Blog Posts Tagged with "IT Security"


The Resilient Enterprise: Learning to Fail Part 2

June 25, 2012 Added by:Rafal Los

Failing with the support of a DevOps tribe can lead to a more resilient enterprise and ultimately better enterprise security. In the following few sections we're going to take a look at combining tools, processes and the tribe mentality to solve some otherwise ugly problems - and come out the other side...

Comments  (0)


The Resilient Enterprise: Learning to Fail

June 22, 2012 Added by:Rafal Los

If the agile enterprise is to become a reality, not just something we talk about and write books about, then it needs to be a core ideal, served by every technical and non-technical function and products and services to enable that core ideal. The road to the agile enterprise starts with an awakening to DevOps...

Comments  (0)


The Resilient Enterprise: Taming Chaos with Automation

June 20, 2012 Added by:Rafal Los

Whatever the incident or failure, the system can detect and respond in an automated fashion as long as its within the realm of known things. When things fail or break in a new way that has never been seen before, the system will take corrective action to restore service to the best of its ability...

Comments  (0)


Misunderstanding Trust

June 20, 2012 Added by:Kevin W. Wall

I thought that most of the properties of trust were obvious, but was surprised to see someone in security quote a Microsoft software developer that “trust is not transitive”. Apparently there are still software and security engineers who misunderstand trust. I will attempt to clear up this misunderstanding...

Comments  (2)


Stability is Bad for Your Business

June 19, 2012 Added by:Rafal Los

In really re-evaluating what my whole push behind enterprise resiliency is all about - I've come to realize that the stability / resiliency tradeoff is actually quite intuitive, it's just that not many of us were taught to think this way. What we're really saying is that stability is bad...

Comments  (0)


Do You Really Need a CISO to Have Security?

June 17, 2012 Added by:Rafal Los

In the analysis of it, every organization needs to have someone responsible for the technology-based risk or security of the organization. Whether that's the Technology Manager, the CISO, or the "IT guy". I just want to see better security, more resiliency, and less technical risk....

Comments  (6)


Forecast 2012–Enterprise Cloud Best Practices Panel

June 11, 2012 Added by:Ben Kepes

Some cloud vendors are engaged with IT and following a top down adoption approach while others are aiming for a more viral bottom up adoption. What issues do these different approaches raise and how do we navigate this path while ensuring agility and compliance?

Comments  (0)


Keeping Technology Staff Honest

June 05, 2012 Added by:Jayson Wylie

Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...

Comments  (0)


Operation Olympic Game, Project X and the Assault on Security

June 04, 2012 Added by:Richard Stiennon

The IT security industry has found a new threat actor: The United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response. The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry...

Comments  (0)


Conferring about Security Conferences

May 30, 2012 Added by:Wendy Nather

There's a great discussion going on right now on Twitter about what's wrong with security conferences: Do we have too many? Are they focusing on the wrong things? Even if the hot topics are nominally the same, the perspectives and timbre of discussions will be very different...

Comments  (1)


IT Security: Preventing Insider Threats

May 24, 2012 Added by:Robert Siciliano

An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...

Comments  (0)


Security: Back to the "Made in the USA" Tradition

May 23, 2012 Added by:Jayson Wylie

The US government’s Department of Defense had, and may still have, issues with counterfeit components being procured and used in military weapons, vehicles and equipment. It’s a national security issue when the supply chains are compromised by weaknesses and scams...

Comments  (0)


How to Secure Patient Data in a Healthcare Organization

May 23, 2012 Added by:Danny Lieberman

If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”

Comments  (0)


A Meandering Rant on Sexism in Security

May 22, 2012 Added by:Jack Daniel

The depressing “booth babe” situation is an ongoing embarrassment. In the right contexts, I have nothing against attractive people, fast cars, or other things normally used to sell cheap beer - I just don’t believe that tech and security events are the correct contexts...

Comments  (2)


The Absurdity of Cloud Computing and Hosted Services

May 12, 2012 Added by:Dan Dieterle

Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?

Comments  (7)


Understanding Trust

May 06, 2012 Added by:Kevin W. Wall

In computer security, we should strive to make all trust relationships explicit and leave nothing to chance or misinterpretation. That's one key step in defining a trust model. At its core, information security is largely about the two goals of “ensuring trust” and “managing risk”...

Comments  (4)

Page « < 1 - 2 - 3 - 4 - 5 > »