A Job for Man or Machine?

A CTO for a Midwest banking holding company made a very interesting observation earlier this week. In commenting about the needed increase in fraud fighting resources, he warned about the perils of overemphasizing technology while ignoring training staff in using manual fraud-detection processes.

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE

Advertisements

Threat Versus Risk

It’s more than just semantics. Many see the terms risk and threat as interchangeable. However in the simplest of terms, risk the probability or frequency of doing harm while threat is the actual or attempted infliction of that harm. Tomato, tomahto? It’s all about keeping your IT assets protected, right? By better understanding the difference between ‘threat’ and ‘risk’ can help you make decisions that will keep your systems safer and avoid unnecessary costs.

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE

Everything I Know About Cloud Security I Learned from Star Trek (Part 1)

Is there any wisdom about security that can be gleaned from the iconic television show Star Trek? Obviously it’s not about about alien life forms invading the starship Enterprise (unless you define aliens as malware or botnets) or how the transporter split Captain Kirk in to good Kirk and Evil Kirk (unless you consider the lesson of encrypting data in transit). However many of these adventures can easily be extrapolated into usable policies and strategies that can be used in a cloud-security (security-as-a-service) configuration.

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE

 

Smelling a RAT: Lesson Learned from Sophos

renowned security firm. Sophos, discovered it’s server was compromised. In this case they discovered a couple of unauthorized programs that were designed “to allow unauthorized remote access to information.” The type of program found were RATs (remote administration tools) which if they remained undetected could have seriously violated the security of Sophos’ partners. What could they have done differently

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE

*********: Your First Line of Defense

If you’re like me, you have dozens of passwords. From Facebook to bank accounts to SaaS-based CRM or Google Apps to general network access.  And if you are like 75% of the users out there, just key in your birthday or your dog’s name or (gulp) “password.” For many users it is an inconvenience to remember the variety of access keys so you default to using the same password over and over and over again.

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE

Security Does NOT Equal Compliance

most IT professionals are acutely aware of the requirements and all the burdens that go with ensuring this sensitive data is secure to the standards set forth by the PCI SSC. But awareness and active compliance are two different things. There are so many moving parts in a modern IT architecture that sometimes you might have all the security measures in place, but still might not be in compliance.

READ THE ENTIRE ARTICLE AT OUR NEW BLOG SITE: HERE