Security in 2013: Intelligence, Integration…and the Integration of Intelligence


In my last post, I talked about the frustration that enterprises have with the lack of integration among security tactics – an egregious gap attributable in no small way to the extremely fragmented nature of the IT security industry itself. I offered a few examples of approaches that seek to close these gaps and equip [...]



By | April 5th, 2013|IT Management, Scott Crawford, Security|0 Comments

The Leverage Attack: Do We Really Get It?


“Give me a place to stand, and with a lever I will move the whole world.” –Archimedes In the wake of last week’s disclosure of an attack against Bit9, Jeremiah Grossman seems positively prescient. His New Year’s prediction about security’s immediate future was that attacks against security measures would increase. And why not? If defense [...]



By | February 11th, 2013|IT Management, Scott Crawford, Security|0 Comments

Security in 2013: Intelligence, Coordination and Integration (and Will We Get There?)


I’ve happily managed largely to avoid getting entangled in the New Year’s ritual of security predictions, since these can, frankly, be fairly boring. But for those who expect such, here you go: Attackers will continue to succeed. Determined adversaries will become even more so. Moving one set of playing pieces does not alter the objectives [...]



By | January 24th, 2013|IT Management, Scott Crawford, Security|0 Comments

Thoma Bravo acquires Blue Coat: Initial Thoughts


Read the press release here. In security, the private equity firm is establishing an increasingly provocative portfolio of solutions. Some have a primary focus on security, such as SonicWALL and Entrust. Others, however, offer benefits in the optimization of IT beyond security. Some recent examples: Tripwire NetIQ LANdesk In these cases, security is either an [...]



By | December 9th, 2011|IT Management, Scott Crawford|0 Comments

RSA SecurID Breach Update: (Some) Additional Info Provided to Customers


A short while ago, RSA released an additional customer advisory (customer login required) regarding the breach of SecurID information disclosed last Thursday. In my updated initial take on the breach, I noted that: To date, RSA has disclosed no detail about exactly what was compromised or how, leaving customers with no actionable information regarding their [...]



By | March 22nd, 2011|Scott Crawford|0 Comments

Toward CNS: Converged Network Security systems


In my ongoing series of posts on data-driven security, I noted the rise of defense tactics that seem to point the way toward reliance more on continuous, dynamic data sources than on intermittent feeds of data such as signature updates. One advantage of such an approach would be to make defense more responsive to new [...]



By | January 31st, 2011|Scott Crawford|0 Comments

The Rise of Data-Driven Security, Part 2: Data Sources and Emerging Data Markets


In my last post, the first in this series, I talked about how recent vendor trends highlight the rise of data-driven tactics for defense. This is just one of three major aspects of data-driven security becoming more prominent in products and services. To recap, those three aspects are: Data-driven tactics which differ from legacy security [...]



By | January 14th, 2011|Scott Crawford|0 Comments

Security in the Era of Big Data


A lot of ink (digital and otherwise) has been spilled over Wikileaks this year, but there is one central aspect of the recent “cablegate” case that I wonder if we really get in infosec: Simply put, information has gotten huge – and this doesn’t just mean the content we must protect. The sheer volume of [...]



By | December 17th, 2010|Scott Crawford|0 Comments

Security, Visibility, Privacy: Pick Any Two?


Is it possible to have security and privacy? The question has been brought to a head recently, with the intense backlash to the US Transportation Security Administration’s more assertive passenger security checks – a reaction that seems likely to become only more heated with the coming of the busy holiday travel season. The issue for [...]



By | November 22nd, 2010|Cloud Computing|0 Comments
Load More Posts