the State of Security

Regulatory Compliance

Is Compliance Dead?

by Adam Montville

Is compliance dead in the water or, as a good friend of mine in the industry enjoys reminding me at every turn, is it really the frog in soon-to-be-boiling water?  Given the recent high profile breaches attributed to Anonymous and LulzSec, it’s easy to say, quite flatly in fact, that compliance simply isn’t cutting it. [...]

Read More

Logging Assurance to Improve Security

by Cindy Valladares

Last week I posted an interview transcript with my colleague Jason Iler on how to prevent the security blindspot. To give us further insight into this security solution, we’ve captured this short video interview. Hasta pronto! @cindyv

Read More

HyperLogging: Preventing the Security Blindspot

by Cindy Valladares

In the security world, there are a LOT of things to keep track of on a daily basis. There is no shortage of legitimate security threats, not to mention all the mundane operational activities that need to be managed:  OS/app patches, rogue access points, physical security, post-it notes with passwords (yes, I’m guilty here too)… [...]

Read More

How to Achieve Better Security

by Cindy Valladares

A few weeks ago I had the pleasure of interviewing Mike Dahn, Director of Risk and Compliance at PwC, and Josh Corman, Research Director of Enterprise Security at The 451 Group. The focus of our conversation was on what practical advice they could give to organizations that wanted to move beyond proving compliance validation to [...]

Read More

PCI DSS Compliance: More Carrot and Less Stick?

by Cindy Valladares

Or a less sexy title: does compliance with mandates such as Payment Card Industry Data Security Standard (PCI DSS) help reduce risks for organizations (the carrot) even though it’s costly and the consequences of non-compliance even costlier (the stick)?

Read More

Minding the Gap: Infosecurity Europe and BSidesLondon

by Cindy Valladares

This week I’ve been in London for two security shows: Infosecurity Europe and BsidesLondon. The two events are very different from each other, attracting not only different sponsors/vendors (in BsidesLondon there are sponsors; in Infosecurity there are vendors), but distinct audiences. For an organization like Tripwire, it’s good to be present at both types of [...]

Read More

← Previous Entries

Next Entries →