Gartner Blog Network

Tag: 'best-practices' Blog Posts

from the Gartner Blog Network

Providing Value in an Analyst Relations Role

by Todd Berkowitz  |  August 6, 2014

I've had several recent inquires from clients, particularly ones that are larger in size, around the topic of Best Practices in Analyst Relations. It's a topic I've been meaning to...

Read more »

This Just In: Signature-based Protection Ineffective Against Targeted Attacks

by Neil Macdonald  |  January 31, 2013

  Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: According to the article: Over the course of three months,...

Read more »

Virtual Firewalls or Physical? Wrong Question.

by Neil Macdonald  |  November 5, 2012

I still see people getting bogged down in rather meaningless arguments as to whether or not firewalls will be virtualized. They will (and, in fact, are). The bigger trend is...

Read more »

Intrusion Prevention Systems? We Need Intrusion Resilient Systems

by Neil Macdonald  |  February 3, 2012

I’ve blogged before about advanced threats that easily bypass our traditional protection mechanisms and reside undetected for extended periods of time on our systems. On one of the panels I...

Read more »

Link Web Application Firewalls to Dynamic Application SecurityTesting Tools

by Neil Macdonald  |  January 9, 2012

I called this a “security no brainer” years ago and the advice is absolutely still relevant today. In Gartner’s latest Magic Quadrant for Dynamic Application Security Testing (DAST) solutions for...

Read more »

The Single Most Important Way to Improve Endpoint Security

by Neil Macdonald  |  August 23, 2011

Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove...

Read more »

Protecting Intellectual Property in Source Code Requires a Two Prong Strategy

by Neil Macdonald  |  August 5, 2011

I had a discussion with a client today looking to protect sensitive intellectual property in their source code. I discussed two primary areas of risk: 1) that the developers (some...

Read more »

Some Thoughts on RSA SecurID Risk

by Neil Macdonald  |  June 9, 2011

On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011...

Read more »

Four Security Breaches, Four Security Lessons

by Neil Macdonald  |  May 23, 2011

There’s been a bunch of highly publicized attacks recently. Each one has a major lesson for information security. 1) Barracuda’s breach Major lesson: Test all of your web-enabled applications for...

Read more »