By: - Dir. Solutions Marketing

Ain’t No Style Points in Infosec

February 19th, 2014

It’s Winter Olympics time. I love watching them, especially safely ensconced in the American Southwest where we don’t have to deal with the snow and ice associated with the winter sports. Speed skating, (real) Biathlon, Hockey, Downhill and XC skiing, and all the rest of it. But my friend the sports curmudgeon complains about sports that rely on […]

By: - Information Security Reporter


Compliance Is Bad for Security

June 18th, 2013

There are two separate approaches to keeping data safe: compliance and security. The first is a legal/regulatory obligation; the second is not. If you ask a compliance author, whether that’s a government legislator or a bureaucratic regulator, what is the purpose of compliance, the reply will be ‘to ensure security.’ If you ask the same […]

By: - Dir. Solutions Marketing

Market Impact of a Data Breach

May 13th, 2013

In my Changeup post the other day, I mentioned that my colleague Paul Henry had saved an organization an estimated $10M (or roughly 15%) in market cap by showing that an intrusion had no material impact. That got me to thinking: what *is* the typical market impact of a breach? And furthermore, how good are […]

By: - Former Chairman and CEO, Lumension


Not reporting a data breach – your reputation may suffer but what about your pocketbook?

July 23rd, 2012

How would you feel if a restaurant, hotel or retailer knew your information had been compromised, but you didn’t find out until fraudulent charges started appearing on your credit card? Or if a company you had invested tens of thousands of dollars in didn’t let you know that it had suffered a data breach? Not […]

By: - Dir. Solutions Marketing

By the Numbers: US Healthcare Data Breaches

July 12th, 2012

The last time we looked at healthcare data breaches was a couple of years ago, so I thought maybe we should take another look. A listing of breaches of unsecured protected health information (PHI) affecting 500 or more individuals is maintained, as mandated by the HITECH Act, by the US Department of Health and Human […]

By: - Dir. Solutions Marketing

Vermont Updates Data Breach Notification Laws

June 13th, 2012

Updates to the Vermont Data Protection and Breach Notification laws came into effect in May 2012. As readers of my posts know (yo G!), although I seem to play one in this blog, IANAL. With that said, since these laws seem to cover any business in the US and beyond, you should take a quick […]

By: - IT Security Expert

Security vs. Operations

April 18th, 2012


Time and again, we’ve heard IT teams lament over how security continues to challenge the operational aspects of an organization. And these issues will not likely resolve themselves. While there isn’t a silver bullet that will “fix” this situation, there are best practices that will definitely improve security and increase operational efficiency. For some tips, we […]

By: - IT Security Expert

Security and Operations: Back to the Basics

April 12th, 2012


We’re back with part II in our podcast series on security versus operations with Mike Rothman, president and analyst with Securosis. In this post, Mike and I will discuss getting back to the basics of endpoint security, as small and mid-size organizations should not even consider employing in-depth cyber security measures until they have the […]

By: - Sr. Director Solutions and Strategy


A 2011 RSA Security Conference Retrospective – Vendor Buzzword Analysis

February 21st, 2011

The 2011 RSA Security Conference came to an end last week, and this year, the most memorable thing for me was the San Francisco dim sum.  I didn’t see or hear anything ground breaking on the exhibit floor, but there were definitely a few notable shifts on the “security buzzword” scene. From my perspective, “compliance” […]

By: - Dir. Solutions Marketing

Critical Infrastructure Protection

July 8th, 2010

Last week I participated in an interesting roundtable discussion with Michael Rasmussen from Corporate Integrity and my fellow blogger Paul Henry. We were discussing how to secure the nation’s critical infrastructure – a topic which is relevant to organizations which own or operate critical infrastructure (which, according to the 2009 National Infrastructure Protection Plan (PDF), […]

By: - Former Chairman and CEO, Lumension


Lessons from the Road…Tokyo, London, Sydney: Part II

June 23rd, 2010

As I mentioned in my last post, after quite a bit of overseas travel recently, I observed a few trends that apply globally – at its core, what trends are driving technology trends in IT environments, today? In addition to the platform-centric approach being firmly planted both here and overseas and the efficiency of agents […]

By: - Former Chairman and CEO, Lumension


Lessons from the Road…Tokyo, London, Sydney: Part I

June 16th, 2010

A few things I learned while on the road in the past couple of weeks: 1.    The platform-centric approach is firmly planted both here and overseas; 2.    The efficiency of agents on the endpoint is increasingly under the microscope; 3.    Application whitelisting is truly hitting a global tipping point; 4.    Compliance costs continue to be […]

By: - Former Chairman and CEO, Lumension


Whitelisting: Fill in the Gaps Where Traditional Efforts have Failed

May 27th, 2010

You’ve probably heard about three recent security-related events that attracted lots of attention. In January, Google announced that it suffered a “highly sophisticated” and targeted hacker attack—originating from China— against its corporate network. In April, an ill-fated false-positive antivirus signature was pushed out that accidentally removed a key part of Windows from machines. And a […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


The Case for Endpoint Operations and Endpoint Security Convergence

May 24th, 2010

Ask any IT administrator where their greatest security risk lies and they will tell you it’s at the endpoint. The endpoint has expanded well beyond a desktop to include mobile devices, which allow greater user flexibility and productivity but also increase security risks to your network. Data that once resided on secure centralized servers (and […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


Waving The Red Flag—Are you Ready for Another Regulation?

May 18th, 2010

More than six years after President Bush signed the Fair and Accurate Credit Transactions Act of 2003 (FACTA), it appears that the Federal Trade Commission (FTC) is finally ready to put the hammer down on the long-delayed Red Flags Rule provision of the law. Designed to prompt businesses that extend credit to customers to pay […]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us