News, analysis and context on enterprise technology for the CTO
Cyber Security is far more than just protecting data. Security is about protecting the functionality of IT. It involves confidentiality, availability and integrity of resources. This higher order approach to cyber security requires vision, leadership, and actions in dimensions of people, process and technology.
Editor's note: the post below by Anup Ghosh first appeared on the Invincea blog and is republished here with the author's permission. bg Prediction 2012: Hackers Will Find New Fertile Ground to Pharm Posted by Anup Ghosh on November 29, 2011 Invincea is on record that the year 2011 will go down as the year the fundamental underpinnings of Internet security fell. In fact, it is the bloodiest year on record for Internet security. Not only did we … [Read more...]
Last week I attended a Carahsoft webinar with Virtual Instruments' Doug Norton and our very own Bob Gourley. The topic was the Federal Data Center Consolidation Initiative, and what Virtual Instruments can do to help prepare your agency for consolidation. The key capability that Virtual Instruments brings to the table is the ability to identify and create real metrics for your data center and across the SAN. VI uses fibre channel technologies to copy … [Read more...]
The technology writer Langdon Winner wrote an interesting book 30 years ago that has a lot of relevance to technologists today--especially when thinking about enterprise security. His core idea is one of technological autonomy. As the good folks at Cyborgology define it: Technological autonomy is a shorthand way of expressing the idea that our technologies and technological systems have become so ubiquitous, so intertwined, and so powerful that they are … [Read more...]
While virtualization offers many benefits to enterprise such as lower costs and greater flexibility, it also creates new challenges. One of the greatest concerns with switching over to virtualized infrastructure, espeically in government, is security and compliance in a complex and dynamic environment which legacy software can no longer handle. Catbird offers automated security solutions tailored to virtualized data centers and has recently unveilled the … [Read more...]
Here are a few recent links of note on cybersecurity and disruptive technology: The Cyber Power Index by Booze Allen Hamilton. The G20 are ranked by their potency in cyber, determined by their legal and regulatory framework, economic and social context, technology infrastructure, and industry application. The United States is ranked second with the United Kingdom surprisingly first and China in 13th place. This tool is interactive and, if you … [Read more...]
Cyber practitioners have long wondered when this would happen. Now it has. The President of the United States has finally realized that the threat from malicious actors in cyberspace has grown so significant that it bears mentioning in the State of the Union Address. In his January 24, 2012 State of the Union Address President Obama, while talking about America's military strength, said: "To stay one step ahead of our adversaries, I have already sent … [Read more...]
We have previously written about the Mobile Risk Management leader Fixmo and their relevance to enterprise missions and I have shared my excitement to be on the advisory board of this very virtuous firm (see, for example, Fixmo And Mobile Risk Management For Enterprise and Government Agencies). Fixmo has just announced the full membership of their advisory board plus some additions to their board of directors. Other advisers include: Mr. Wilson … [Read more...]
On Friday, 16 December, Michael Howard hosted a webinar for FedCyber on the Microsoft Security Development Lifecycle (SDL), Howard is Microsoft’s Principal Security Architect with nearly 20 years of experience in the field and literally wrote the book on SDL, a topic that keeps growing more relevant. This year, the federal government put into policy with the National Science and Technology Council’s strategic plan for federal … [Read more...]
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program established in December 2011 to speed the adoption of cloud computing. FedRAMP includes a set of requirements for federal cloud computing and universal procedures for approving services and providers to work with the government. When contractors feel that they have met FedRAMP requirements, they must have their security control implementations independently … [Read more...]
2011 was a watershed year for cybersecurity, but it was evolutionary rather than revolutionary. Political hacking, industrial skullduggery, drones gone wild, and mobile malware all made 2011 a year, to borrow CrucialPoint amigo Matt Devost's phrase (since I'm already borrowing his image for the post graphic, why not?), to live cyberdangerously. The Rise of the Political Hacker Anonymous was, in many ways, the biggest cybersecurity story of 2011. … [Read more...]