Security Management Strategies for the CIOAccess "Bring back the lulz by changing up your information security model"
This article is part of the September 2011 issue of The top 2011 security products: Information Security Readers' Choice Awards
I’m writing this column for the lulz. I have a cause, see. And my cause is the lulz. Security needs more lulz. You’re too uptight. We’re too uptight. We’ve all got whiplash trying to duck-and-cover from all these APTs flying about. Your shoulders ache because your trusty SecurID token could be pwned. You don’t sleep because some hacker with a cause might not like your CEO’s politics and could try to take down your network, or worse, leak data and maybe even put lives in danger. You’re a mental and physical wreck. You’ve got the thousand-yard stare. The jungle is full of bad guys out there, and the problem is you don’t know who’s shooting at you. Today’s creep could be some Russian mobster stealing credit cards to pad his online marketplace. Tomorrow’s creep could be some Anonymous type with some SQL injection code and an agenda. The buzzing in your head is the sound of change. All that defense-in-depth and perimeter-based stuff you spent hundreds of thousands of dollars on may be just security theater as Bruce Schneier likes to call it. Hackers are hacking ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
2011 Information Security magazine Readers' Choice Awards
by Information Security Staff
Readers pick the best security products.
-
Best authentication products 2011
by Information Security Staff
Readers choose the best authentication products.
-
Best intrusion detection/prevention products 2011
by Information Security Staff
Readers choose the best intrusion detection/prevention products.
-
Best network access control products 2011
by Information Security Staff
ISM readers choose the best network access control products of 2011. See who won the gold.
-
Best secure remote access products 2011
by Information Security Staff
Readers choose the best secure remote access products.
-
Best unified threat management products 2011
by Information Security Staff
Readers choose the best unified threat management products.
-
Best Web application firewalls 2011
by Information Security Staff
Our readers selected their favorite Web application firewalls. See which product took the top spot.
-
Framework for building a vulnerability management lifecycle, program
by Diana Kelley
A robust vulnerability management program requires the integration of inventory, change and configuration management.
-
2011 Information Security magazine Readers' Choice Awards
by Information Security Staff
-
-
Best antimalware products 2011
by Information Security Staff
Readers rank the best antimalware products.
-
Best identity and access management products 2011
by Information Security Staff
Readers choose the best identity and access management products.
-
Best messaging security products 2011
by Information Security Staff
ISM readers choose the best messaging security products of 2011. See which one took home the gold.
-
Best policy and risk management products 2011
by Information Security Staff
Readers choose the best policy and risk management products 2011.
-
Best security information and event management products 2011
by Information Security Staff
Readers choose the best security information and event management products.
-
Best vulnerability management products 2011
by Information Security Staff
Readers choose the best vulnerability management products.
-
Best Web security products 2011
by Information Security Staff
Readers choose the best Web security products
-
Microsoft BlueHat prize wins over Black Hat Crowd
by Robert Westervelt
Security pros say Microsoft’s contest to encourage development of new security technologies for its products is promising.
-
Best antimalware products 2011
by Information Security Staff
-
Columns
-
Ranum chat: Enterprise information security architecture
by Marcus J. Ranum, Contributor
Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider. This month, Marcus talks to Gunnar Peterson, managing principal at Arctec Group, where he focuses on distributed systems security for large enterprise systems.
-
Organizations need a new data security model to combat today’s threats
by Phil Gardner and Chris Silva
Modern threats require a fundamental shift in information security away from the fortress mentality.
-
Bring back the lulz by changing up your information security model
by Michael S. Mimoso, Editorial Director
Security needs more lulz, but it’s not happening until we change our protection models, understand how our respective businesses work and concentrate on current threats and adversaries.
-
Ranum chat: Enterprise information security architecture
by Marcus J. Ranum, Contributor
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...