A New Security Paradigm: HCIA
(Ed. Note: I’ve updated this post to incorporate some great feedback I’ve gotten on it already. I may well do so again to keep it fresh, as I expect to refer to this concept a lot…) In a recent post, I...
View ArticleSecurity, Visibility, Privacy: Pick Any Two?
Is it possible to have security and privacy? The question has been brought to a head recently, with the intense backlash to the US Transportation Security Administration’s more assertive passenger...
View ArticleSecurity in the Era of Big Data
A lot of ink (digital and otherwise) has been spilled over Wikileaks this year, but there is one central aspect of the recent “cablegate” case that I wonder if we really get in infosec: Simply put,...
View ArticleThe Rise of Data-Driven Security, Part 2: Data Sources and Emerging Data Markets
In my last post, the first in this series, I talked about how recent vendor trends highlight the rise of data-driven tactics for defense. This is just one of three major aspects of data-driven security...
View ArticleThe Rise of Data-Driven Security, Part 4: The Case for the Fourth Paradigm
When I first cut my teeth in IT security some years ago, I was a systems administrator for a division of the University Corporation for Atmospheric Research, the parent of the National Center for...
View ArticleThe Rise of Data-Driven Security, Part 5: Synthesis Platforms
(Ed. note: After too long a hiatus, I wanted to round out this series that began here and continued here, here and here. This will certainly not be the end of my coverage of data-driven security,...
View ArticleBeyond SIEM: IBM-Q1Labs, McAfee-NitroSecurity and Changing Perceptions of...
This morning, a pair of announcements were made in the same space: IBM and McAfee are both making acquisitions in security information and event management (SIEM); IBM of Q1Labs, McAfee of...
View ArticleSecurity in 2013: Intelligence, Coordination and Integration (and Will We Get...
I’ve happily managed largely to avoid getting entangled in the New Year’s ritual of security predictions, since these can, frankly, be fairly boring. But for those who expect such, here you go:...
View ArticleSecurity in 2013: The “Productization” of Big Data
(UPDATE: This week, both IBM and EMC’s RSA Security Division announced new Big Data initiatives in security. More to come on this front…) In my last post, I noted that I expect intelligence and the...
View ArticleSecurity in 2013: Intelligence, Integration…and the Integration of Intelligence
In my last post, I talked about the frustration that enterprises have with the lack of integration among security tactics – an egregious gap attributable in no small way to the extremely fragmented...
View Article
More Pages to Explore .....