Current Topics and Information

Focused on the ever-changing information security landscape

Sub-header Photo


Why Shift Information Risk Management Out of IT?

In my previous blog posts, I discussed how the role of the CISO is changing due to the additional responsibilities that come with managing the risk of information regardless of where it resides, and the shift in security strategies. It is important to understand this background information as it frames the discussion for moving the [...] Read more

Read more

The Evolution of Security Strategies

In my last blog post, I discussed how the role of the Chief Information Security Officer (CISO) has evolved into the Chief Information Risk Officer (CIRO), and the growing list of responsibilities associated with this evolution. This shift raises questions on how to structure reporting relationships that support open communication and collaboration between the CIRO [...] Read more

Read more

The Hard Cold Truth – Somebody Else’s Breach Could Become Your Problem

Did you read yesterday’s article in The New York Times about eBay’s breach? The piece stated that “Security experts warned that stolen information would make eBay customers easy targets for phishing attacks…” And then this morning, Businessweek reported that eBay assured users and stockholders that hackers gained no credit card numbers or other financial information. [...] Read more

Read more

Using Fusion Centers to Improve Situational Awareness

I have been having many discussions lately around the concept of threat intelligence fusion centers. If you haven’t heard of a fusion center, it is an idea originally created by the government to promote information sharing between federal agencies, the military, and state and local governments. According to the National Fusion Center Association, the goals [...] Read more

Read more

The Evolution of the CISO to CIRO

Over the past five years the role of the Chief Information Security Officer (CISO) has changed dramatically, and will probably go through an even more dramatic change during the next five. The CISO typically had a technical role, coming up through the ranks with an IT background, and then moved into security. Their main job function [...] Read more

Read more

Host Based Antivirus Near Its End

I read an article the other day where Symantec's information security chief declares the traditional antivirus is "dead" and "doomed to failure." With recent stories like this in the news, it is apparent that an organization’s security strategy has to include more than just host based antivirus. Antivirus has been seen as a checkbox item organizations [...] Read more

Read more

Navigating a Successful SIEM Strategy

It’s been my experience that deploying a successful SIEM strategy is like the “jump program” from The Matrix. Left on one’s own, without the help of the experienced experts, nearly all first attempts at SIEM fail. But, the good news is there are some steps you can take that will help ensure your organization achieves [...] Read more

Read more

Plaid CTF 2014 harry_potter Challenge

Accuvant sponsored the annual Plaid CTF event this year. It is one of our favorite events of the year for several reasons. First, we believe heavily in the lessons that these exercises teach. The time limits bring a motivating pressure; the result is often amazing feats of hacking that will be remembered for years to [...] Read more

Read more

The Blackstone Acquisition: Why It’s Exciting News

It’s official! The Blackstone acquisition of Accuvant closed yesterday and I’m extremely excited about what it means to our company, our clients, our employees, our partners and the information security industry at large. This new partnership is going to allow Accuvant to really step up and take a much bigger role protecting the way people, organizations [...] Read more

Read more
(125 Results)