Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    sales and data analytics
    How Data Analytics Improves Lead Management and Sales Results
    9 Min Read
    data analytics and truck accident claims
    How Data Analytics Reduces Truck Accidents and Speeds Up Claims
    7 Min Read
    predictive analytics for interior designers
    Interior Designers Boost Profits with Predictive Analytics
    8 Min Read
    image fx (67)
    Improving LinkedIn Ad Strategies with Data Analytics
    9 Min Read
    big data and remote work
    Data Helps Speech-Language Pathologists Deliver Better Results
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: Special Summary: Enterprise security stories
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Policy and Governance > Special Summary: Enterprise security stories
Policy and GovernanceRisk ManagementSecurity

Special Summary: Enterprise security stories

BobGourley
BobGourley
9 Min Read
SHARE

The state of computer security is in continual change. The only constant in this game is the very dynamic nature of defense and offense. If you are a defender you will always have a hard job. You will always need to be on the lookout for ways to succeed in the face of a dynamic, never ending threat.

The state of computer security is in continual change. The only constant in this game is the very dynamic nature of defense and offense. If you are a defender you will always have a hard job. You will always need to be on the lookout for ways to succeed in the face of a dynamic, never ending threat.

This special report is a summary of the Cyber Security category of the CTOvision.com blog. This means it is a summary of pieces we know and care about, and we hope these stories generate thoughts and comments and suggestions from you on future content. Please let us know your thoughts:

More Read

Securing Your Data by Protecting It Against Spam
Resources to Protect Personal Privacy and Mobile Security
The Softer Side of Risk Management Means Fewer Analytics
Big Data in the Sports Industry
AI-Savvy Hackers Threaten Businesses With 20% Ransomware Increase

Summary:

On 15 July we published two items related to cybersecurity. The first was a pointer to the Department of Defense’s new cybersecurity strategy titled Deputy Secretary of Defense Lynn: Cyber Strategy’s Thrust is Defensive

This piece provided an overview of DoD’s new cyber strategy, a strategy that we think many enterprises can learn from. We also printed a review of a piece of cybersecurity writing that succinctly describes a key failing of overly simplistic security measures titled ”The Maginot Line of Information Systems Security“ It reviews the 1999 advice of cyber security strategist Rick Forno who underscores that “Good firewalls and other purely technical solutions do their work effectively, but to a clever and determined attacker they are just obstacles to be either broken or side-slipped, whichever is more effective.”

We also reported on a Brookings institution piece tilted “Pirates of the ISPs: Tactics for Turning Online Crooks Into International Pariahs” This review provided a framework that our nation could use to help reduce cyber crime. The bad news is that this type of action will only occur with lots of coordination and leadership and to date we have not seen the broad action required to move this concept forward. Enterprises must continue to mount a vigorous defense without this type of top cover.

We did note with pleasure the success Microsoft had in battling major criminal organizations, including collecting information leading to the arrest and shutdown of major botnets like Waledac and Rustock. For more see “Microsoft Works To Tame The Wild Wild Web“ Please thank Microsoft at every turn for this great action.

Do you need to learn more about the language of cyber defense? Many in leadership positions find themselves overwhelmed when they are assigned to play roles in cyber defense. The fastest way to learn the new language is to start with a primer on cyber defense taxonomies. We review the greatest of those at “Enhancing Collective Defense with Taxonomies for Operational Cyber Defense.”

Some of the greatest enterprise defenders gathered in the DC area on September 12, 2011 at the HP Protect conference. Attending this event enabled us to better assess the state of enterprise IT and also provided us with content relevant to our future reporting. For example, Dillon Behr provided a recap on “Big Data Security“ Enterprises everywhere are using increasing amounts of data to make better/faster decisions. Doing so has security ramifications.

Alex Olesker captured content on the “Evolving Enterprise Threat Environment.” This included information from an online interview with HP’s CTO of Enterprise Security, Andrzej Kawalec, as well as the CTOvision.com editor Bob Gourley. This discussion highlighted threads like Spear Phishing, Malicious Code and Insiders. The discussion also reviewed the threat of insiders and the important trend of cloud computing.

