The bulk of what passes for “threat intelligence” is just ephemeral data, frequently changed by hackers, and only useful on short-lived blacklists. To improve their cybersecurity, organizations need to raise their “threat IQ”. The security ecosystem of vendors and… Continue reading
Last month I wrote about attending a Department of Homeland Security (DHS) conference on its effort to create a new wave of Information Sharing Analysis Organizations (ISAOs). Along with many in the industry, I believe the future of cybersecurity… Continue reading
Tomorrow (June 9), I’m attending the Department of Homeland Security (DHS) Information Sharing and Analysis Organization (ISAO) Workshop. Federally-encouraged “ISAOs”are intended to augment or replace the existing “ISACs”. ISACs are “centers” organized by industry sectors (e.g. finance, research… Continue reading
As the RSA 2015 conference (#RSAC2015) was winding down last week, someone commented on what he perceived as a “sense of defeatism.” In sessions and on the show floor “Every vendor is saying “you’re already penetrated.” There… Continue reading
At the RSA pre-conference Cloud Security Alliance (CSA) Summit both Philippe Courtot (CEO, Qualys) and Marc Goodman (Author, “Future Crimes”) highlighted the need for a paradigm shift in how enterprises and societies address cloud security.
Courtot finds… Continue reading
As the investigation continues into yesterday’s announcement of the #AnthemHack, Security Architects Partners will be monitoring to see what it portends for early breach notification. By disclosing early, Anthem broke the typical mold of companies waiting to complete a full… Continue reading