By: - Technology Reporter

@jleclaire

After Target Breach, How Can You Ensure Vendors Aren’t Your Weak Link?

February 20th, 2014

Shocking. That’s one of the best words to describe the feeling among many retail industry watchers when the root of the massive Target breach was determined to be an HVAC contractor. Indeed, news headlines continue to examine all aspects of the story, from the $200 million it cost to replace credit cards, to reports of […]



By: - Dir. Solutions Marketing

Ain’t No Style Points in Infosec

February 19th, 2014

It’s Winter Olympics time. I love watching them, especially safely ensconced in the American Southwest where we don’t have to deal with the snow and ice associated with the winter sports. Speed skating, (real) Biathlon, Hockey, Downhill and XC skiing, and all the rest of it. But my friend the sports curmudgeon complains about sports that rely on […]



By: - Former Chairman and CEO, Lumension

@pclawson

Social Media: the Bad Guys’ Perfect Playground

October 1st, 2013

October marks the 10th anniversary of National Cyber Security Awareness Month, a public education campaign spearheaded by our colleagues at the National Cyber Security Alliance. It’s somewhat disheartening to consider the lack of progress made in cyber security over the last 10 years; cyber criminals continue to wreak havoc stealing personal identities, corporate IP, and […]



By: - Former Chairman and CEO, Lumension

@pclawson

Advice for the Incoming DHS Secretary

September 12th, 2013

A few weeks after retiring Department of Homeland Security Secretary Janet Napolitano gave a farewell speech, we are still unclear on her replacement unfortuntely. In that departure speech, Napolitano advised her successor “You will need a large bottle of Advil.” Given the DHS Secretary is responsible for dealing with everything from natural disasters to terrorists attacks, […]



By: - Sr. Pre-Sales Technical Consultant ANZ, Lumension

Google Password Insanity?

August 27th, 2013

Reported as a security flaw in Google Chrome by The Guardian in early August, passwords saved in the browser could be easily accessed by someone other than you. And we have advised Optimal Security readers to stop saving passwords in the browser. While good advice for sure, we should also concern ourselves with physical security. […]



By: - IT Security Expert, Author

@stiennon

Three Lessons Learned From the NSA’s Use of Big Data and Security Analytics

August 14th, 2013

Security analytics is the term being applied to the new methods being developed to counter sophisticated targeted attacks. The idea is simple but implementation requires skill sets that have yet to be acquired by most organizations. Gather as much data as possible, apply filters derived from security intelligence, and identify attacks in progress or already […]



By: - Dir. Solutions Marketing

Beware of the Crapper Hacker

August 5th, 2013

News late last week from Trustwave of a security vulnerability in a new line of Japanese toilets. And while funny in its own way, it does serve as a warning for manufacturers and consumers alike as we move into an even more connected world. As everyone probably knows, Japanese toilets are a modern technological marvel. […]



By: - Dir. Solutions Marketing

Whitehat Lessons from $300M Cyber Crime Spree

July 30th, 2013

By now you’ve read about the new indictment of five hackers from Russia and Ukraine in what is being called the “largest data breach scheme in the US.” You can read the DOJ press release here and/or a redacted copy of the indictment here [PDF]. In what is really a continuation of the Albert Gonzalez […]



By: - Dir. Solutions Marketing

Infosec Haiku

July 28th, 2013

Anata no joho sekyuritei konshu no haiku My bank emails me. Click! I type in my password. Where has my cash gone?   ### Notes ### * This week’s haiku courtesy of Mr. Andy Sands. * Thanks to Ms. Etsuko vdH for the translation. * Thanks to everyone who’ve contributed their haikus … watch this […]



By: - Former Chairman and CEO, Lumension

@pclawson

Hacking the Hacker: The Downside to Vigilante Justice

July 2nd, 2013

Imagine you woke up one morning to find all of your possessions gone. Someone broke into your house in the dead of night and stole all of your things. You don’t know how they did it or who it was, but the fact remains: your stuff is gone. You might step outside, see the broken […]


By: - Dir. Solutions Marketing

Infosec Haiku

July 1st, 2013

Anata no joho sekyuritei konshu no haiku July 4th – Hurrah! But Cybercrime Does Not Rest Beware of Phishing   ### Notes ### *  Thanks to Ms. Etsuko vdH for the translation. *  Thanks to everyone who’s contributed their haikus … watch this space to see if yours is published. *  Submit Your Own … […]


By: - IT Security Expert, Author

@stiennon

Procedures and Policies Without Controls Are Meaningless: Lessons for the NSA

June 25th, 2013

Note to security clearance holders: The following post contains no links to secret documents. As the carefully orchestrated stream of leaks from Edward Snowden are published in The Guardian, we have learned first of the massive scale of US (and now UK) data and communication surveillance. Top Secret/NoForn documents were also published that spelled out […]


By: - Information Security Reporter

@kevtownsend

Compliance Is Bad for Security

June 18th, 2013

There are two separate approaches to keeping data safe: compliance and security. The first is a legal/regulatory obligation; the second is not. If you ask a compliance author, whether that’s a government legislator or a bureaucratic regulator, what is the purpose of compliance, the reply will be ‘to ensure security.’ If you ask the same […]


By: - Forensics and Security Expert

@phenrycissp

Near Real-Time Threat Intelligence in the Cloud

May 30th, 2013

Microsoft announced this week they will host known botnet malware infection information and other threat data in their Azure Cloud. This move will enable near-real-time threat data sharing and inarguably, this is a step in the right direction in our fight against the bad guys. ISPs and CERTs have received threat data via email from Microsoft […]


By: - Former Chairman and CEO, Lumension

@pclawson

Big Brother is Listening Too – Are Journalists Sitting Ducks Part II

May 29th, 2013

Since writing “Are Journalists Sitting Ducks?” a few months back in response to the New York Times being targeted by Chinese hackers, several more high profile news organizations have been hacked including The Onion, AP, Financial Times and BBC. It’s apparent this trend is not going away any time soon. To add insult to injury, […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com