Systematically protecting the crown jewels of enterprise data

The most successful organizations are built on a combination of great people and efficient processes. Information technology teams are no exception: the most effective are those that combine talent and technology in order to become a strategic asset to the business. IT security is frequently seen as a tax on the business, even by the […]

The Weakest Link: Enterprise Security, Consumer Security, and Privacy

Enterprise Security Investment in IT security is a requirement for every company that is in possession of valuable data. Security is a moving target, and if you’re not proactively tracking it, you will get hacked and your data will get stolen. Evidence: Data security is the most serious IT challenge in organizations. Kaspersky: the average […]

How to protect high-value network assets:

Failing to plan is planning to fail. Your high-value assets need protection now. Enabling business success is the ultimate aim of Enterprise IT security personnel. They want to ensure the right data is available to the right people at the right time—every time. Use cases, authorization rules and security group management all play a part, […]

Cyber Security at Seattle Biz-Tech Summit 2015

Please join me at the Cyber Security session in the Seattle Biz-Tech Summit this Saturday, 10/24/15, from 11:00am – 12:30pm, in Room A at the Hyatt Regency Bellevue. Session Description We are constantly reminded of the critical importance that Cyber Security plays in our personal and professional lives. From stolen credit card numbers and hacked […]

How to stop network credential theft

Enterprise network credentials are like the keys to your house: once someone has a copy, they can enter your space whenever they want. The more valuable your property, the more motivated the bad guys are to get in. Worse, sophisticated network intruders leave no trace. Digital assets can be copied, malware can be installed and […]

The Right Way to do Derived Credentials

Derived credentials are part of our everyday lives. For example, if you have a US driver’s license, you presented a birth certificate in order to obtain it. What about Apple Pay? When used for a purchase, it identifies you to Apple, provides an association with your credit card, and allows Apple to pay the merchant […]

Better Defense Against Enterprise Credential Theft

Target Rich Environment Corporations with valuable intellectual property, utilities with critical infrastructure, and government entities such as national intelligence are all irresistible targets to independent and state-funded computer hackers. Typical attacks start by attempting to compromise an Internet accessible device, such as a web or email server, or a remote user laptop. Due to the […]

High-Integrity Internet-Scale Device Authentication

Security is a perennial challenge in Internet of Things (IOT) scenarios. Suppose a sensor network has been deployed to a factory that manufactures cutting-edge electronics. In the interest of protecting trade secrets and business reputation, it’s critical that the sensors – including motion detectors, video cameras, and quality and industrial control related devices – be […]

Security Trends and Guerilla Tactics for Conference Attendees in 2015

It is incumbent upon IT professionals to keep their skills current. This is tough because, while there are basic principles that don’t change, the shelf life of technology-specific skills gets shorter each year. The good news is that most conferences are designed specifically to inform attendees what’s new. For example, the RSA 2015 security conference […]

Data Security and the Internet of Things

We all have secrets we keep on our mobile devices: passwords, customer data, strategic plans. And yet high-profile cyber-attacks – Home Depot, NSA, Sony, Target – continuously remind us of the risks posed to enterprise systems by sophisticated adversaries, trusted insiders, insecure hardware, and single-factor authentication. Those publicized security incidents notwithstanding, there is a body […]