Access "Get back to basics for improved network security"
This article is part of the December 2013 Vol. 15 / No. 10 issue of 2013 Security 7 award winners revealed
As I travel to industry events and talk with peers about network security, the biggest issue I see is that bright, shiny security tools with the latest bells and whistles mesmerize people. Too many companies deploy these tools without analyzing how the technology will be used or integrated with their security management structure. Collectively, network security teams need to put a stop to this mindset; they must slow down, take a look at the network and focus on solving the problems at hand. First, let's look at the security incident process. How many incidents can you recall where the post-mortem review contained items such as install or update the antimalware software; patch the OS, application or hardware; update switch and firewall rules; change access control lists or implement some local device configuration? If your post-mortem meetings are anything like mine, then you are looking at security best practices for corrective actions. How can we use a "back-to-basics" approach with the goal to increase the security posture of our network infrastructure? ... Access >>>
Premium Content for Free.
Beyond the Page: Breach detection systems
by John Pirc
In the December 2013 Beyond the Page, John Pirc explains why breach detection systems are an essential security tool in a malware-infested world.
Banking on intelligence-driven security
by Jason Witty
Security 7 Award winner Jason Witty discusses how rapid change requires a disciplined, collaborative approach to information security.
Analytics and the insider threat: Privileged users and patterns of deception
by Timothy Rogers
Security professionals should analyze metrics to learn baseline behavioral patterns of their employees and identify anomalous behaviors.
Secure all the (Internet of) Things
by Angela Orebaugh
Despite the promise of the Internet of Things, history will repeat itself unless we take action.
Feature: Enhanced threat detection: The next (front) tier in security
by John Pirc
When conventional security falls short, breach detection systems and other tier-two technologies can bolster your network’s defenses.
- Beyond the Page: Breach detection systems by John Pirc
Wi-Fi connectivity puts pressure on medical device security
by Ali Youssef
Health system's certification program mitigates the risks associated with wireless medical devices.
A full-service model for SIEM
by George Do
The industry needs to recognize the value that full service "SIEM in the cloud" would bring to organizations.
From ABCs to BYOD
by Philip Scrivano
Security 7 Award winner Phil Scrivano heads a BYOD program for the 17 public schools in Los Angeles County, securing network access from kindergarten on up.
Get back to basics for improved network security
by Nick Duda
If your post-mortem meetings are anything like mine, forget the bells and whistles and revisit security best practices.
- Wi-Fi connectivity puts pressure on medical device security by Ali Youssef
Congratulating the 2013 Security 7 Award winners
by Kathleen Richards, features editor
We honor leading information security professionals in seven vertical industries and applaud their achievements in our annual awards issue.
Return on security investment: The risky business of probability
by Pete Lindstrom, Contributor
You are better off with real numbers when it comes to measuring probability and the elements of security risk, even if they are wrong.
- Congratulating the 2013 Security 7 Award winners by Kathleen Richards, features editor
More Premium Content Accessible For Free
Application security policy after Heartbleed
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...
Devising a security strategy for the modern network
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
The big data challenge: What's in store for NoSQL security
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...