By: - Technology Reporter


To Layer or Integrate? That is the Question

June 27th, 2013

Indeed, the debate over whether to mix a myriad of tools and technologies to create a bulletproof shield that hackers can’t invade or to take an integrated approach to in-depth defense to combat persistent threats is ongoing. But more cyber security analysts are speaking out about the benefits of integration. Also known as layered defense, […]

By: - Information Security Reporter


Compliance Is Bad for Security

June 18th, 2013

There are two separate approaches to keeping data safe: compliance and security. The first is a legal/regulatory obligation; the second is not. If you ask a compliance author, whether that’s a government legislator or a bureaucratic regulator, what is the purpose of compliance, the reply will be ‘to ensure security.’ If you ask the same […]

By: - Former Chairman and CEO, Lumension


3 Executive Strategies to Prioritize Your IT Risk

May 22nd, 2013

Every company wants to know the best way to protect their company, but it can be difficult when faced with the evolving security challenges of today. I recently sat down with Richard Mason, VP & CSO at Honeywell, Roger Grimes, security columnist and author, to get their thoughts on risk management best practices. I hope […]

By: - Dir. Solutions Marketing

For Want of a Nail …

November 14th, 2012

… the kingdom was lost. This real-life cautionary tale, told to me by my colleague’s brother (let’s call him Mr. X), concerns a risk-reward decision gone awry. X’s company is a good-sized global in international construction services company with over $1B in revenue and around 5000 employees; they have about 7000 servers and endpoints under […]

By: - Dir. Solutions Marketing

Data Security on Corporate Radar – But Is That Enough?

August 28th, 2012

The latest (12th annual) Legal Study Report by The Corporate Board Member / FTI Consulting entitled Legal Risks on the Radar came out in late-July and spawned an interesting headline take-away, which I’ll put this way: Data Security Ranks No. 1 on Corporate America’s List of Concerns. To quote from the report itself: [I]ncreasingly, corporate […]

By: - Technology Reporter


Back to School: Keeping Your IT Skills Sharp

August 21st, 2012

It’s back to school time for the kids—and it’s the perfect time to consider sharpening your IT skills. You’ll find continuing education opportunities abound at colleges and universities, but if you are like most Information Technology professionals you don’t have time to make that level of commitment. So what’s a hungry IT security pro to […]

By: - Former Chairman and CEO, Lumension


A Word (or two) on the IBM Acquisition of BigFix

July 1st, 2010

Today, IBM announced plans to acquire BigFix and we have been asked several times today what this all means to Lumension. So I thought I would weigh in with my thoughts – both from an industry perspective and from Lumension’s perspective, more specifically. As it turns out, there has been increasing M&A activity in the […]

By: - Forensics and Security Expert


2010 Predictions Redux- 2nd Half Predictions and Looming Threats

June 22nd, 2010

As we ended 2009 and entered 2010, many predicted that 2010 was poised to go down in history as “the year of insider threats”. It was not a risky prediction to make considering our economic peril and our industries continued unwavering albeit misplaced focus on the gateway rather then endpoint security. The Worldwide State of […]

By: - Former Chairman and CEO, Lumension


Lessons from the Road…Tokyo, London, Sydney: Part I

June 16th, 2010

A few things I learned while on the road in the past couple of weeks: 1.    The platform-centric approach is firmly planted both here and overseas; 2.    The efficiency of agents on the endpoint is increasingly under the microscope; 3.    Application whitelisting is truly hitting a global tipping point; 4.    Compliance costs continue to be […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


The Case for Endpoint Operations and Endpoint Security Convergence

May 24th, 2010

Ask any IT administrator where their greatest security risk lies and they will tell you it’s at the endpoint. The endpoint has expanded well beyond a desktop to include mobile devices, which allow greater user flexibility and productivity but also increase security risks to your network. Data that once resided on secure centralized servers (and […]

By: - Software Entrepreneur Professional

Why More Legislation Could Hurt FISMA Compliance

March 31st, 2010

The US Government last week proposed updating the Federal Information Security Management Act (FISMA) to include a clause about the continuation and monitoring of security threats based on government agency risk profiles. The new amendments to the act would change FISMA compliance in the following ways: Establish a national cyberspace division within the executive office […]

By: - Former Chairman and CEO, Lumension


Insights from America’s Growth Capital and RSA Conferences

March 9th, 2010

Last week, I attended two security-related events in San Francisco. I spoke on the topic of the converging endpoint on a panel at America’s Growth Capital’s 6th Annual Information Security and West Coast Emerging Growth Conference. And I walked the floor at the RSA Conference, where Lumension exhibited. Here are my thoughts on the key […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


New Era of Collaboration Between IT Operations & Security

December 1st, 2009

Much has been said over the past few years about the convergence of IT security and IT operations. Most companies look at this convergence from an optimization standpoint; hoping to increase security, achieve greater compliance, and reduce IT risk. Many larger companies, however, still operate under a siloed approach, working primarily with point solutions for […]

By: - Dir. Solutions Marketing

Don’t Procrastinate on Red Flags Rule Compliance Despite Latest Delay

November 18th, 2009

So, the Federal Trade Commission (FTC) has, for the fourth time (!) delayed enforcement of the so-called “Red Flags” rules, according to a statement posted on the agency’s website. Compliance enforcement is now scheduled for June 1, 2010 –- in case you’re keeping score at home, the previous dates were 01-Nov-08 (original), 01-May-09 (first delay), […]

By: - Product Marketing Executive, Mobile and Security Technologies Expert


How to Achieve and Sustain Compliance, and Manage Risk: Best-in-Class Approach

September 16th, 2009

In May 2009, Aberdeen Group published a research report entitled IT GRC: Managing Risk, Improving Visibility, and Reducing Operating Costs. The study describes the policy, planning, process, and organizational elements that contribute to successful initiatives in the area of IT governance, risk management, and compliance (IT GRC).  I recently sat down with Derek Brink, vice president […]

IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us