Why It’s Never Too Soon to Think about IPv6 Network Management


Most network managers are still many years away from turning on Internet Protocol version 6 (IPv6) in their enterprise local area networks (LANs). Private non-routable IPv4 address ranges can happily exist behind a network address translation (NAT) gateway for the foreseeable future. However, things could change. At any time, someone above your pay grade might [...]



By | September 9th, 2015|Featured, IT Management, Shamus McGillicuddy|0 Comments

Security Awareness Programs Are Not just For Compliance


I see a significant gap in not only how the need for Security Awareness training is perceived as needed but also in the general quality of the programs and training delivered vs other types of training.  In many cases small companies avoid security awareness training due to ignorance, cost fears, or fears it will stifle [...]



By | January 16th, 2014|David Monahan, IT Management, Security|0 Comments

Security in 2013: Intelligence, Integration…and the Integration of Intelligence


In my last post, I talked about the frustration that enterprises have with the lack of integration among security tactics – an egregious gap attributable in no small way to the extremely fragmented nature of the IT security industry itself. I offered a few examples of approaches that seek to close these gaps and equip [...]



By | April 5th, 2013|IT Management, Scott Crawford, Security|0 Comments

Security in 2013: Integration…and What You Will (and Won’t) See at RSA


It’s that time of year again, when New Year’s prognostications give way to a similar level of noise about what to look for at the RSA Conference.  There are always recurring themes to the latter. There is always much talk of the latest attack, or class of attack, that will drive where security should go. [...]



By | February 22nd, 2013|IT Management, Scott Crawford, Security|0 Comments

EMA 2011 Hosted Message Security Services Radar: HMS as a Center of Gravity for Security as a Service


In 2010, we published our research report on Security as a Service, examining the expansion of managed and professional IT security services, as well as the growth in what the report called “Security SaaS” or hosted security technologies. This report captured the appeal of hosted technologies that offer a number of advantages over on-premises approaches. [...]



By | June 24th, 2011|IT Management, Scott Crawford, Security|0 Comments

RSA 2011: A Thumbnail Peek at the Coming Week


One of nature’s great migrations will take place once again next week as the IT security world makes its annual pilgrimage to the RSA Conference in San Francisco. (And yes, dear, it means Valentine’s Day spent with a buncha geeks and suits rather than you…go figure.) Herewith a glimpse of some of the main things [...]



By | February 9th, 2011|Scott Crawford|0 Comments

The Rise of Data-Driven Security, Part 4: The Case for the Fourth Paradigm


When I first cut my teeth in IT security some years ago, I was a systems administrator for a division of the University Corporation for Atmospheric Research, the parent of the National Center for Atmospheric Research here in Boulder. UCAR/NCAR is what Gordon Bell calls a “data place” – an organization whose mission in part [...]



By | January 27th, 2011|Scott Crawford|0 Comments

The Rise of Data-Driven Security, Part 3: Security Management and Strategy


In the first two installments in this series, I looked at the rise of Tactical security defenses that are becoming more directly reliant on dynamic data feeds Data sources and emerging data markets to serve both security tactics and security intelligence In this post, I’ll look at the third aspect of data-driven security emerging today, and [...]



By | January 20th, 2011|Scott Crawford|0 Comments

A New Security Paradigm: HCIA


In a recent post, I talked about the security value of IT management disciplines such as configuration and change control. I pointed to evidence we had gathered here at EMA that support the security and IT risk management values of taking a strong approach to defining change management objectives, actually implementing them in practice, monitoring [...]



By | November 10th, 2010|Scott Crawford|0 Comments

Security: Going Beyond No, Part 2: Getting to Yes


In my last post, I talked about getting beyond “the business of no” in security, to a more effective and thorough approach in which organizations define their objectives, actually implement them, maintain visibility into the environment for consistency with those objectives or activity that could indicate threats, and respond accordingly. This more mature approach is [...]



By | August 31st, 2010|Scott Crawford|0 Comments
Load More Posts