Black Sheep or Green Fields?
Just got into a fun discussion at the Peerlyst site on an extended identity management topic.
The question triggering this discussion is: “IAM folks – Who “owns” non-employee identities at your company? Are they entered into the… Continue reading
After the Breach (Part 2): Cyber-Insurance?
APTs and cybercriminals are in the news again with more end-of-2014 breach statistics emerging from the analysts. Here’s an update of my After the Breach (Part 1) post with links to some of the latest information, and a new… Continue reading
Privacy By Design and the Online Library
The Information Standards Quarterly (ISQ) just came out with its Identity Management issue, and my feature on Privacy By Design leads it off. Here’s a link to the article’s web page. A word to the wise – if you… Continue reading
Crowdsourced Splunking for Security Exploits
Crowdsourced correlation search development in security information and event management (SIEM) tools such as Splunk is a best practice for security monitoring and user awareness. For some SIEM systems such as Splunk, IT power users or administrators can develop searches.… Continue reading
Beyond SWGs (Part 3): What’s in the Sandbox?
Anti-malware sandboxes have emerged as a key defensive weapon in cybersecurity. But what are they? In general, they’re appliance- or cloud-based services that capture an executable document, file or script and “detonate” the object in a virtual machine or emulator.… Continue reading
Beyond SWGs (Part 2): Cloud Security Platforms
While battling cyberattackers, security vendors are also struggling to stay on top of disruptive mobile and cloud trends. As I wrote in part 1 of this article, secure web gateways (SWGs) have proven less than 100% effective against sophisticated… Continue reading
The Mobile Security Gap
No one has fully figured out how to throw a security blanket over the enterprise mobile environment, that chaotic patchwork of geographies, carriers, operating systems, applications, device types and ownership models.
Any enterprise tackling web security for mobile devices must… Continue reading