www.enterprisemanagement.com
posted by Scott Crawford   | April 5, 2013 | 0 Comments

arrows_opposite_directions_300x190px

In my last post, I talked about the frustration that enterprises have with the lack of integration among security tactics – an egregious gap attributable in no small way to the extremely fragmented nature of the IT security industry itself. I offered a few examples of approaches that seek to close these gaps and equip...

Read More »



Posted in IT Management, Scott Crawford, Security Tags: , , , , , , ,



posted by Scott Crawford   | February 22, 2013 | 0 Comments

4-puzzle_pieces

It’s that time of year again, when New Year’s prognostications give way to a similar level of noise about what to look for at the RSA Conference.  There are always recurring themes to the latter. There is always much talk of the latest attack, or class of attack, that will drive where security should go....

Read More »



Posted in IT Management, Scott Crawford, Security Tags: , , , , , , ,



posted by Scott Crawford   | June 24, 2011 | 0 Comments

Radar Sample Logo

In 2010, we published our research report on Security as a Service, examining the expansion of managed and professional IT security services, as well as the growth in what the report called “Security SaaS” or hosted security technologies. This report captured the appeal of hosted technologies that offer a number of advantages over on-premises approaches....

Read More »



Posted in IT Management, Scott Crawford, Security Tags: , ,



posted by Scott Crawford   | February 9, 2011 | 0 Comments

RSA2010 logo STACK text

One of nature’s great migrations will take place once again next week as the IT security world makes its annual pilgrimage to the RSA Conference in San Francisco. (And yes, dear, it means Valentine’s Day spent with a buncha geeks and suits rather than you…go figure.) Herewith a glimpse of some of the main things...

Read More »



Posted in Scott Crawford Tags: , , , ,



posted by Scott Crawford   | January 27, 2011 | 0 Comments

fourthParadigm1-c

When I first cut my teeth in IT security some years ago, I was a systems administrator for a division of the University Corporation for Atmospheric Research, the parent of the National Center for Atmospheric Research here in Boulder. UCAR/NCAR is what Gordon Bell calls a “data place” – an organization whose mission in part...

Read More »



Posted in Scott Crawford Tags: , ,



posted by Scott Crawford   | January 20, 2011 | 0 Comments

Data driven security graphic

In the first two installments in this series, I looked at the rise of Tactical security defenses that are becoming more directly reliant on dynamic data feeds Data sources and emerging data markets to serve both security tactics and security intelligence In this post, I’ll look at the third aspect of data-driven security emerging today, and...

Read More »



Posted in Scott Crawford Tags: , , ,



posted by Scott Crawford   | November 10, 2010 | 0 Comments

HCIA-150x150

In a recent post, I talked about the security value of IT management disciplines such as configuration and change control. I pointed to evidence we had gathered here at EMA that support the security and IT risk management values of taking a strong approach to defining change management objectives, actually implementing them in practice, monitoring...

Read More »



Posted in Scott Crawford Tags: , ,



posted by Scott Crawford   | August 31, 2010 | 0 Comments

VisOps-l2

In my last post, I talked about getting beyond “the business of no” in security, to a more effective and thorough approach in which organizations define their objectives, actually implement them, maintain visibility into the environment for consistency with those objectives or activity that could indicate threats, and respond accordingly. This more mature approach is...

Read More »



Posted in Scott Crawford Tags: , , ,