Adam Elkus wrote about the traditional approach to cybersecurity in ”Thinking About The Traditional Approach”  And Alex Olesker captured more information on “Big Data and the Enterprise CIO“, including a video of a discussion with Bob Gourley at HP Protect. Alex would later underscore that “Yesterday’s Security Doesn’t Work For Today’s Threats“ where he reviewed the video of Andrzej Kawalec and Bob Gourley in more detail. Kawalec and Gourley continued their discussions on security in another piece titled “Evolving Approaches to Cyber Threats.”

Social media is playing multiple roles in cyber security. It is a vector for threats, it is a means for adversaries to learn more about you, and it is also a means for defenders to exchange information on what is happening. As an example of its strength in helping defenders and other IT professionals learn, John Dodge of the Enterprise CIO Forum and Bob Gourley of CTOvision conducted a series of radio broadcasts and blog posts which were fueled by summaries of hot
security topics noticed in Twitter. The first of these was summarized at Blog Talk Radio and “New Enterprise CIO Forum Blog Talk Radio”

Another cyber security opinion piece was captured in a piece that asked the question “If You Could Pick One Thing For Congress To Do Regarding Cybersecurity, What Would It Be?“ This piece quotes Abraham Lincoln who stated “If we could first know where we are, and whither we are tending, we could better judge what to do, and how to do it.” We reference that as a way of asking for better metrics on cyber security. We believe Congress can help in that regard by requiring more detailed breach reporting from firms.

Bob Gourley and Tom Reilly, Vice President and General Manager of Enterprise Security for HP, provided context on two cybersecurity studies which provided valuable statistics for enterprise professionals. Their video and more on the statistics is at “Survey Says: Security Risks Never Higher, Or Most Costly.”

Bob and Tom also dove deep into the “Myths and Realities of Cloud Security”  In this recorded discussion the two discuss the approach of Security Intelligence and Risk Management. Risk management is a construct of increasing importance since all recognize that 100% security is impossible and therefore tradeoffs and decisions must be made focused on the risk to mission. Security intelligence is a key enabler of smart risk management since it informs on the status of your own mission, your resources, your enterprise and the state of the threat.

Another key event this quarter was the FedCyber.com Government-Industry Cybersecurity Summit. This was a closed event which was attended by a hand selected group of cyber practitioners from government and industry which focused on discussion of new models for security. To register for the next event stay tuned to FedCyber.com. For a short recap of the event see: “Quicklook Report: The FedCyber.com Summit of 28 Sep 2011”

The conclusion of this review of security reporting: Our advice is that security professionals continue to do what you have been doing and continue to work on your agility while at it. You already know that there is no such thing as a perfect defense. And you already know you must establish defense in depth. And you already know you must avail yourself of very smart concepts of operation and must ensure your strategy and your work force are informed. We hope one of your ways of staying informed is by tracking the CTOvision.com blog. But we write about strategy. You need tactical intelligence feeds continuously updated on the threat. And you need a team of enterprise security architects and designers acting in your interests to continually assess the state of your enterprise.

Let us know please your thoughts on the above. We are especially interested in your ideas for what we should be covering next.

TAGGED:cybersecurity
Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

sales and data analytics
How Data Analytics Improves Lead Management and Sales Results
Analytics Big Data Exclusive
ai in marketing
How AI and Smart Platforms Improve Email Marketing
Artificial Intelligence Exclusive Marketing
AI Document Verification for Legal Firms: Importance & Top Tools
AI Document Verification for Legal Firms: Importance & Top Tools
Artificial Intelligence Exclusive
AI supply chain
AI Tools Are Strengthening Global Supply Chains
Artificial Intelligence Exclusive

Stay Connected

1.2kFollowersLike
33.7kFollowersFollow
222FollowersPin

You Might also Like

bluetooth data is security risk
Big DataData ManagementExclusivePrivacyRisk ManagementSecurity

4 Ways Big Data Has Made Bluetooth A Terrifying Security Risk

8 Min Read
mobile secure payments
ExclusiveMobilitySecurity

How Secure Are The Most Popular Mobile Payment Methods?

7 Min Read
how vpns can protect your data
Big DataExclusiveSecurity

Here’s How VPNs Can Protect Against Big Data Leaks

5 Min Read
AI based data protection
Artificial IntelligenceExclusiveSecurity

Companies Without AI-Based WAF Protection Will Be Left Behind In 2020

6 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence
ai chatbot
The Art of Conversation: Enhancing Chatbots with Advanced AI Prompts
Chatbots

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-25 SmartData Collective. All Rights Reserved.
Go to mobile version
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?