Follow Us:

Security as a Business Enabler: The Long View, from the trenches

Published on 03/06/15 03:22PM

Enterprise Security, Cloud Security, Service Provider

Much has been said in the last five years about how security “needs a seat at the business table”. When this is uttered by a security professional, usually among other security professionals, everyone typically nods and looks at one another knowingly, as if this is a foregone conclusion. Well, it’s not.

Most security teams are still those thankless security nerds that focus on the compliance checkbox. Why? We provide real value…right? We’re defenders of the univer….errr, enterprise! 

Read More

For Cloud Providers, Security Must Remain a High Priority

Published on 02/27/15 05:23PM

Enterprise Security, Cloud Security, Service Provider, Vertical Series

In this final installment in our series on security issues and vulnerabilities in a variety of industries, we look at cloud service providers. While this might not be an “industry” in the same sense as financial services, healthcare, transportation and retail, it is an increasingly important area of commerce as more enterprises move applications and data into the cloud.

Read More

Insurance Companies Need Strong Security Policies - and Technology

Published on 02/17/15 03:55PM

Enterprise Security, Service Provider, Vertical Series

Many insurance companies are offering coverage for data breaches, and indeed a growing number of organizations are purchasing this type of insurance as hacker attacks become more common.

Data breach or cyber insurance policies are becoming a more vital component of organizations’ preparedness plans, according to a 2014 report by the Ponemon Institute.

Read More

An Overview of Virtualization Security Guidance: Part II

Published on 02/13/15 04:00PM

Enterprise Security, Virtualization

In the first post of this two-part series, I described security guidance regimes and tools while focusing on VMware. In this part, I extend the conversation to include Citrix and Microsoft, and provide some advice that is applicable across platforms.

Citrix distributes a “User Security Guide” that has valuable security information for configuring the platform, but is not a benchmark suitable for audit purposes.

Read More

Telecommunications Industry: Calling for Security Help?

Published on 02/11/15 02:30PM

Enterprise Security, Cloud Security, Service Provider, Vertical Series

Telecommunications is one of those industries that many people take for granted—until service is interrupted for one reason or another. We’re accustomed to being connected, whether it’s through our mobile devices or landline phones at home or in the office.

Businesses as well as consumers are highly dependent on telecom companies and the communications infrastructure they provide, and if their operations are down for any length of time, it wreaks havoc. That’s why the cost of a security breach at telecom’s are high.

Read More

Cloud is Driving Shadow IT Amongst End-users and Datacenter Users

Published on 02/10/15 05:09PM

Enterprise Security, Public Cloud, Service Provider

Not long ago, I presented a webinar on BrightTalk about cloud and BYOD (Bring Your Own Device). In it I discuss how users have myriad options that are outside the control of IT groups – shadow IT. That end-users are using applications powered by public cloud computing isn’t surprising. Most of us, at one point or another, have used web mail to move a file, Evernote to jot-down thoughts, or DropBox to share files.

Read More

Could Industry Follow DoD Cloud Security Lead?

Published on 02/06/15 01:38PM

SMB Security, Enterprise Security, Cloud Security

Even the U.S. Department of Defense admits that cloud security worries shouldn't come in the way of cloud business benefits. In a talk given to industry cloud players last week, DoD CIO Terry Halverson detailed some of the agency's cloud initiatives and explained how the agency is trying to drive more data to the cloud under the simple philosophy that different data carries different levels of risk.

Read More

Anthem breached by remote attack, 80 million records at risk

Published on 02/06/15 10:14AM

SMB Security, Enterprise Security, Cloud Security

Anthem, one of the largest health insurers in The United States, has announced they have been breached. The company has created the web site giving a brief outline of events. While short on details, the Anthem notes, “Anthem was the target of a very sophisticated external cyber attack. These attackers gained unauthorized access to Anthem’s IT system and have obtained personal information from our current and former members such as their names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data. Based on what we know now, there is no evidence that credit card or medical information, such as claims, test results or diagnostic codes were targeted or compromised."

Read More

An Overview of Virtualization Security Guidance: Part I

Published on 01/28/15 06:28PM

Enterprise Security, Virtualization

As virtualization adoption grows, organizations are becoming more attuned to the need to properly configure and lock down virtualization. Virtualization is a complex technology with many facets, and there are numerous types of controls that can be implemented to secure these assets. Most security teams are still developing internal policies and processes to define how virtual infrastructure should be enabled and maintained.

Read More

3 Security Messages CEOs Want To Hear In 2015

Published on 01/22/15 04:17PM

SMB Security, Enterprise Security

As frustrating as it can be for IT leaders and CISOs to struggle with a lack of respect from a CEO and the rest of the C-suite, in many ways they need to look in the mirror to place blame for that situation. As we've discussed in the past here at Business Insights, a lot of the respect issue comes down to ineffective communication.

Read More

Check Out the Latest Resources!

  • White Paper Evolve or Die
  • Security Business Review
  • Executive Brief

Subscribe to our newsletter

Evaluation Security Software