The rise of threat intelligence gateways

These network appliances automatically block known threats, mitigate risk and streamline security operations.


If I were the next CEO of Symantec – Redux

Challenges from 2014 remain. Symantec must emphasize services, acquire promising startups, establish a partner ecosystem, and streamline products and operations


Cybersecurity salary inflation—A red flag

A global cybersecurity skills shortage is creating a rapid spike in salaries, exacerbating an already critical issue.


AV software: “I’m not quite dead yet”

Many organizations continue to use and benefit from antivirus software, while others have yet to use all of its capabilities.


Learning about SDP via Google BeyondCorp

Google’s software-defined perimeter (SDP) architecture can act as a model that enterprise organizations can emulate and enhance over time.


Cloud Security Challenges

Enterprises have problems provisioning security controls, monitoring cloud security status, and detecting anomalous network traffic in the cloud


Data and Identity: Two New Security Perimeters

Leading organizations are investing in new controls for sensitive data protection


Cybersecurity as a Business Issue

ESG research data demonstrates that improving cybersecurity is a business – not just an IT – priority. What does this mean for enterprise organizations?


The Endpoint Security Continuum (Part 2)

Advanced prevention will dominate and change the endpoint security market


Cybersecurity Skills Shortage Impact on Cloud Computing

CISOs must plan for expansive cloud growth AND a lack of cybersecurity professionals with cloud computing skills


An Abundance of Incident Response Bottlenecks

ESG research indicates that manual processes, skills shortages, and technology integration gaps make it extremely difficult to prioritize and respond to cybersecurity incidents in a timely manner


Before Moving on From RSA…

A few last thoughts I had while fighting through the crowds at the Moscone Center


Many Thoughts about RSA 2016

Security conference demonstrated the good, bad, and ugly about the cybersecurity industry


RSA Conference 2016: Day 1

Early discussions on IoT, cloud security, encryption, and industry consolidation


Cybersecurity Industry To-Do List for RSA Conference

Cybersecurity Industry To-Do List for RSA Conference

Industry must do more to decrease the attack surface, increase the productivity of cybersecurity professionals, and enhance overall protection without getting in the way of users


Anticipating the RSA Security Conference

Skills shortage, security automation, cloud security, data security, endpoint security and security analytics top my list of priorities


Apple vs. DOJ Doesn’t Really Matter

With commercial and open source encryption tools readily available, criminals can easily bypass backdoors and vendor workarounds


My Two Cents on CNAP (Cybersecurity National Action Plan)

President’s plan is commendable but lacks details, doesn’t go far enough, and needs to break free of the federal bureaucracy status quo


Henry Ford and Incident Response

Industrialists' ideas about manufacturing operations serve as a good analogue for enterprise CISOs looking to improve IR efficiency.


Heterogeneous Multi-Dimensional Cloud Security

Heterogeneous Multi-Dimensional Cloud Security

CISOs are scrambling to find the right security policies, processes, controls, and monitoring to keep up with enterprise deployments of a multitude of cloud technologies.


Load More