U.S. Critical Infrastructure Continue to Make Risky IT Bets

More than half of critical infrastructure organizations admit that they have insecure IT products and services deployed on their networks.


Happy Cybersecurity Awareness Month?

Well intended effort only calls attention to pervasive cybersecurity ignorance throughout society


U.S. Critical Infrastructure under Cyber-Attack

Majority of critical infrastructure organizations have experienced damaging and costly incidents over the past two years


My Take-Aways from Splunk .conf2015

User passion and a multitude of security use cases were on display in Las Vegas this week


Book Report: Future Crimes

In this extremely interesting book, author Marc Goodman elaborates on, "the cornucopia of technologies we are accepting into our lives may very well come back and bite us"


Cyber Supply Chain Security Is Increasingly Difficult for Critical Infrastructure Organizations

New IT initiatives, and increase in IT suppliers, and consolidation of IT and operational technology (OT) make cyber supply chain security increasingly cumbersome


The Network’s Role as a Security Sensor and Policy Enforcer

Networks can (and should) be used to improve risk management as well as incident prevention, detection, and response


Challenges around Operationalizing Threat Intelligence

Beyond the information, process and skills improvements needed for threat intelligence collection, processing, analysis, and sharing


My Assessment of VMware NSX

Great potential for cybersecurity but plenty of work ahead for VMware


The RMS Titanic and cybersecurity

Famous shipwreck holds many lessons for the cybersecurity community.


Anticipating VMworld

Anticipating VMworld

Cloud and virtualization event will reveal the state of a transition to virtual network security services.


Facebook’s Threat Intelligence Sharing Potential

Data management, scale, and algorithmic strengths may give Facebook an advantage in threat intelligence sharing


Incident Response: More Art than Science

Cybersecurity industry needs to establish best practices and open secure channels for incident response communications.


Enterprises are Analyzing Lots of Internal Cybersecurity Data

Enterprise organizations collect, process, and analyze a wide variety of cybersecurity data, and there is no end in sight.


Black Hat Boogie

My quick takes on an interesting, exhausting, and frightening week at Black Hat 2015 in Las Vegas


Black Hat Is About Cybersecurity People and Processes

Cybersecurity professionals attending Black Hat can gain in-depth knowledge about good guys, bad guys, and everyone in between


Cybersecurity Technology Integration Changes Everything

Based upon current and future cybersecurity technology integration trends, CISOs are adjusting budgets, organizations, skills, and vendor choices. Even industry analysts are impacted by cybersecurity technology integration.


Cybersecurity Canon and The Florentine Deception

Industry organization dedicated to reviewing and selecting books for cybersecurity education. Case in point, new novel from author Carey Nachenberg


Measuring the Quality of Commercial Threat Intelligence

One person’s quality is another person’s fluff so objective measurements will be difficult. Threat intelligence quality may ultimately be gauged through crowdsourcing and threat intelligence sharing.


Are There Differences Between Threat Intelligence Feeds?

Enterprise cybersecurity professionals find it difficult to judge the quality and efficacy of disparate open source and commercial threat intelligence. In the short term, this means more buying and selling.


Load More