Bridging the Intelligence Gap: Cybersecurity Information Sharing Act of 2015

Information Sharing

A couple of years ago I attended a Cybersecurity symposium in Charlotte, NC at local college campus. The highlight of this symposium was the panel of bank security executives who were there to discuss a major cyber attack which impacted them. In 2012 a malicious cyber group called Al-Qassam launched a major cybersecurity attack called…Read More

How to Avoid a ‘Hotel California’ Security Policy Syndrome


Change is the one constant in network operations and security.  Business applications are always in a near constant state of flux – regularly being updated or migrated – which in turn means constant additions and updates to security policies and firewall rules. As a result, security policies become bloated. The problem is made even worse as…Read More

Don’t Neglect Your Internal Firewalls and Network Segments

Firewalls and Network Segments

In terms of attention, it seems that external firewalls see the most action. After all, they’re out there defending the enterprise from all things the Internet can throw at them. Reflecting inwards, toward the core of the network, things are a bit more calm – and trusted. If network traffic is internal, it must be somehow “good”…Read More

Host-based or Network-based Firewalls: Which Is the Right Option for Cloud Security?


Firewalls are the cornerstone of security controls – and public or private cloud deployments present organizations with two main options for deploying firewalls: host-based firewalls or network-based protection. So which is better? Here, we will examine both options, and the capabilities of each.

How to Take a Pragmatic Approach to Security Across Your Hybrid Cloud Network

PNG_Hybrid Cloud Environment B

How we think about and architect network security has stayed fairly constant for quite some time…..until we moved to the cloud. Please join our next webinar next Tuesday, November 17 at 10am PDT/1pm EDT, where Rich Mogull, Analyst and CEO at Securosis and Nimmy Reichenberg, VP of Strategy at AlgoSec will explain how cloud network security is different, and how to pragmatically manage it for both pure cloud and hybrid cloud networks.

4 Nasty Gremlins Hiding in Your Network


In honor of Halloween, I’d like to highlight some of the threats hiding within our security policy. If not fixed right away, these nasty little gremlins may come out to play when you least expect them to. Here are a few places to search for these ghouls and some ways to protect yourself from them.

Are You Scared of the Zombies on Your Network?


With Halloween approaching, it’s a good time to talk about hunting zombies – not the walking undead kind, but rather those outdated, obsolete or unknown business applications that are wandering around your IT estate, consuming resources, bandwidth and money like their counterparts consume flesh.

Privacy In-Depth Top 10


Boundaries that were once present with technology have dissolved leaving an open field of limitless possibilities. The internet is the single largest shared resource on the planet. At the same time someone can reach you in ways and from places that you would never think of, good and bad. Your data and its privacy is quickly becoming no longer private. How do we share personal data safely, and when should we not share anything. I call this my Top 10 list of things you should do or not do to protect your data privacy.

5 Top Firewall-Related Compliance Gaffes


Compliance – it’s that dirty word that any free-thinking IT professional hates to hear. But like it or not, compliance is a reality of doing business today. One of the biggest problems that I see related to compliance is how it’s treated like a checkbox. Firewall? Check! Access controls? Check! Encryption? Check! And so on. In many cases, the people checking these checkboxes are completely disconnected from the actual firewall administration function and security altogether. The mode of operations is: So and so says that the firewall is secure, so we’re good to go. Not so fast – reality’s not that simple!

What's Your Take on Using Automation in Security?


We’re kicking off our next industry survey. This one aims to uncover trends and best practices when using automation in your security processes. It’s short – only 11 questions – and should only take you 5 minutes to complete, so please complete the survey now!

Tips to Help You Prepare for IPv6


With the explosion of the Internet of Things many organizations are now in the planning stage for adding support for the IPv6 network protocol. However, even with its benefits, organizations still need to approach the switch to IPv6 carefully in order to maintain a strong security posture, and avoid introducing vulnerabilities to their networks. Here are three key steps to help prepare for a successful transition.

10 Best Practices to Help You Prepare for a Cyber-Attack


With all the recent cyber-attacks making front page news, you’re probably wondering how you’d deal with a similar breach at your company. While there are many articles and blog posts about the latest and greatest technologies that can help you detect and prevent cyber-attacks, there are also many practical steps you need to put in place. In honor of Cyber Security Awareness month, here are 10 best practices to help you prepare for or quickly address a cyber- attack.