Last week I talked about the challenges of managing privileged identities in the cloud. As I have highlighted in an earlier post the recent report by the Ponemon Institute on the Security of Cloud Computing Providers shows that when it comes to security cloud providers are “least confident in their ability to restrict privileged user access to sensitive data”.
The more conversations I have with security professionals, the more I see them strategizing how to best secure their networks with lower operating budgets. I see more and more individuals having to deal with security issues as well as other aspects of their IT department during daily operations. Their strategy has been condensed to acquire…
In the Star Wars Trilogy, there are two very clear sides of the moral spectrum. First, we have the rebel forces, keepers of the Force and warriors fighting against the evil Emperor. The Emperor, and the imperial forces that fight for him, are the evil masterminds who want to destroy the Force and the source of all goodness. While other battles may not seem quite as grand, there are parallels from Star Wars that apply to a multitude of other situations. One of these situations is the risk of insider threat in your organization. There are lessons to be learned from Darth Vader, the Emperor, Luke Skywalker, and others. Here are the three we like the best:
It’s hardly a stretch in this day and age to say that every one of your employees has a mobile device, whether it is company issued or personal, but either way these devices can be the culprit of accidental insider threats more easily than ever before.
Searching the internet finds a plethora of definitions, services, products, solutions, and even training classes for Enterprise Security and Risk Management. The topic is so broad that almost every security vendor falls into this category. At the middle of almost all the definitions (excluding physical security theft) is the protection of an organizations most treasured…
It’s amazing the effect songs have on us. Take, for example, Eye of the Tiger. If you’re like me, this brings you right back to Rocky, the Italian Stallion that won the hearts of America as he trained and fought his way to victory. That song elicits images of strategy and dedication, the two key traits to Rocky’s success. Why, you ask, do I bring this up here, on an Information Technology blog? Because the same elements that drove Rocky to success in the movie can ensure a data security victory in your IT environment.
Here at eEye, we’ve been discussing in great depth, the value of various risk scoring mechanisms, attack vectors, and exploit intelligence. Considering all the various standards that are being used to derive risk scores (proprietary, CVSS, PCI (based on CVSS with conditions), DoD Categories, etc.) and how organizations are currently prioritizing remediation efforts, we found a…
I introduced you to Accident Prone Annie as an archetype for the type of insider villain who may already be infiltrating your extended enterprise a couple of weeks ago and guess what? Almost every day I see an article that represents “Dave” as manifesting in another company with some measurable harm that was newsworthy.
|Vendors:||Apache Software Foundation
|Exploit Impact:||Denial of Service