Nimmy Reichenberg
Nimmy Reichenberg heads global marketing for AlgoSec and surprisingly actually understands what he markets. Originally a software engineer with security focus, Nimmy designed and developed security products before switching over to the dark side and becoming a marketeer. Nimmy has published several articles in security publications such as SC Magazine and ISSA journal and has spoken on various security topics in leading security conferences.

When he is not brainwashing you to buy AlgoSec products, Nimmy can be found Kite Surfing at the nearest beach where the wind is blowing over 15 knots, and spending time with his wife and baby boy.

Conversation with a CISO on Networking and Security Trends

security cloud

security cloudI recently had the opportunity to sit down with Conrad Menezes to discuss some of the current and future networking and security trends and challenges facing organizations. Conrad held senior executives roles spanning both security and networking at companies such as Sears and American Express.  In our conversation, he provided some great insight on topics such as the modern threat landscape, dealing with application overload in the data center and what software-defined-networking (SDN) can mean for organizations.

Read more on Conversation with a CISO on Networking and Security Trends…

Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: The Final Chapter (Part 4 of 4)

maturity model level 4

maturity model level 4In our final post on the security policy management maturity model (if you've missed the others in our series, please check out Part 1- Initial, Part 2- Emerging and Part 3- Advanced), we look at the best-in-class or "Visionary" organization. An organization at this level takes a different approach to looking at its security infrastructure. Instead of looking at devices from strictly a firewall/security perspective, visionary organizations are making decisions from the perspective of critical business applications in the data center. All key stakeholders across security, network operations and application teams have visibility of the business requirements and the security implications and are aligned through streamlined and automated business processes. Characteristics of an organization taking an application-centric approach include:

Read more on Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: The Final Chapter (Part 4 of 4)…

Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 3 of 4

maturity model level 3

maturity model level 3In my previous post on the security policy management maturity model, we examined what an Emerging organization (level 2) looks like. Steps to automate security policy analysis and audits were implemented, but the security policy was only optimized, compliant, etc. at a point-in-time, because changes continue to introduce risk and policy bloat.

Read more on Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 3 of 4…

Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 2 of 4

maturity model level 2

maturity model level 2In my previous post on the security policy management maturity model, we examined level 1, or the Initial level, which means you're either not managing security policies at all or are at an extremely basic level that is fully manual. If you took some of the tips to heart regarding policy analysis automation, then you may now be at Level 2, or what we refer to as an Emerging organization.

Read more on Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 2 of 4…

Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 1 of 4

security management maturity model level 1

security management maturity model level 1In my first post on the Security Policy Management Maturity Model, I highlighted the challenges of network and security complexity and dynamic business requirements that must be addressed by IT in order for the business to remain competitive. In the forthcoming blogs, I’ll dig into each level of the maturity model and not only examine what each level means in terms of your organization’s environment, but also provide some tips for moving up the ladder and the benefits for doing so.

Read more on Security Policy Management Maturity Model and the Benefits from Moving Up the Ladder: Part 1 of 4…

Examining the Security Policy Management Maturity Model

maturity model

maturity modelDoes the following scenario sound familiar? Your network complexity is getting out of hand with too many firewalls, routers, switches, secure web gateways and more, as well as the related security policies. New network security devices with more granular and different types of controls have recently been or are being deployed in the network. At the same time the business is putting more demands on you to manage "ASAP" with requirements changing regularly. You don't have proper visibility of the security policies, compliance audits are a major burden, you can't keep up with all of the changes and you can't possibly know the impact of a security change or risk to a application that is critical to the business.

Read more on Examining the Security Policy Management Maturity Model…