Security Management Strategies for the CIOAccess "Ranum chat: Enterprise information security architecture "
This article is part of the September 2011 issue of The top 2011 security products: Information Security Readers' Choice Awards
Marcus Ranum: Gunnar, your blog (1 Raindrop) is one of my favorite security forums, since you seem to be as comfortable with “the big picture” strategic problems as well as the practicalities, and you do it fluently and coherently -- do you realize how rare that is? Gunnar Peterson: Thanks for the kind words on the blog. In terms of bouncing between big picture and practical issues, I think this is a must in security. We’re vulnerable to poor design and implementation. Getting the level of abstraction calibrated correctly is one of the enduring challenges in infosec. How many times have we seen a big picture policy or architecture document essentially filled with low-level configuration settings that offer no strategic guidance? Conversely, we often see low-level implementations where the assumptions inherent in the implementation cascade back up through the big picture and ripple through the whole security architecture: “Well of course for this little widget to run you have to open XYZ firewall ports, disable the sandbox, and send everything in the clear.” ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
2011 Information Security magazine Readers' Choice Awards
by Information Security Staff
Readers pick the best security products.
-
Best authentication products 2011
by Information Security Staff
Readers choose the best authentication products.
-
Best intrusion detection/prevention products 2011
by Information Security Staff
Readers choose the best intrusion detection/prevention products.
-
Best network access control products 2011
by Information Security Staff
ISM readers choose the best network access control products of 2011. See who won the gold.
-
Best secure remote access products 2011
by Information Security Staff
Readers choose the best secure remote access products.
-
Best unified threat management products 2011
by Information Security Staff
Readers choose the best unified threat management products.
-
Best Web application firewalls 2011
by Information Security Staff
Our readers selected their favorite Web application firewalls. See which product took the top spot.
-
Framework for building a vulnerability management lifecycle, program
by Diana Kelley
A robust vulnerability management program requires the integration of inventory, change and configuration management.
-
2011 Information Security magazine Readers' Choice Awards
by Information Security Staff
-
-
Best antimalware products 2011
by Information Security Staff
Readers rank the best antimalware products.
-
Best identity and access management products 2011
by Information Security Staff
Readers choose the best identity and access management products.
-
Best messaging security products 2011
by Information Security Staff
ISM readers choose the best messaging security products of 2011. See which one took home the gold.
-
Best policy and risk management products 2011
by Information Security Staff
Readers choose the best policy and risk management products 2011.
-
Best security information and event management products 2011
by Information Security Staff
Readers choose the best security information and event management products.
-
Best vulnerability management products 2011
by Information Security Staff
Readers choose the best vulnerability management products.
-
Best Web security products 2011
by Information Security Staff
Readers choose the best Web security products
-
Microsoft BlueHat prize wins over Black Hat Crowd
by Robert Westervelt
Security pros say Microsoft’s contest to encourage development of new security technologies for its products is promising.
-
Best antimalware products 2011
by Information Security Staff
-
Columns
-
Ranum chat: Enterprise information security architecture
by Marcus J. Ranum, Contributor
Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider. This month, Marcus talks to Gunnar Peterson, managing principal at Arctec Group, where he focuses on distributed systems security for large enterprise systems.
-
Organizations need a new data security model to combat today’s threats
by Phil Gardner and Chris Silva
Modern threats require a fundamental shift in information security away from the fortress mentality.
-
Bring back the lulz by changing up your information security model
by Michael S. Mimoso, Editorial Director
Security needs more lulz, but it’s not happening until we change our protection models, understand how our respective businesses work and concentrate on current threats and adversaries.
-
Ranum chat: Enterprise information security architecture
by Marcus J. Ranum, Contributor
More Premium Content Accessible For Free
Compliance and risk modeling
E-Zine
You can fight compliance or embrace it, but one way or the other, you can’t escape it. Increasingly, smart organizations are not just accepting ...
Essentials: Threat detection
E-Zine
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises ...
Managing identities in hybrid worlds
E-Zine
The world in which successful IAM programs must be implemented is increasingly complex, a mix of legacy on-premise IAM infrastructures, cloud-based ...