The Truth Behind the Scope of the Endpoint Problem in the Enterprise


The Evolution of the “Endpoint” Over the past few years, the perception of what an “endpoint” is, and therefore the definition, has changed. The original perception was a user workstation independent of operating system. With the expansion of functionality, data persistence, Internet connectivity, and ultimately the threats against them, that definition no longer applies. Laptops [...]



IoT Enterprise Risk Report


ForeScout recently released an IoT Enterprise Risk Report based on research from ethical hacker Samy Kamkar. Based on Kamkar’s findings, the report on IoT security issues could readily be renamed something like, “IoT: the bane of the enterprise environment,” or “IoT brings new meaning to the term ‘Enterprise Risk’.” The report discusses a significant number of negative findings [...]



By | December 19th, 2016|APT, Internet of Things, IoT, Malware, Persistent Threat, Security|0 Comments

The Top 5 IoT Lessons I Learned From Hollywood


In my last IoT blog, I talked about the history of IoT and the evolution of issues surrounding IoT devices. In this part of the series, we will expand on the issues around IoT and the data it collects. Research firms estimate that there will be between 20 billion and 30 billion IoT devices on Earth by 20201 and that they will [...]



Effective Security Requires a Change in Mindset and the Protection Paradigm


Nearly every day another successful breach is reported. In 2016 alone, organizations from major governmental agencies such as the IRS and Department of Defense, to major retailers including Wendy’s, have succumbed to attack. These organizations are not alone; every major business and governmental sector has been compromised. Large tech companies such as LinkedIn and Oracle, [...]



By | August 24th, 2016|APT, BYOD, IoT, Malware, Payments, Persistent Threat, Security|0 Comments

HEAT Software Meets the Need for Endpoint Protection Head-On


In many organizations, endpoints see virtually constant change. Users access, download, and utilize applications, data, drivers, files, toolbars, widgets, etc., introducing both new security threats and undocumented changes in systems and processes. For better or for worse, all of these activities leave their mark on the endpoint. HEAT has engaged in endpoint security at a [...]



By | December 11th, 2015|APT, Endpoint Protection, Malware, Persistent Threat|0 Comments

The Limits of Packet Capture


In preparation for my new 'Achieving Hi-Fidelity Security' research project, I thought I would post a relevant blog I wrote for InformationSecurityBuzz.com. I have packet capture data for forensics, isn’t that enough? No! Of late, I have briefed with a number of companies that provide full network packet capture capabilities.  They tout its benefits and that [...]



Vectra Provides Pervasive Visibility & Analysis to Detect Cyber Attacks


Though cyber attacks have been around for years, in 2014 there was an explosion in the volume of attacks and a marked increase in the losses and damages they inflicted. In 2015, this does not seem to be lightening up. In February, Anthem health care insurers were compromised, putting 80 million current and former customers [...]



By | April 9th, 2015|APT, Malware, Persistent Threat, Security, Uncategorized|0 Comments

Leveraging User Activity Monitoring to Protect Information and Employees from Cyber Threats


Historically, many organizations and personnel have been concerned about user activity monitoring (UAM). Certain business cultures feel that these activities are an invasion of privacy or are distrustful. However, in today’s Internet connected, data driven world, having specific information or data means the difference in being a market leader and being out of business. Identifying [...]



By | March 4th, 2015|Malware, Persistent Threat, Security|0 Comments

PFP CyberSecurity Breaks on to the Scene to Identify Malware at the Chip Level.


A few weeks ago, I briefed with a new company called PFP Cybersecurity, also known as Power Fingerprinting, Inc., and was so intrigued by the concept alone that I wrote a Vendor to Watch about them. They officially launched on January 26, and currently their claim to fame is their physics-based scanning technology which monitors [...]



By | March 2nd, 2015|APT, Malware, Persistent Threat, Security|0 Comments
Load More Posts