Post 3 – What keeps CEOs up at night?
As a CEO, getting a good night’s sleep is harder and harder these days. We used to worry about competition, labor problems, regulatory issues, financing issues, sales and, if our company was public, our stock price. In the 21st century there is a new worry – […]
Two years ago I was standing in front of a group of security geeks in Santa Barbara for BSides LA talking about the sophisticated tools that most network engineers use — like “ping” and “traceroute” and even Excel — and about how the broad range of tools available typically didn’t get used in a primordial […]
The design and implementation phases of JRSS and JIE will, very likely, receive a significant amount of scrutiny from Information Assurance (IA) to ensure that numerous standards and guidelines are followed. The goal of this scrutiny is to obtain an Authorization to Operate (ATO). There are many different components of the IA process and developing […]
The phase between design and implementation for JRSS and JIE is critical. During this phase the most important thing is to have full visibility of the entire JIE infrastructure, even before it is migrated. RedSeal provides the bridge mechanism needed during this critical assessment phase.
Visualization can lead to deeper understanding of the current behavior […]
On Wednesday, August 20th, UPS announced that a breach may have compromised customer data during up to 105,000 transactions between January and August. While UPS is to be commended for coming forward so quickly, this breach underscores the truth that organizations with highly sophisticated and advanced capabilities in information technology aren’t inoculated against breaches. It […]
Defense in depth is a term and idea that is not new to the information technology world. A classic implementation at the network level of defense in depth is segmentation, or building enclaves. In certain cases, segmentation was taken to an extreme level, resulting in massive decentralization of computing environments. Unfortunately this decentralization does not […]
The first and arguably most critical step in any data center consolidation or migration is to first understand what you have. Most complex or large-scale networks have grown so rapidly over the years or decades that there is no clear picture of the functioning system. As the opportunity to refresh large-scale global infrastructure becomes available […]
The United States Department of Defense Joint Information Environment (JIE) began to take shape in 2010, as part of efficiency initiatives to consolidate Defense IT infrastructure and generate savings, provide full situational awareness across all defense networks, and improve the Department’s ability to share information between the services and with its industry partners and other […]
The discussion of cyber security is finding its way into the board room. Everyone has read about a breach like the ones at Target, or Neiman Marcus, or Sony. They also probably now have the word “Heartbleed” in their lexicon whereas six months ago most people would have thought this was a medical condition. Directors […]
Today, TrendMicro announced their discovery of Emmental, proof that “…online banking may be full of holes.” The focus of the attack is on users of online banking, and it, like many of the current attacks, starts with a phishing attack on consumers. The New York Times Bits Blog covered the report, as well, providing a […]