RSA2012-US-logo

One of the major themes that will stand out at RSA next week revolves around the trend I’ve been following closely over the last several months: the evolution of security centered on a data-driven approach.  There will be many opportunities for you to learn and benefit from this trend that is having an impact on [...]

Read More »



posted by Scott Crawford   | February 14, 2012 | 2 Comments

Happy Valentine’s Day, etc.  But enough chitchat. Herewith a short compendium of some of the articles and blogs about data-driven security I’ve been mentioning or have otherwise referenced recently – thought it would be worthwhile to pull these together into a single post. I’ll add to this list in future updates. We’ll begin with the [...]

Read More »



Another report of a breach at a technology vendor much of the industry depends upon for security and trust; this time, Verisign. The most immediate concern about this incident was that the attacks in question occurred in 2010, and were not widely known until Reuters discovered the disclosure in the company’s reporting as required to [...]

Read More »



posted by Scott Crawford   | February 2, 2012 | 0 Comments

NoSharkJumping

There’s no question that the intersections of Big Data and security have grabbed a lot of attention in the year-plus since I’ve been blogging on this topic. Indeed, it seems that Big Data will be one of the major focus areas at the RSA Conference a month hence: I count at least three sessions and [...]

Read More »



Baseball_batter

Happy (belated) New Year! (Well, maybe not so happy if you buy shoes online or are having second thoughts about source code escrow.) Like many, I’ve been contemplating my expectations for 2012. But rather than just play armchair quarterback (a popular pastime among NFL fans here in Denver of late), I thought it would be more useful [...]

Read More »



posted by Scott Crawford   | December 9, 2011 | 2 Comments

BCsq_logo

Read the press release here. In security, the private equity firm is establishing an increasingly provocative portfolio of solutions. Some have a primary focus on security, such as SonicWALL and Entrust. Others, however, offer benefits in the optimization of IT beyond security. Some recent examples: Tripwire NetIQ LANdesk In these cases, security is either an [...]

Read More »



posted by Scott Crawford   | November 9, 2011 | 0 Comments

lumberjack_cropped

As is well known by now, Charlie Miller, well known for his research of the security of Apple products, has been evicted from the Apple developer program for violating the terms of the developer agreement, according to an Apple email (reproduced in this CNET article). The prevailing opinions on this matter seem to gravitate toward [...]

Read More »



posted by Scott Crawford   | October 20, 2011 | 0 Comments

buried-help-flag-iStock_000009400696XSmall

Last week, I had the opportunity to spend a few days with a truly interesting and diverse group of practitioners, who I think are on to the future of information security. It will come as no surprise to anyone who follows this blog that I believe that future is centered on the ability to do [...]

Read More »



data-explosion-iStock_000013253555XSmall

With the acquisitions of Q1Labs and NitroSecurity last week, the industry’s attention has been drawn anew to the value of security information and event management (SIEM). In the enterprise, SIEM is often the focus of security operations, collecting data from a variety of point products, management and monitoring systems. But as I wrote on Tuesday, [...]

Read More »



posted by Scott Crawford   | October 6, 2011 | 0 Comments

t_hero

We often talk about our world, the world of technology, as the business it is. Money to be made, fortunes won and lost, empires large and small that rise with spectacular swiftness – and often fall just as fast. But what often gets lost in all the chatter about the business of technology is what [...]

Read More »



Page 1 of 41234»