IT Security Opinions | SC Media

Opinion

Measuring Your Incident Response Program

Your company has done its homework and put a strong incident response plan in place. Great work. Time to move on until a crisis manifests and you need to “pull it off the shelf” right?  Unfortunately, the real work has just begun. Your company must constantly improve and test the effectiveness of its incident response…

Want to cripple your attackers R&D arm? Look for them on your network…

As I explained in a previous post, hacking back can not only constitute a crime, but it rarely does any significant damage to the somewhat advanced attacker, given the disposable, tactical nature of the attacker’s assets that are typically targeted and exposed during a hack-back operation.  Inflicting significant damage to a cyber attack organization is…

Accountants are not the only people preparing for tax season

Tax season is upon us and that means the bad guys will be getting very busy over the next few months. Tax season is historically a golden opportunity for malicious actors to scam victims out of their tax refunds as well as their very identities. In the first two weeks of this new year we…

maxim weinstein

Finding your ideal endpoint protection—next-gen or otherwise—to achieve prevention, detection and response.

In my last post, I concluded that choosing the endpoint security solution that best fits your business is more important than debating whether a product is or isn’t “next-gen.” This time around, I’ll share some considerations for how to go about finding that ideal solution. If you’re considering an endpoint security change, it’s likely because…

MongoDB: The case for not paying the database hijackers

Thousands of MongoDB databases held for ransom In the last weeks, it’s come to light that thousands of MongoDB databases have been hijacked.  At last count, there have been over 30,000 databases being held for ransom.  The various people responsible for the hijackings are accepting payment through bitcoin.  You shouldn’t pay! What is MongoDB? MongoDB…

Why Hacking Back Rarely Works

In November, the UK announced a formal policy of hacking back against nation state attackers. While it might be a viable government policy, for most enterprises, a cyberattack is a crime, not an act of war.

Executive Insight Bloggers Bios

James has over 26 years of experience in information technology in a variety of leadership roles.  He has 15 years of direct experience as an information security leader and is currently the Chief Information Security Officer at GE Capital Americas and the Information Security Divestiture Leader for GE Capital.  He is a Certified Information Systems…

Next post in Executive Insight