This Week's Gurus

The past few weeks has seen plenty of conversation about a $45 router that was barely half the size of your hand.   Named Anonabox, it achieved early success due to an appearance in Wired and the promise of up to $600,000 in crowd-sourced funding via Kickstarter, 82 times its original $7,500 goal. However the wheels soon fell off the hype, as flaws were discovered in the box and its promise of anonymity and security...

Read more

Herbert “Hugh” Thompson has become well known in the industry, mainly for his work as the programme committee chairman at RSA Conference, but I recently had the opportunity to talk to him with his Blue Coat hat on, about the move to protect against evolving and sophisticated threats.   Blue Coat announced the launch of an advanced threat protection suite earlier this year, tapping into technology acquired from Norman Shark last year. I asked Thompson...

Read more

It's around six months since the initial guidelines for the third version of the PCI data security standard were published. What caught my eye were the introduction of penetration testing factors and requirement 12 to “ensure that the security policy and procedures clearly define information security responsibilities for all personnel”. An interesting study appeared afterwards from Verizon, who ahead of their data breach investigations report, released some interesting statistics around PCI DSS compliance. Report author...

Read more

Cyber security woes continue to burden the minds of organisations of all sizes. This has been further exemplified by the announcement from C5 Capital to launch the first cyber security-focused venture capital fund in Europe, as concerns about leaks and digital technology securities grow. The London-based firm is looking to raise $125 million to invest in security and data companies in Europe, and highlights that the cyber security threat has certainly become a boardroom issue....

Read more

Risk management, policy, compliance and the rest of the 'boring' parts of where security collides with business, are all incapable of generating their own atomic metrics of results.   Speaking to security analyst Conrad Constantine, he said that these areas are “just conjecture”, as formalised security monitoring and response can generate detailed metrics for all these processes.   He said: “Do you have a security policy? Are you monitoring for violations of that policy in...

Read more

In the delivery of IT services to large customer (B2C) communities the challenges for identifying users, securing their access and managing the ongoing digital relationship that a customer has with the business are continually evolving.   Market drivers today mean that Identity and Access Management (IAM) solutions need to fulfill more than their traditional role of establishing security controls and meeting compliance obligations alone. New IAM solutions must satisfy a broad range of delivery criteria...

Read more

Now more than ever, it’s important to be compliant with industry and government regulations. For the last several years, governments and industry groups on both sides of the Atlantic have been increasing the level of regulation for organisations, forcing them to prove that they have the proper controls in place. What happens if an organization doesn’t comply with security rules? They could be subject to expensive fines: breaching the Payment Card Industry (PCI) security standards...

Read more
Page 68 of 68 1 67 68