Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.


The Difference with Insiders

The online security hacking group Anonymous has been making a lot of headlines recently. They committed denial of service attacks on companies like Mastercard, VISA and Paypal – companies who cut off Wikileaks from their services.

Post by Peter McCalister February 24, 2011

I Am the Ostrich, Goo Goo G’joob

The top is down on my convertible and I hear “I am he as you are he as we are all together. See how they run…” blasting on the radio and what do I think of? Yep, privilege identity management.

Post by Peter McCalister February 23, 2011

Prioritizing Vulnerability Assessment and Remediation Steps: A New Users Guide to Getting Started – Part 2

The odd part about writing weekly blogs is the amount of discussions that start internally, with clients directly, and sometimes through straight blog comments. After writing “A New Users Guide to Getting Started” article, my team indicated several really good ideas for a Part II follow-up blog. Simply, just getting started with vulnerability management is not enough….

Post by Morey Haber February 22, 2011
, , ,

RSA Survey: No Trust for Cloud Vendors, Wikileaks

At this year’s RSA we had a swat team passing out surveys – over 111 responses – to find out if people trust their cloud vendors with their data.

Post by Peter McCalister February 21, 2011

Thoughts From Another Successful RSA

17,000 security professionals descended on Moscone Center in San Francisco this week for the annual RSA pilgrimage of education, communication and motivation. Now that the event is over and everyone is heading back to their respective everyday roles, I thought I pass along a few observations to commemorate what was easily one of the better shows in the last couple of years for the security industry.

Post by Peter McCalister February 18, 2011

Cloud Computing Security in Public Clouds

We’ve said before that corporations need to take ownership and responsibility for overseeing and requiring compliance and security policies of their cloud vendors. Well, now it’s official, the industry agrees with us.

Post by Peter McCalister February 17, 2011

5 Things to Tell the CEO about Admin Privileges

Every organization has their own quirks. Sometimes leadership isn’t involved enough for certain projects to be successful. Other times they’re too involved. And sometimes it feels like everything is just too much of a mess. This is especially true when it comes to IT security and compliance across physical, virtual and cloud environments.

Post by Peter McCalister February 16, 2011

Live from RSA 2011

It is another cold and windy week in San Francisco and RSA 2011 is more impressive this year than recent events. With the economy finally beginning to recover, trade show events are feeling the impact with more floor space, higher attendance,  cooler giveaways, and quality of new solutions presented by companies highlighting investments in development. …

Post by Morey Haber February 16, 2011

Does Compliance = Security?

Since it’s hard to analyze the tradeoffs between security and productivity, IT organizations can fall back on gut feel, rules of thumb and past practices in making these decisions. The easiest answer is frequently to just follow the rules and regulations so you remain in compliance with industry regulations or current policies. As a result, compliance becomes a substitute for security. But are they really equal? Does being in compliance mean you have a secure IT environment?

Post by Peter McCalister February 15, 2011
eye in the sky_smaller-resized-600.jpg

Top VM Reports for Daily Security

Like most security professionals I subscribe to a plethora of email lists from Dark Reading to Threat Post.  Every day I receive their news and review the titles in their daily summary emails and drill into a few that may catch my eye.  The thing I like about this approach is that I receive a…

Post by Morey Haber February 15, 2011
, ,