By: - Dir. Solutions Marketing

Information Aversion – The Ostrich Effect

July 30th, 2014

Are we hurting our cause when we describe, in gruesome detail, the potential outcomes of a data breach or other IT security breach? Are we inadvertently pushing real security further off when we chase on the latest whiz bang technology instead of focusing on making steady progress? That’s what came to mind when I recently […]

By: - Former Chairman and CEO, Lumension


Test of our Bulk Power System, GridExII, Kicks Off Tomorrow

November 12th, 2013

On November 13-14, the North American Electric Reliability Corporation (NERC) will host a Grid Security Exercise, called GridExII, with Electricity Sub-sector entities across the U.S., Canada and Mexico. The goal is to simulate both a cyber-incident and physical attack for the purposes of testing organizational readiness and response. Some pretty good movies have been made […]

By: - Dir. Solutions Marketing

Changeup Information Sharing

May 6th, 2013

We were talking with the CIO of a major healthcare company the other day who told us that his day had gone sideways because of the re-emergence of the ChangeUp worm / Trojan. This was news to me. I mean, yes, I’m a little behind in my reading, but I’d not heard much about ChangeUp […]

By: - Technology Reporter


New School Cyber Crooks Using Old School Malware Tricks

April 29th, 2013

You can teach old crooks new tricks, but many cyber criminals are discovering that the old tricks are working just fine. Indeed, recent security headlines feature old school malware attacks, like the MiniDuke. And old school botnets with creative new names are bum rushing the Internet. At the same time, reflective memory injection (RMI) attacks, which blend […]

By: - Former Chairman and CEO, Lumension


CISPA, FISMA Passed the House. Now What?

April 24th, 2013

CISPA, the Cyber Intelligence Sharing and Protection Act, passed the US House of Representatives late last week and will move to the Senate for further debate. If this rings a bell, it should. Last summer, CISPA passed the House before stalling in the face of a Senate filibuster. Of course, it was not the only […]

By: - Dir. Solutions Marketing

Is Education Key to Closing the Door on Hackers?

April 11th, 2013

I read with interest an Op-Ed piece in the New York Times the other day by Marc Maiffret (founder and CTO of BeyondTrust) entitled “Closing the Door on Hackers.” [By the way, as I’ve mentioned before, it’s interesting to see cybersecurity in the mainstream news, which seems to be happening more and more these days.] […]

By: - Former Chairman and CEO, Lumension


Are Journalists Sitting Ducks?

March 26th, 2013

Remember Mat Honan – a Wired reporter that covers consumer electronics? He had his entire digital life erased last summer. His Google account was deleted, his Twitter taken over, his iPhone, iPad and MacBook erased. How about the New York Times hack? Chinese hackers allegedly broke into the paper’s systems, stole passwords and watched reporters, […]

By: - Forensics and Security Expert


Consolidated Data Centers Will Create More Risk in 2013

December 12th, 2012

I began my series of 2013 predictions with the obvious – malware will march on. I also think the rush to cash in on savings promised by moving from physical server realms to virtual environments (by both IT departments and security vendors) created unfortunate shortcuts and therefore it is an area ripe with risk. For […]

By: - Dir. Solutions Marketing

Data Security on Corporate Radar – But Is That Enough?

August 28th, 2012

The latest (12th annual) Legal Study Report by The Corporate Board Member / FTI Consulting entitled Legal Risks on the Radar came out in late-July and spawned an interesting headline take-away, which I’ll put this way: Data Security Ranks No. 1 on Corporate America’s List of Concerns. To quote from the report itself: [I]ncreasingly, corporate […]

By: - Dir. Solutions Marketing

Uncle Sam Has Yet Another Data Protection Bill

June 25th, 2012

The latest attempt at creating a US Federal data protection / data breach notification law was recently introduced in the Senate. The “Data Security and Breach Notification Act of 2012” (S.3333) was submitted by Sen. Pat Toomey (R-PA) with the support of Sens. Olympia Snowe (R-ME), Jim DeMint (R-SC), Roy Blunt (R-MO) and Dean Heller […]

By: - Dir. Solutions Marketing

Vermont Updates Data Breach Notification Laws

June 13th, 2012

Updates to the Vermont Data Protection and Breach Notification laws came into effect in May 2012. As readers of my posts know (yo G!), although I seem to play one in this blog, IANAL. With that said, since these laws seem to cover any business in the US and beyond, you should take a quick […]

By: - Windows Security Subject Matter Expert


Chances are Someone is Trying to Steal Your Organization’s Information

March 29th, 2012

Chances are someone is trying to steal your organization’s information.  Instead of expending all your effort in defensive posture controls, there are ways to actively seek out and disrupt attempts to steal your organization’s information.  This is called counter intelligence and the exploits of the good old cold warrior, George Smiley, should be your hero.  […]

By: - Windows Security Subject Matter Expert


The Year I Started Being Afraid

February 21st, 2012

I’ve been in IT since I was a kid.  I was a real, stereotypical nerd.  While other computer nerds were learning to program games, I turned up my nose at their childish efforts and learned database programming because at 12 I actually wanted to write accounting software.  I know, I know, weird.  Anyway I say […]

By: - Sr. Director Solutions and Strategy


Social App Security – An Oxymoron?

October 18th, 2010

The recent Wall Street Journal investigation on the Facebook privacy breach begs a fundamental question:  Can a “social application” be secure?  This is a question bigger than just Facebook.  Popular mobile communications platforms such as Apple’s iOS and Google’s Android have also struggled with this as of late.  Here is the core conundrum – platform […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


Five Irrefutable Laws of Information Security

September 20th, 2010

Last week, Forrester held its annual Security Forum 2010 and discussed, among other topics, the need for consistent controls on our endpoint devices to ensure continuous security and network protection. In his keynote entitled What is the Most Significant Vulnerability We Face Today, Malcolm Harkins, Chief Information Security Officer at Intel Corporation cited an example […]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us