Vice President for Cybersecurity
The analyst firm Canalys annually produces their Cybersecurity Leadership Matrix. Whereas many third-party assessments are looking at just the security product, this one focuses on the value to channel partners. Sidebar: what is the channel? If you arenāt actively buying or selling cybersecurity and arenāt familiar with the term, the short answer is that the…
Read More
Full disclosure: I am a security product testing nerd*. Iāve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, hereās a snapshot of the Trend eval results as I understand them (rounded down): 91.79%…
Read More
This overview builds on the recent report from Trend Micro Research on cloud-specific security gaps, which can be found here. Donāt be cloud-weary. Hear us out. Recently, a major tipping point was reached in the IT world when more than half of new IT spending was on cloud over non- cloud. So rather than being…
Read More
So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely. A Lot of New Teleworkers All At Once This event can’t…
Read More
It doesnāt take a wily prediction to see that the cycles of tech procurement and planning are increasingly compressed. In enterprise IT, the two largest forces at play are business changes and technology changes. These two major forces are somewhat independent; a lot of tech change happened during the last economic downturn, and in fact…
Read More
Itās always an indicator of confusion when instead of hearing āI want Qā Iām asked āwhat is Q?ā. In this case the āQā is Zero Trust.Ā Iāll try and give my best take on what I understand Zero Trust to be. History Repeats Letās start with the background. Quite a while back the Jericho Forum…
Read More
Real enterprises are messy places. One messy reality is that enterprises donāt manage all their endpoints. A smart colleague turned me onto using the % of endpoints and servers managed as a prime security metric. On one end of the spectrum are places like universities that maybe manage 10% of the endpoints on their network….
Read More
In Jon Clayās post, he does a great job of explaining the evolution from EDR to XDR. In short, he explained that Endpoint Detection and Response (EDR) is great, but that having sources of information beyond endpoint is better. The āXā in XDR is essentially āmanyā or whatever we can add to provide a broader,…
Read More
Malice Vs Greed Most discussion about security in the supply chain has been focused on detecting tampering, or preventing backdoors or sneaky things being inserted into components and software. Thereās another aspect emerging and will dwarf the tampering: devices that are counterfeited for profit indirectly causing security problems. Counterfeit devices are ones that either by…
Read More
User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. Thatās the ādo I like itā or the test-drive part of the selection.Ā But the āhow well does it workā part is lab testing. Iām…
Read More
