The Leverage Attack: Do We Really Get It?


“Give me a place to stand, and with a lever I will move the whole world.” –Archimedes In the wake of last week’s disclosure of an attack against Bit9, Jeremiah Grossman seems positively prescient. His New Year’s prediction about security’s immediate future was that attacks against security measures would increase. And why not? If defense [...]



By | February 11th, 2013|IT Management, Scott Crawford, Security|0 Comments

Security in 2013: Intelligence, Coordination and Integration (and Will We Get There?)


I’ve happily managed largely to avoid getting entangled in the New Year’s ritual of security predictions, since these can, frankly, be fairly boring. But for those who expect such, here you go: Attackers will continue to succeed. Determined adversaries will become even more so. Moving one set of playing pieces does not alter the objectives [...]



By | January 24th, 2013|IT Management, Scott Crawford, Security|0 Comments

Validating the Rise of Data-Driven Security: EMC/RSA Acquires Silver Tail


This morning, EMC’s RSA Security Division announced its intent to acquire Silver Tail Systems. The press release is here. I’ve written about Silver Tail before, going back to one of my first posts on the rise of data-driven security. In a five-part blog series introduced by that post, I described how data-driven security is evolving [...]



By | October 30th, 2012|IT Management, Scott Crawford, Security|0 Comments

RSA Describes Breach Attack (and the Problem with APT)


Catching up after a long weekend spent (mostly) offline, and digesting RSA’s Friday disclosure regarding its recent breach. In the plus column for RSA: At least they made an effort to communicate some detail, albeit late, and at no small risk to their reputation no matter how their statement would be received. They were reasonably forthcoming [...]



By | April 4th, 2011|IT Management, Scott Crawford, Security|0 Comments

RSA SecurID Breach: The Arguments For-and Against-Soonest Disclosure


This morning, friend shrdlu pointed out that RSA might indeed have entirely legitimate reasons for being so deliberate in avoiding a rush to disclose information about the breach of SecurID information: Guys, unless you’ve dealt with this from the executive seat before, you don’t know the other issues. She has a point. Like her, I [...]



By | March 23rd, 2011|Scott Crawford|0 Comments

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers


A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their [...]



By | March 22nd, 2011|Scott Crawford|0 Comments

RSA Breach of SecurID Information: Initial Take


(Updated: Commentary on RSA's disclosure and SecurCare advisory of March 17) Yesterday, RSA Security disclosed that it had been the victim of a security breach that, according to Executive Chairman Art Coviello's open letter to customers, resulted in the exposure of information "specifically related to RSA's SecurID two-factor authentication products." Coviello's letter goes on to state that "[w]hile [...]



By | March 18th, 2011|Featured|0 Comments
Load More Posts