The UltraTech Zone

Integrating Life, Technology and Business with Andrew S. Baker...
Welcome to The UltraTech Zone Sign in | Join | Help
in
Home My Blog Forums Photos Resume Reading List External News Knowledgebase Consulting Mailing Lists Other Links

Browse by Tags

All Tags » Technology » Security   (RSS)
  • Get Real with Information Security

    In 2012, the writers of malware and the attackers of networks were very busy, using both social engineering and increased technical sophistication to fuel an increased number of attacks. Not incidentally, mobile devices just flew off the shelves this year, with predictions that over 122 million tablets and some 717 million smartphones will have ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on December 31, 2012
  • Just ask Sony…

    Why should you take your organization’s information security posture seriously? Just ask Sony.  It has been estimated that Sony will spend more than $170 million dollars due to the recent breaches they have suffered.  Personally, I think that the $170M figure is too conservative.  I expect it to get much closer to $300M than ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on May 31, 2011
  • Managing Technology-based Risks

    Risks exist. You would think that this is so obvious as to not need saying, but too many people appear to operate as though downplaying or ignoring risks have any impact on their reality. That sign announcing “bridge out” isn’t really concerned with how much you believe it or agree with it.  It doesn’t care if you are too busy to deal with ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on May 3, 2011
  • Reactive Security: Feel the pain in 2011+

    We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down. Here are just a few of the biggest reports for the year: http://www.eweek.com/c/a/Security/RSA-SecurID-Breach-Shows-Why-Everybody-Must-Stay-Vigilant-595858/ ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on April 29, 2011
  • Maintaining Good Security Practices

    Security is not just a state of being. We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you. Answering such a question is difficult at best. Imagine walking up to your doctor and ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on March 31, 2011
  • The State of Data Breaches in 2010

    I had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG.  They’ve put together data from 2004 through 2009, and it is quite interesting. These are from confirmed data breach cases. Here were 3 of the scariest stats in the document: 86% of victims had evidence of the breach in their log ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on July 30, 2010
  • Why Businesses Standardize on Technology

    I experienced a wide range of emotions as I read this allegedly tech savvy article in the Wall Street Journal, written by someone who is deemed a journalist for reasons which clearly have no basis in reality.  Mostly, I was surprised, because this is not the caliber of information that I expect from a publication such as the Wall Street ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on November 23, 2009
  • Searching for Return on Security Investments

    There are several major challenges to the successful implementation of good information security in many organizations today.  It is not because business owners do not think that security is important.  No, the issues exist because they do not grasp the complexities that embody the Information Security profession, and thus make decisions ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on October 30, 2009
  • Is Security by way of Diversity Still Effective?

    It has long been accepted that Information Security should be implemented in layers: Defense in Depth. The idea being that you should add overlapping protection mechanisms to either stop or slow down an intruder.  To use a simple analogy, if you store valuables in your home, you’re not just going to have a safe to keep them in, but you will ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on September 30, 2009
  • Managing Information Security in 2009

    Since the middle of 2008, we have seen an increase in the types and complexity of information security attacks that organizations have been facing. The widespread worms of 2004 and 2005 gave way to the targeted attacks of 2006 and early 2007.  Things quieted down in the latter portion of 2007, as the security industry was able to clamp down ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on January 2, 2009
  • Needless Vendor Bashing -- by Vendors

    In today's story of immense irony, we find a vendor taking time to bash another vendor for a security flaw, only to have diligent 3rd parties point out that the flaw exists for the bashing vendor as well. What a waste of time.  If folks would focus more on the issues they need to address, and less on showmanship and one-up-manship, they ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on July 24, 2007
  • SANS sees upsurge in zero-day Web-based attacks

    It's pretty much official now (in case you didn't believe it before):  We have exited the Worm era, and jumped head first into the era of specialized and targeted attacks... According to a recent article by ComputerWorld, SANS security organization sees upsurge in zero-day Web-based attacks. The following excerpt from the ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on December 12, 2006
  • IT Security Confidence

    I just finished reading a pretty decent CIO Insight article (with lots of research links) on the state of IT Security at a Corporate level.  It ends with the following comment that I wholeheartedly agree with: For IT security to work, companies must train and motivate personnel to consistently avoid risky behavior, build strong ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on October 3, 2006
  • Black Hat Briefings: NAC solutions vulnerable to attack

    Network World is reporting that various NAC solutions vulnerable to attack based on a presentation at this year's Black Hat Conference.   A snippet of the report from the link is provided below:    In a presentation at this year's Black Hat Briefings conference in Las Vegas, Arkin raised questions about the efficacy of ...
    Posted to Talking Out Loud with ASB (Weblog) by Logik! on August 3, 2006
Powered by Community Server (Personal Edition), by Telligent Systems