Effective security can help companies save in excess of $1 million on a nation-state attack from the likes of Russia, China and North Korea. Today’s columnist, Dan Pitman of Alert Logic, says as part of the security equation, companies should focus requests-for-proposals around business goals vs. looking to bring on too many products.
Last fall we discussed what security data do I really need to collect and analyze. We know we don’t need it all, but this was only the sensor part of the discussion. Now that we have that data identified and those sensors in place, what brain do I need to collect and analyze it? There […]
As defenders, we’re often forced to work in silos because of our dependence on an ever-growing array of tools that focus only on the assets they are designed to protect.
Paul and I have talked a lot about his enchanted quadrants on the podcasts, but for those who haven’t watched, here’s a quick summary… An effective security program requires the integration of four key data sources: Logs (firewall, network, application, etc.) Endpoint (files, processes, logs, etc.) Network (flow and packets) Threat Intelligence Most organizations build […]
The endpoint market has been hot for years. At one point, there were over 80 new endpoint vendors trying to displace the traditional anti-virus vendors. The endpoint security market was transitioning from endpoint protection to endpoint detection and response (EDR). EDR is all the rage, but do you really need one? While the endpoint market […]
We’ve been told for years that we don’t have enough data for security. Then we see the headlines and quotes… “Organizations must prepare for collecting, processing, analyzing, and acting upon terabytes of security data.” “All decisions about cybersecurity strategies, program priorities, investments, etc. should be made based upon analysis of real-time and historical data.” New […]
In one of my previous roles, I had the great opportunity to travel around the world meeting customers to understand their challenges in vulnerability management. The two biggest challenges they wanted solved were: Help me prioritize which of these vulnerabilities are most critical, and Help me close the loop with my patching solutions to remediate […]