Category: Security Intelligence

12 Feb
2015

When it comes to data security, identifying what you consider your crown jewels is the first step in the data security recovery program. Legacy products can be expensive and negatively impact performance. Organizations need to realize that the complexity and fear of access control is a thing of the past. ClickToTweet: Why a Data Security Platform is an Enterprise Priority #DefenderOfData http://bit.ly/1uLLONG Before we get started on recovery, here are a few things you need to ask yourself: How much […]

With Federal Data Breaches up 2.5x from 2009 – It’s time for a change

Posted By: Andy Kicklighter, @akicklighter (Twitter)
19 Aug
2014
Categories : Big Data, Data Breach Disclosure, Security Intelligence            Leave a comment           

Earlier this year the GAO reported that the number of security incidents for Federal Agencies involving Personally Identifiable Information (PII) increased 2.5x between 2009 and 2013. This year, with the rising tide of highly visible data breaches in retail, health care and other areas I’m expecting the picture to further deteriorate. Why is it this is the case?  Three key reasons appear: Lack of real penalties Inertia in IT Security investments Standards that drive only minimum behavior When a data […]

6 steps to preventing another massive breach like eBay’s

Posted By: Andy Kicklighter, @akicklighter (Twitter)
26 May
2014

It seems pretty clear that eBay didn’t properly safeguard their user information. We can expect that perimeters and firewalls will be penetrated – The Verizon data breach report gives a 90% chance of compromising an account after 10 phishing attempts, and malicious software installed as a result  is often undetectable by AV or Network monitoring and penetration tools.  Other attacks on applications (SQL injections, stack overflows) often result in an attacker gaining root privileges on machines and then using the […]

Vormetric Wins 2014 SC Award for Best Encryption Solution

Posted By: Andy Kicklighter, @akicklighter (Twitter)
30 Apr
2014

Last night, Vormetric Transparent Encryption received from SC Magazine Europe the 2014 Best Encryption Solution Award.  This is good evidence for the leadership that Vormetric has shown in creating solutions that directly defend data from both external actors and internal attacks, and that simply and easily help customers meet compliance requirements for encryption and access control. <ClickToTweet>: 2014 SC Magazine Best Encryption Solution Winner is @Vormetric http://bit.ly/1fQcNL2 with #DataSecurity #SecurityIntelligence Vormetric Transparent Encryption is one of a very few solutions […]

We made a really important announcement today – We’ve now added integration to the third of the top SIEM solutions, IBM QRadar, to our existing integration with HP ArcSight and Splunk. As the cadence of data breaches increases worldwide with continued losses of credit card and customer data from retailers, health care data losses, revelations from Mr. Snowden, and more, it’s increasingly clear that traditional approaches to security are not able to safeguard sensitive data. What’s needed are strong security […]

@ RSA 2014 – When will we really get Intelligence Driven IT Security?

Posted By: Andy Kicklighter, @akicklighter (Twitter)
25 Feb
2014
Categories : Data Security, Security Intelligence            Leave a comment            Tags: , , , , , ,

Today at the RSA Conference in San Francisco, one of the points made in the keynote by Art Coviello of EMC Corporation is that we need intelligence driven security solutions.  This has been a theme at the conference for several years, but, for the most part, we’re only seeing the beginnings of solutions to the problem of making useful “intelligence” widely available and effective within the context of IT Security. Why is it taking so long?  Simple really – It’s […]

23 Jan
2014
Categories : Data Security, Security Intelligence            Leave a comment           

Big Data tools established a beachhead in 2013 for use in analyzing customer behavior and sales trends, operational analysis and augmenting existing data warehouses, but there’s a demonstrated need in security operations as well. Given the volume of recent major data breaches, it’s a pretty sure bet that many organizations are also going to invest in tools to help them analyze the the huge masses of security related information already present – this is security intelligence, if you will. Unfortunately, there’s a huge limiting factor for the […]

From the CEO’s Chair: 2014 Data Security Predictions

Posted By: Alan Kessler, @kessalan
07 Jan
2014
Categories : Big Data, Data Encryption, Data Security, Security Intelligence            Leave a comment           

It’s early January, the time for predictions about where things are headed this year. Over the past few weeks, I’ve reflected on where I think the data security industry is headed and jotted down my “Top 7” predictions for 2014. Here they are. Hold me to them. Prediction #1: Data-centric security will become a core practice for all enterprises. Enterprises have finally come to the realization that their perimeter security has failed and that their adversaries are likely lying in wait. In 2014, enterprise […]

22 Oct
2013
Categories : Cloud Computing, Cloud Security, Security Intelligence            Leave a comment           

Have you had a look yet at the latest “Cost of Cyber Crime Study” from HP and Ponemon?  If you are an enterprise with 1000 or more employees the numbers are sobering.  For the organizations  sampled, each averaged two attacks per week during the benchmark period for the study.  The top two attacks?  1) 100% viruses, worms, trojans   2) 97% Malware.  Costs of these attacks were up 26% to an annualized cost of $11.56 million per year. Which protections were […]

19 Sep
2013
Categories : Cloud Security, Data Security, Security Intelligence            Leave a comment           

Over the past few years, cyber-criminals have evolved drastically. They have joined forces at alarming rates and are often going after the same targets and using similar tactics to get what they are after. Traditional perimeter security isn’t working.  Some would argue that it may be necessary for known threats, but it just isn’t enough to keep adversaries from their primary targets: your intellectual property and critical data. The theme of this year’s HP Protect conference was “Security for the […]