Cloud-based SIEM frees that one hand tied behind your back

onearmHave you ever been asked to fight the state boxing champion with one hand tied behind your back? Many security professionals face this scenario every day. For many companies with whom I talk, there isn’t a lack of IT talent when it comes to security–just a lack of hours in the day, computing resources and necessary headcount with specific expertise to change the culture from reactive to proactive and strategic risk management.

READ THE ENTIRE CLOUD BASED SIEM ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Advertisements

MSPs must practice what they preach-especially with security

msp_practiceMSPs have a lot of responsibility for the IT assets of their clients. It is expected that MSPs will take certain precautions to safeguard client data and infrastructure. In this case, it’s not just the client and their sphere of access that touch the data, but oftentimes the employees/consultants/techs of the MSP themselves – and if their back door is open, the risk can be transferred to the client.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Supporting CIO strategies and priorities from the cloud-Part 1

CIO strategyMost CIOs recognize that the future of enterprise IT lay not with sitting and writing code and patching servers, but rather one of strategic development and as an integrator of business goals: riding the sea change from a person plugging in cables to an analyst; from a compiler of stacks to a broker of business needs. Part 1 of 2

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

 

Sailing the 7 C’s of security monitoring

7 seas cloudOne of the established best practices in InfoSec is monitoring. People, products and companies get paid a great deal of money and expend a great deal of resources to watch pots. Monitoring simply is the central component to any security initiative. But with all best practices, there are variables. How much to monitor? What priorities matter? Where are my greatest vulnerabilities? To this end, I have boiled down monitoring to 7 best practices…The 7 C’s of security monitoring:

READ THE ENTIRE ARTICLE ART THE NEW CLOUD ACCESS BLOG SITE: HERE

The New Standard: Intelligence-Driven Security

braincloudNetwork perimeters are all but erased and traditional security strategies such as stacking don’t adequately address the current needs of a modern enterprise. Many companies are still using strategies rooted in 2002 technologies and approaches. As Exec Chair at RSA Art Coviello wisely noted, “IT organizations have continued to construct security infrastructures around a disintegrating perimeter of increasingly ineffective controls.” A new intelligence-based security model is one that integrates several alerting, analytical and preventative tools into a central monitor and management best practice.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

Adaptive Risk: Making sure you are who you say you are

mirrorImplement the predictive analytic process that is designed to assess/score risk attributes during authentication so that Access Management can determine whether to require the user to complete further authentication steps. Adaptive risk is the key engine in the unified Identity Management/Access Management (IAM) deployment.  It provides the smarts (or the means to collect the “fingerprints”) of possible identity breaches while closely controlling who gets to access what portions of your network.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE

 

My Security Playlist: now playing Access Management

nowplayingThe Who asked ultimate Access Management question…”Who Are You?” So do we listen to Paul McCartney said and “Open the door and let ’em in” or kick them to curb as the Stones suggest…”Hey You, Get off of my Cloud” The answer is different for each organization because, not every employee, partner or customer is equal.

READ THE ENTIRE ARTICLE AT THE NEW CLOUD ACCESS BLOG SITE: HERE