file sharing sites like Box, Dropbox, and iCloud. Holy threat and vulnerability, Batman!

Most enterprise organizations are now way past this early period of mobile security chaos. Yes, there are still plenty of challenges associated with mobile computing security, but did preliminary mobile computing anarchy have any positive impact on information security in the long run? In other words, did the initial mobile computing fire drills actually help CISOs recognize risks and address systemic weaknesses?

Read More

BYOD Security Gotchas

Posted: May 30, 2012   /   By: Jon Oltsik   /   Tags: Cisco, Information and Risk Management, Security and Privacy, Security, BYOD, endpoint security, android, Juniper Networks, NAC, mobile device, CISO, Extreme Networks, iPad, Enterasys

I've spent a fair amount of time lately on BYOD (Bring Your Own Device), mobile devices, and related issues around information/cyber security. Yes, we are still firmly in the hype cycle but some mobile device security patterns are starting to emerge.

Read More

Posts by Topic

see all