Enterprise security is all about people

When it comes to planning and executing projects to improve enterprise security, I find that IT security practitioners are frequently focusing on the wrong things. First, don’t focus on computers and network routers when you should be focused on the data that traverses them. For example, are you putting the same amount of effort into…

Cloud Computing and Internet of Things: what’s actually new

By now, you’ve heard about cloud computing. Your email server lives in some rural datacenter. Your IT operations team has had a shrinking budget for 10 years straight. You are living and breathing cloud computing. You’ve probably heard about the “internet of things” (IoT) buzz/trend, too. Your refrigerator should be able to order milk from…

Session recordings from Cloud Developers Summit

Many thanks to the organizers of the Cloud Developers Summit and Expo 2014 last month in Austin. The conference was enjoyable and educational. And it’s always a huge bonus when conference content is made availability electronically for posterity. To that end, the full archive is here. My specific sessions: The Secret Life of Mobile Data:…

Securing Online Payments

There are three principles to securing online payment transactions: Protect user payment account identity Securely express user intent Detect fraud The next sections summarize considerations for addressing each principle. Protect User Payment Account Identity Magnetic stripe cards aren’t cutting it from a security perspective: see the recent incidents involving Target, Home Depot, and PF Chang’s….

Cyber Kill Chain and The Four Pillars of Endpoint Security

One of the bigger network security defense methodology trends over the past couple of years, Lockheed Martin’s Cyber Kill Chain model is useful for analyzing and mitigating Advanced Persistent Threat (APT) attacks in the enterprise. The sequential nature of the chain model expresses how the attack itself is vulnerable to disruption, and hence provides avenues…

Mitigating the Pass the Hash Exploit on Windows

Pass the Hash (PTH) is one of the most potent exploits in the hacker arsenal for gaining system administrator privilege and compromising an entire enterprise network. Why? Because PTH can be successful simply by compromising a single machine. PTH works by extracting credential information from the computer’s memory. Any credential present on the computer is…

Data protection requires layers; create a Stronghold

Due to the BYOD and cloud computing trends, as well as to the presence of insider threats and sophisticated overseas adversaries, the enterprise network perimeter is a myth. That is, you can’t depend on an internet firewall to protect the critical data that defines a business. What can you do? Effective data protection requires layers…

From CARTES America 2014: Using NSA Tradecraft to Protect Data on Mobile Devices

Big thank you to CARTES America 2014 for hosting my presentation, Using NSA Tradecraft to Protect Data on Mobile Devices. And who doesn’t love visiting Las Vegas before it gets really hot? All of the slide decks from CARTES America 2014 are available here.

Endpoint security: the challenge is part of the reward

Network security requires both top-down and bottom-up thinking. Read more about securing network endpoints in the 25th edition of the JW Secure Informer.

RSA expo session this morning on security automation

Reminder to those attending RSA in San Francisco this week: the below session is this morning and is free to Expo pass holders. In addition to the 10am panel, we’ll also be demonstrating the JW Secure StrongNet solution interoperating with a Continuous Monitoring agent from Microsoft Trustworthy Computing. Consistent with the theme of the TCG…