Recently the President issued an Executive Order on cybersecurity, and it’s drawing a lot of attention. This order presents a framework for reducing cyber risks to critical infrastructure in the United States and encourages collaboration between the public and private sector. Some believe the order overreaches; others think it is not enough. Regardless of where one stands on the issue, at least it is getting people and organizations talking and problem-solving.More...

If you ask IT and enterprise security teams what is top-of-mind for them, chances are you’ll hear something related to mobility. 

The good news is that a new year brought forth an increase in budgets for most organizations. Yet the big change is that decision making for mobile is moving outside IT and into the business units. Even so, mobility challenges seem to land in the lap of IT, whether they are related to security, integration issues, compliance, or device management.  Consider these statistics and trends: More...

There is little doubt that the promises of “big data” comes with risk. Steve Durbin, global vice president of the Information Security Forum (ISF), breaks down these risks into five areas: cybersecurity, data in the cloud, consumerization, interconnected supply chains, and privacy.

Cybersecurity is primary, because cybercriminals are getting more organized and are using more sophisticated techniques and tools. Even if the risk is small, a breach can wreak havoc within an organization, damaging reputations, creating substantial legal liability, and in the worst case, ruining companies financially. More...

One of the ongoing concerns among certain enterprises is assuring that with their data and apps “out there” in the cloud that they will be fully compliant with regulatory requirements, whether those might be health-related (HIPPA), credit card-related (PCI DSS), or financially related, such as Sarbanes-Oxley.

Is there an element of control freak there? Probably. As one such freak in our own small way, we can certainly understand why there can be some legitimate concerns about the data an enterprise is handling and how safe it is, in this increasingly cyber-insecure age we’re living in.More...

Investing in network security can seem never-ending.  After all, the threats never cease.  How to direct finite security resources will always be top of mind for enterprises. Sometimes part of the answer lies in going back to the basics, and I am not talking about firewalls, IPS, and DDOS protection.

Recent recommendations have been simple, tried, and true. Revisiting some old school approaches can significantly strengthen the security posture of the enterprise.More...

Our branches of the Federal Government have been these past two weeks, as well as the Chinese government half way around the world. First came the U.S. Supreme Court ruling on Sarbanes-Oxley. Then a U.S. Senate committee passes a bill giving great power over the Internet to the U.S. President. And finally, Google adheres to the censorship policy of the Chinese government and agrees to redirect traffic that the Chinese government wants to censor.  With all these developments, what are the implications to enterprise IT? More...