PFP CyberSecurity Breaks on to the Scene to Identify Malware at the Chip Level.


A few weeks ago, I briefed with a new company called PFP Cybersecurity, also known as Power Fingerprinting, Inc., and was so intrigued by the concept alone that I wrote a Vendor to Watch about them. They officially launched on January 26, , and currently their claim to fame is their physics-based scanning technology which [...]



By | March 2nd, 2015|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Leveraging Security Policy Orchestration to “Bake Security in” to SDDC Environments


I have a new guest blog just posted at for Tufin around Security Policy Orchestration.  You can check it out here. It discusses the benefits to using Security Policy Orchestration when defining software-defined data centers (SDDCs).  By supporting a centralized security policy across physical and virtual networks via a single interface. Security  change management provides many benefits including: Application [...]



By | January 27th, 2015|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Breach Detection, Sony Entertainment and Vectra Networks…


Working in information security for the past 20 years, I have seen a lot. Though there have been many multi-million dollar impact breaches, the recent Sony Pictures hack and subsequent data exposure and extortion is probably the most impactful to a company out of the previous breaches this year. Recent articles revealed that some employees [...]



By | December 19th, 2014|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Allgress Insight Risk Management Suite Brings Flexibility and Functionality to IT-GRC


When I started out in security, only very large organizations with a mature set of business processes dared to talk about implementing some form of governance, risk, and compliance (GRC) or enterprise program (e-GRC). They generally did it in an attempt to get ISO or similar certification, or to “move their programs to the next [...]



By | December 19th, 2014|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Is EMV an Expensive Security Misstep for the Payments Industry?


There is no disagreement that the current mag-stripe technology used in the USA and other countries outside of the EU is antiquated and lends itself to fraud. The data is easily copied using various methods from manual card data copying and shoulder surfing, to database compromise and POS terminal malware.  Cards can be reproduced with [...]



By | December 8th, 2014|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Damballa and Bit9 + Carbon Black Collaborate to Deliver Better Security with More Context


  In looking at the solutions available for threat protection (and detection), there are quite a few options out there. Some, like Damballa Failsafe, are network-based, vigilantly watching packets across the network and looking for indications of undesirable activities/behaviors and content.  Others are host-based, like Bit9 + Carbon Black, using an agent on the endpoint, [...]



By | October 28th, 2014|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Gaining Data Control with BYOD and Bluebox


What’s the issue with BYOD? Data Control… What’s the issue with Data Sharing? Data Control! Let’s face it, though it took an evolution of about 15 years, industry figured out that Data Management and Control are the underlying security issues.  Data is power, knowledge, money, control.  If you have it you’re in control.  If you [...]



By | April 22nd, 2014|David Monahan, IT Management, Scott Crawford, Security|0 Comments

Security Awareness Programs Are Not just For Compliance


I see a significant gap in not only how the need for Security Awareness training is perceived as needed but also in the general quality of the programs and training delivered vs other types of training.  In many cases small companies avoid security awareness training due to ignorance, cost fears, or fears it will stifle [...]



By | January 16th, 2014|David Monahan, IT Management, Security|0 Comments

Graph Databases–and Their Potential to Transform How We Capture Interdependencies


Discovering, capturing and making sense of complex interdependencies is central to running IT organizations more effectively, and it is also a critical part of running the businesses IT serves. Whether it’s optimizing a network, or an application infrastructure, managing change, or providing more effective security-related access—more often than not these problems involve a complex set [...]



By | November 18th, 2013|Dennis Drogseth, IT Management, Service Management|0 Comments
Load More Posts