EMA Blog Community

This morning, a pair of announcements were made in the same space: IBM and McAfee are both making acquisitions in security information and event management (SIEM); IBM of Q1Labs, McAfee of NitroSecurity. On the surface, there appear to be few surprises in these deals. Both “acquirees” have been widely rumored to be close to an [...]

I’ve been looking over this year’s Black Hat agenda with an eye toward new thinking on a topic I’ve been blogging about over the last several months: the rise of data-driven security. By this I mean the increased leverage of data mining and analysis to deliver more detailed and accurate insight into the reality of security posture [...]

One of EMA’s advantages in having a base in Colorado is our proximity to a number of thought leaders in identity management, and nowhere is this more evident than at conferences such as the Cloud Identity Summit, an aptly-named event held in recent years here in Colorado’s high country (nearly as close to the clouds [...]

(Update: This report is now published and available in our library. You can obtain a free summary of the study here. To view an on-demand webinar about this report, click here. You can also download a copy of the webinar slides here.) In 2010, we published our research report on Security as a Service, examining [...]

(Update: My research report on this topic is now in the EMA library. For further updates on the trend, check out my other posts on data-driven security before and since.) IT security has long been hamstrung by obstacles unknown to many other aspects of the enterprise. Businesses may be able to measure their performance through [...]

It’s that time of year again, when the Verizon RISK Team blossoms forth with its latest, much-awaited Data Breach Investigations Report – and with a number of new and (to some) astonishing findings, the 2011 version did not disappoint (you can get it here). This year’s report, however, has some important subtleties that could easily [...]

No sooner had the ink dried on RSA’s disclosure of the nature of the attack that resulted in its high-profile breach than NetWitness, RSA’s partner in investigating this incident, announced its acquisition by RSA parent EMC. (Given the fact that the deal is already closed, it’s safe to assume that due diligence well preceded this event.) [...]

Catching up after a long weekend spent (mostly) offline, and digesting RSA’s Friday disclosure regarding its recent breach. In the plus column for RSA: At least they made an effort to communicate some detail, albeit late, and at no small risk to their reputation no matter how their statement would be received. They were reasonably forthcoming [...]

(Ed. note: After too long a hiatus, I wanted to round out this series that began here and continued here, here and here. This will certainly not be the end of my coverage of data-driven security, however. Keep an eye on this blog as the field continues to unfold.) In this series, I’ve described three [...]

This morning, friend shrdlu pointed out that RSA might indeed have entirely legitimate reasons for being so deliberate in avoiding a rush to disclose information about the breach of SecurID information: Guys, unless you’ve dealt with this from the executive seat before, you don’t know the other issues. She has a point. Like her, I [...]