intelligence « Scott Crawford

Security in 2013: Intelligence, Integration…and the Integration of Intelligence

posted by Scott Crawford | March 29, 2013 | 0 Comments

sq_arrows

In my last post, I talked about the frustration that enterprises have with the lack of integration among security tactics – an egregious gap attributable in no small way to the extremely fragmented nature of the IT security industry itself. I offered a few examples of approaches that seek to close these gaps and equip...

Posted in Security Tags: Data-driven security, intelligence, SIEM

Security in 2013: The “Productization” of Big Data

posted by Scott Crawford | January 29, 2013 | 0 Comments

data-explosion-iStock_000013253555XSmall

(UPDATE: This week, both IBM and EMC’s RSA Security Division announced new Big Data initiatives in security. More to come on this front…) In my last post, I noted that I expect intelligence and the coordination and integration of defense technologies to be key drivers of the IT security market in 2013. This is not...

Posted in Security Tags: big data, Data-driven security, EMC Corporation, Hadoop, HP, IBM, intelligence, NetWitness, RSA Conference, RSA Security, Security information and event management, SIEM, Splunk

Security in 2013: Intelligence, Coordination and Integration (and Will We Get There?)

posted by Scott Crawford | January 24, 2013 | 0 Comments

Binoculars in grass_cropped

I’ve happily managed largely to avoid getting entangled in the New Year’s ritual of security predictions, since these can, frankly, be fairly boring. But for those who expect such, here you go: Attackers will continue to succeed. Determined adversaries will become even more so. Moving one set of playing pieces does not alter the objectives...

Posted in Security Tags: Data-driven security, intelligence, next generation, Security integration, Trends

Beyond SIEM: IBM-Q1Labs, McAfee-NitroSecurity and Changing Perceptions of Data-Driven Security

posted by Scott Crawford | October 4, 2011 | 0 Comments

evolution_fish_geese

This morning, a pair of announcements were made in the same space: IBM and McAfee are both making acquisitions in security information and event management (SIEM); IBM of Q1Labs, McAfee of NitroSecurity. On the surface, there appear to be few surprises in these deals. Both “acquirees” have been widely rumored to be close to an...

Posted in Security Tags: big data, Data-driven security, IBM, intelligence, McAfee, NitroSecurity, Q1Labs, SIEM

The Rise of Data-Driven Security, Part 5: Synthesis Platforms

posted by Scott Crawford | April 1, 2011 | 0 Comments

data-explosion-iStock_000013253555XSmall

(Ed. note: After too long a hiatus, I wanted to round out this series that began here and continued here, here and here. This will certainly not be the end of my coverage of data-driven security, however. Keep an eye on this blog as the field continues to unfold.) In this series, I’ve described three...

Posted in Security Tags: BI, Data-driven security, intelligence, risk management, Security management, Trends

The Rise of Data-Driven Security, Part 4: The Case for the Fourth Paradigm

posted by Scott Crawford | January 27, 2011 | one Comments

fourthParadigm1

When I first cut my teeth in IT security some years ago, I was a systems administrator for a division of the University Corporation for Atmospheric Research, the parent of the National Center for Atmospheric Research here in Boulder. UCAR/NCAR is what Gordon Bell calls a “data place” – an organization whose mission in part...

Posted in Security Tags: BI, Data-driven security, intelligence, risk management

The Rise of Data-Driven Security, Part 2: Data Sources and Emerging Data Markets

posted by Scott Crawford | January 14, 2011 | 0 Comments

data-explosion-iStock_000013253555XSmall

In my last post, the first in this series, I talked about how recent vendor trends highlight the rise of data-driven tactics for defense. This is just one of three major aspects of data-driven security becoming more prominent in products and services. To recap, those three aspects are: Data-driven tactics which differ from legacy security...

Posted in Security Tags: Data-driven security, intelligence, New School, risk management, Security management

Security in the Era of Big Data

posted by Scott Crawford | December 16, 2010 | one Comments

A lot of ink (digital and otherwise) has been spilled over Wikileaks this year, but there is one central aspect of the recent “cablegate” case that I wonder if we really get in infosec: Simply put, information has gotten huge – and this doesn’t just mean the content we must protect. The sheer volume of...

Posted in Security Tags: BI, big data, intelligence, Security

Security, Visibility, Privacy: Pick Any Two?

posted by Scott Crawford | November 22, 2010 | 0 Comments

Is it possible to have security and privacy? The question has been brought to a head recently, with the intense backlash to the US Transportation Security Administration’s more assertive passenger security checks – a reaction that seems likely to become only more heated with the coming of the busy holiday travel season. The issue for...

Posted in Security Tags: intelligence, Privacy, risk management, Security, visibility

A New Security Paradigm: HCIA

posted by Scott Crawford | November 10, 2010 | 0 Comments

HCIA

(Ed. Note: I’ve updated this post to incorporate some great feedback I’ve gotten on it already. I may well do so again to keep it fresh, as I expect to refer to this concept a lot…) In a recent post, I talked about the security value of IT management disciplines such as configuration and change...

Posted in Security Tags: CCM, Change management, HCIA, intelligence, IT risk, risk management, Security, Virtualization, visibility