Vice President for Cybersecurity
The analyst firm Canalys annually produces their Cybersecurity Leadership Matrix. Whereas many third-party assessments are looking at just the security product, this one focuses on the value to channel partners. Sidebar: what is the channel? If you arenât actively buying or selling cybersecurity and arenât familiar with the term, the short answer is that the…
Read More
Full disclosure: I am a security product testing nerd*. Iâve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, hereâs a snapshot of the Trend eval results as I understand them (rounded down): 91.79%…
Read More
This overview builds on the recent report from Trend Micro Research on cloud-specific security gaps, which can be found here. Donât be cloud-weary. Hear us out. Recently, a major tipping point was reached in the IT world when more than half of new IT spending was on cloud over non- cloud. So rather than being…
Read More
So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely. A Lot of New Teleworkers All At Once This event can’t…
Read More
It doesnât take a wily prediction to see that the cycles of tech procurement and planning are increasingly compressed. In enterprise IT, the two largest forces at play are business changes and technology changes. These two major forces are somewhat independent; a lot of tech change happened during the last economic downturn, and in fact…
Read More
Itâs always an indicator of confusion when instead of hearing âI want Qâ Iâm asked âwhat is Q?â. In this case the âQâ is Zero Trust. Iâll try and give my best take on what I understand Zero Trust to be. History Repeats Letâs start with the background. Quite a while back the Jericho Forum…
Read More
Real enterprises are messy places. One messy reality is that enterprises donât manage all their endpoints. A smart colleague turned me onto using the % of endpoints and servers managed as a prime security metric. On one end of the spectrum are places like universities that maybe manage 10% of the endpoints on their network….
Read More
In Jon Clayâs post, he does a great job of explaining the evolution from EDR to XDR. In short, he explained that Endpoint Detection and Response (EDR) is great, but that having sources of information beyond endpoint is better. The âXâ in XDR is essentially âmanyâ or whatever we can add to provide a broader,…
Read More
Malice Vs Greed Most discussion about security in the supply chain has been focused on detecting tampering, or preventing backdoors or sneaky things being inserted into components and software. Thereâs another aspect emerging and will dwarf the tampering: devices that are counterfeited for profit indirectly causing security problems. Counterfeit devices are ones that either by…
Read More
User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. Thatâs the âdo I like itâ or the test-drive part of the selection. But the âhow well does it workâ part is lab testing. Iâm…
Read More
