We Need a Better Mousetrap: Insights on Security from Key CISOs at RSA

iStock_000014491423_Small

While at RSA last week I had the pleasure of attending the T.E.N breakfast which brought together CISOs from Aetna, Cox Automotive, SunTrust Bank, Target, and The Coca-Cola Company. During this highly informative and entertaining session, these leading influencers provided some great insight into their security challenges, trends and observations. Severe shortage of skilled security staff. Every…Read More

Firewalls, Breaches and the 2015 Verizon PCI DSS Report

img_PCISummary_cover2015

According to the recently released Verizon 2015 Compliance Report “27% of organizations that suffered a data breach in 2014 were compliant with Requirement 1 at the time of their breach.” And, a“there is strong correlation between a badly configured firewall and the likelihood of a security breach”. In this post I’d like to discuss Verizon’s findings and its recommendations to help companies comply with Requirement 1.

Hope to See You at RSA

rsa2015

If you’re going to the RSA Conference in San Francisco next week, make sure to drop by AlgoSec’s booth (2115) and say hello. We’d love to see you!

Secrets of a Successful Firewall Administrator

secret-of-my-success

As business demands increase and network complexity grows, it’s easy—and dangerous—to get overwhelmed as a firewall administrator. With all the security risks facing networks today, the last thing your business needs is for you to be so distracted by the hundreds of little things that pop up each week that you miss the critical responsibilities of your job. Here are some tips to help you manage your day-to-day work that can help you stay on top of the really important things, get more done, and keep your sanity.

Mind the Security Gap – It Is Your Job

08_390X390_icon

It’s no surprise that most security gaps are already known by the security team, but have not been addressed because of other priorities. But claiming that its “not my job” that you don’t have the time to address security gaps is not good enough anymore and isn’t going to hold water when you’ve been breached or when a critical business application suffers an outage –as many CIOs who have recently lost their jobs will testify.

Make Sure Your Security Fits into Your Business

security fit in

Organizations are using a variety of technologies to empower their businesses to run faster and perform better: virtualization, more multi-tenant systems, better application delivery methodologies, and of course – more mobility. But through it all, where does security really fit in? How can you deliver proactive security across so many systems that enables the business rather than hinders it? Here are a few tips from an experienced director of IT.

Common Mistakes and Best Practices for Designing Network Security Zones from Professor Wool

securitymistakes_290

In this new educational video, Professor Wool identifies common missteps when creating security zones, and provides practical recommendations for designing and managing your network for better security and protection.

SaaS and Security: 7 Tips to Help You Assess the Risks

power-sass-multi-device

Most often, when we hear people say that they’re going to “save their data to the cloud” they’re referring to the SaaS (Software as a Service) model. This is a very popular consumer-facing model, normally publicly accessible over the internet. Salesforce.com, Dropbox, and Googe Drive are typical examples of these types of SaaS applications. When…Read More

Finding the Right Notes for Your Network Security: The Trombone Effect

07_390X390_icon

In this latest post in our ‘Mitigating Gartner’s Network Security Worst Practices Blog Series’ we’ll discuss my thoughts on Gartner’s worst practice of “suboptimal branch architecture[1]”. Global organizations today have some big challenges when it comes to figuring out the best architecture for their networks. On the one hand they need to get their applications…Read More

All War and No Play: Align Your IT Organization to Eliminate End-User Frustration

05_390X390_icon

I am a big advocate of examining solutions from both a processes and a tools perspective. Although AlgoSec is a software provider, I am the first to acknowledge that a good tool will not fix a bad process. On the flip side, a good process which can’t be enforced will not go very far either. This blog post examines what you can do from a process perspective to address organizational misalignment.

5 Steps to a Zero Trust Network: From Theory to Practice

zero trust

A Zero Trust network abolishes the quaint idea of a “trusted” internal network demarcated by a corporate perimeter. Instead it advocates microperimeters of control and visibility around the enterprise’s most sensitive data assets and the ways in which the enterprise uses its data to achieve its business objectives. In this webinar, guest speaker John Kindervag,…Read More

You've Just Been Breached...Keep Calm and Make Sure to Lock the Door

keep-calm-and-lock-the-door-22

Breaches are always going to happen unfortunately. In some instances they are caused by negligence or a user mistakes. In other cases there is criminal intent. Either way, there are some absolute musts when it comes to securing your environment: