Entries Tagged as 'Adaptive Security Infrastucture'
by Neil MacDonald | June 23, 2011 | Comments Off
I’m here at the Gartner Information Security summit on the fourth and final day. We had a record number of attendees – at least 1700 by my estimate. Attendees have the ability to book one on one conversations with the analysts and my schedule was completely full. One of the conversations with a client was [...]
Category: Information Security Next-generation Security Infrastructure Virtualization Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Next-generation Security Infrastructure, Security-Summit-NA, Systematic Workload Reprovisioning, Virtualization Security
by Neil MacDonald | June 17, 2011 | 3 Comments
One of the toughest problems in information security is addressing advanced intrusions that have bypassed traditional security controls and now reside undetected on enterprise systems. With financially motivated attacks and state-sponsored “advanced persistent threats” both on the rise, intrusions can remain undetectable for extended periods of time. We have reached a point where our systems [...]
Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, APTs, Beyond Anti-Virus, Defense-in-Depth, Next-generation Security Infrastructure, Security-Summit-NA, Virtualization, Virtualization Security, Windows
by Neil MacDonald | June 16, 2011 | Comments Off
It sounds counterintuitive, but today’s advanced threat environment requires new approaches to the ongoing security and management of server and desktop workloads. The trouble with Advanced Persistent Threats is that, by definition, they have evaded our traditional network and endpoint security controls and now reside undetected in our IT Systems. How many advanced intrusions will [...]
Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Virtualization Security Tags: Adaptive Security Infrastucture, APTs, Beyond Anti-Virus, Defense-in-Depth, Next-generation Security Infrastructure, Security-Summit-NA, Virtualization, Virtualization Security
by Neil MacDonald | May 31, 2011 | 3 Comments
The term “trust” is too binary for the world of business and IT we are moving into. Trust sounds black and white / all or nothing. Either I trust you or I don’t. The reality is far more complex and a world of information security decisions based on shades of grey, not black and white. [...]
Category: Cloud Cloud Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Cloud Security, Context-aware Security, Information Security, Security-Summit-NA
by Neil MacDonald | April 27, 2011 | 3 Comments
I’ve made the argument before that complete information security protection requires a combination of prevention and detection. Further, I believe we have overinvested, become overly reliant on and dangerously complacent with our preventative capabilities. The result is we are exposed and are woefully underinvested in our detection capabilities. At first, my assertions may sound counterintuitive. [...]
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Cloud Security, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Security-Summit-NA
by Neil MacDonald | April 12, 2011 | Comments Off
We talk about the need for analytics and business intelligence to help the business make better business decisions, It is time to bring this same technology to the information security department. What we need is actionable, prioritized and risk-based insight from this sea of information. I’ll take it a bit further. There are some emerging [...]
Category: Cloud Security Next-generation Security Infrastructure Security Intelligence Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Cloud Security, Defense-in-Depth, Next-generation Data Center, Next-generation Security Infrastructure
by Neil MacDonald | April 5, 2011 | Comments Off
This sounds exactly like what I wrote here and here. However, this quote isn’t mine. This quote comes from Deborah Plunkett who head the US National Security Agency’s Information Assurance Directorate. Deborah is quoted in this article on Reuters: “The most sophisticated adversaries are going to go unnoticed on our networks. We have to build [...]
Category: Beyond Anti-Virus Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Cloud Security, Defense-in-Depth, Information Security, Next-generation Security Infrastructure, Virtualization Security
by Neil MacDonald | April 4, 2011 | Comments Off
I recently had the opportunity to kick off a summit in Washington DC on the topic of Advanced Persistent Threats along with a number of other speakers representing different technologies and services that could be used to prevent or identify advanced intrusions. Here are my observations from the summit: 1) APT is first and foremost [...]
Category: Beyond Anti-Virus Information Security Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Best Practices, Beyond Anti-Virus, Defense-in-Depth, Information Security, Whitelisting
by Neil MacDonald | March 1, 2011 | 1 Comment
As I walked the exhibit hall floor at RSA, I couldn’t help but notice the large numbers of vendors talking about the need for improved detection capabilities and security intelligence that provides actionable insight as to what is going on in our IT infrastructure. Complete protection requires both prevention and detection capabilities. I’ve blogged about [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Security Intelligence Tags: Adaptive Security Infrastucture, Defense-in-Depth, Endpoint Protection Platform, Next-generation Security Infrastructure, Reducing Cost
by Neil MacDonald | February 17, 2011 | Comments Off
I’m here at the RSA conference in San Francisco this week and attended the keynote yesterday afternoon given by Tom Gillis of Cisco. Although full details of the new SecureX architecture weren’t given, context-awareness was the lead message. I’ve been talking about the need for context-aware and adaptive security for quite a while. In this [...]
Category: Cloud Security Next-generation Security Infrastructure Virtualization Security Tags: Adaptive Security Infrastucture, Next-generation Security Infrastructure, Virtualization Security
