Open vs. closed appliances in your network

By | March 23rd, 2015|Uncategorized|

When it comes to putting an appliance in your network for out-of-band management, you want to think carefully about whether that appliance is based on an open or closed platform. It might just be the difference between locking up network security and being open for business for hackers. A Linux platform lends itself to building [...]

Cisco survey: Security holes unpatched

By | January 28th, 2015|Uncategorized|

The release of Cisco's Annual Security Report shows that corporate security teams are not patching holes in their software or security tools. Less than half of the respondents at 1,700 companies in nine countries use standard tools for ensuring they are running the latest versions of software. This study comes in the year that saw [...]

Config errors better than hackers?

By | January 28th, 2015|Uncategorized|

The Facebook downtime event on January 27th, where an hour-long outage at Facebook cut off access to critical status updates worldwide in addition to Instagram posts and Tinder hook-ups, shows the sensitivity of large organizations to public perception of hacking threats. The Lizard Squad hacking group, which apparently took control of the Malaysia Airlines website [...]

Better security through config management

By | October 24th, 2014|Uncategorized|

Gartner says that the average firm makes 10,000 changes annually to its IT environment. It's no wonder change management can make or break your network. Literally. Security patches, interdependencies among various components of your network, and the ability to recover from a disaster are driving factors to companies attempting to create a Configuration Management Database [...]

Industry responds to cybersecurity framework

By | October 17th, 2014|Uncategorized|

In August, NIST requested feedback from the owners and operators of the nation's critical infrastructure to understand how the Framework for Improving Critical Infrastructure Cybersecurity was being used and how it could be improved. Most of the responses posted by NIST were not from organizations running the infrastructure, but tech companies and industry associations. The [...]

An awareness month you should celebrate all year

By | October 1st, 2014|Uncategorized|

In the month dedicated to more awareness topics than any other, you won't want to miss out on National Cyber Security Awareness Month (NCSAM). While you won't likely see sporting events with athletes sporting uniform accessories with neon green of NCSAM's logo (well, maybe the Seahawks...), you might be surprised to know that this year [...]

The challenge of continuous monitoring

By | August 15th, 2014|Uncategorized|

In today’s environment of advanced persistent threats it is essential for organizations to have near real-time knowledge of their enterprise IT infrastructure so responses to external and internal threats can be made swiftly. A successful continuous monitoring program provides visibility into assets, and leverages use of automated data feeds to quantify risk, ensure effectiveness of [...]

When an “air gap” isn’t enough

By | January 29th, 2014|Uncategorized|

The remote nature of offshore drilling platforms used to ensure the safety of their networks from the world wide web with three W's of another sort: a physical barrier of waves, wind and water. On-board, the "air gap" between vessel control systems, process control systems and data networks is shrinking as these become increasingly linked [...]

NIST cybersecurity framework development continues

By | November 18th, 2013|Uncategorized|

NIST, the National Institute of Standards and Technology, held its fifth public workshop last week in Raleigh, North Carolina on a comprehensive cybersecurity framework mandated in a February 2012 executive order. The framework is designed to improve cybersecurity across sixteen critical infrastructure industries and build up from a basic core of functions based around the [...]

DARPA Grand Challenge targets automated cyber security

By | October 28th, 2013|Uncategorized|

A view of some of the sensing hardware on an autonomously piloted vehicle in the DARPA Grand Challenge. DARPA (the Defense Advanced Research Projects Agency) announced the next focus area in their series of Grand Challenges that have included autonomously driven vehicles, humanoid robotics and now automated network defenses. The Cyber Grand Challenge seeks to [...]