Monthly Archives: November 2014

Black Sheep or Green Fields?

Published November 28, 2014 | By Dan Blum

Just got into a fun discussion at the Peerlyst site on an extended identity management topic.

The question triggering this discussion is: “IAM folks – Who “owns” non-employee identities at your company? Are they entered into the… Continue reading →

After the Breach (Part 2): Cyber-Insurance?

Published November 23, 2014 | By Dan Blum

APTs and cybercriminals are in the news again with more end-of-2014 breach statistics emerging from the analysts. Here’s an update of my After the Breach (Part 1) post with links to some of the latest information, and a new… Continue reading →

Posted in Dan Blum | Tagged breach, cyber-insurance, cybercrime, governance

Privacy By Design and the Online Library

Published November 16, 2014 | By Dan Blum

The Information Standards Quarterly (ISQ) just came out with its Identity Management issue, and my feature on Privacy By Design leads it off. Here’s a link to the article’s web page. A word to the wise – if you… Continue reading →

Posted in Dan Blum | Tagged federated identity, higher ed, privacy, privacy by design

Crowdsourced Splunking for Security Exploits

Published November 16, 2014 | By Dan Blum

Crowdsourced correlation search development in security information and event management (SIEM) tools such as Splunk is a best practice for security monitoring and user awareness. For some SIEM systems such as Splunk, IT power users or administrators can develop searches.… Continue reading →

Posted in Dan Blum | Tagged big data, security analytics, SIEM, Splunk, user awareness

Beyond SWGs (Part 3): What’s in the Sandbox?

Published November 16, 2014 | By Dan Blum

Anti-malware sandboxes have emerged as a key defensive weapon in cybersecurity. But what are they? In general, they’re appliance- or cloud-based services that capture an executable document, file or script and “detonate” the object in a virtual machine or emulator.… Continue reading →

Posted in Dan Blum | Tagged anti-malware, cybersecurity, SWGs

Beyond SWGs (Part 2): Cloud Security Platforms

Published November 13, 2014 | By Dan Blum

While battling cyberattackers, security vendors are also struggling to stay on top of disruptive mobile and cloud trends. As I wrote in part 1 of this article, secure web gateways (SWGs) have proven less than 100% effective against sophisticated… Continue reading →

Posted in Dan Blum | Tagged CASBs, cloud security, mobile security, SWGs

The Mobile Security Gap

Published November 12, 2014 | By Dan Blum

No one has fully figured out how to throw a security blanket over the enterprise mobile environment, that chaotic patchwork of geographies, carriers, operating systems, applications, device types and ownership models.

Any enterprise tackling web security for mobile devices must… Continue reading →

Posted in Dan Blum | Tagged BYOD, endpoint security, mobile security

Monthly Archives: November 2014

Black Sheep or Green Fields?

After the Breach (Part 2): Cyber-Insurance?

Privacy By Design and the Online Library

Crowdsourced Splunking for Security Exploits

Beyond SWGs (Part 3): What’s in the Sandbox?

Beyond SWGs (Part 2): Cloud Security Platforms

The Mobile Security Gap

Subscribe to Blog Notifications... HERE