2016 New Year – New Firewall? Which One?

The old firewalls are port filtering devices… I.e. web is allowed out (from in your network to out the Internet and back).   But is the traditional  firewall enough for next year 2016?  Are you really going to skate another year?   these guys are pushing the envelope: “Don’t waste time worrying – spend time … Read more

What is the Right Effort to Cybersecurity?

The keynote speaker of Troopers15 has an interesting presentation (on youtube now )   https://www.blackhat.com/eu-15/briefings.html https://www.youtube.com/watch?v=rarpym8JJXQ Some of the good quotes: Doing something better must be better than doing nothing? “Wrong. Paddling hard in the wrong direction doesn’t help just because you want it to” “You must never confuse faith that you will prevail in the end—which you can … Read more

Best Cybersecurity Practices: SIEM-Log Management

Gartner has a report on the Critical capabilities of Security Information and Event Management(SIEM) software by 13 companies. Each company was analyzed on several characteristics AccelOps, AlienVault, BlackStratus, EMC, EventTracker, HP (ArcSight), IBM Security QRadar, Intel Security, LogRythm, Micro Focus International (NetIQ), SolarWinds, Splunk, and Trustwave Holdings Characteristics that were measured: Real-time monitoring, threat intelligence, … Read more

Hybrid Clouds Not Secure?

Rich Mogull at Scurosis Blog (#13 at http://oversitesentry.com/security-news-reviewed/) has the latest post https://securosis.com/blog/hybrid-clouds-an-ugly-reality The problem? A Hybrid cloud is by definition part cloud and part local systems.  One can easily imagine administration problems as files and data have to bridge both environments. The disadvantage is the loss of compartmentalization, i.e. the ability to say the cloud … Read more