It seems to me that every time I have a conversation with a senior security executive or on the other side of the coin a board member, the feedback is always the same –they don’t understand each other and maybe they speak a different language, resulting in frustration for all involved.

Continue Reading

Your thoughts matter

In his keynote at the recent RSA Global Summitin Washington DC, Art Coviello spoke cogently and convincingly about the need for both vision and execution: “[We are] partners in a battle to create a trusted world for communication, collaboration and innovation. To win the battle, we are going to need vision and execution. You need both. One without the other is insufficient. Vision without execution is merely dreaming. Execution without vision is like driving blindly down an unfamiliar road. It rarely ends well.”

Continue Reading

Your thoughts matter

My previous blog discussed how UK consumers are investing in kitchen gadgets and watching cookery programs on TV but still continuing to devour ready meals.  The security industry faces the same dilemma in that we may have the right ingredients but we are not putting them together in the right quantities to deliver and Intelligence Driven Security model. So, what does Intelligence Driven Strategy look like? And what does our plate look like?

Continue Reading

Your thoughts matter

In the UK, food and cookery programs have taken over prime viewing spots on television and the last series of BBC Bake Off resulted in a record audience.  The market for all things cooking including utensils, gadgets and ingredients has also exploded, so have we all become really good cooks and prepare our meals from scratch every night? Sadly the answer is NO!  only a mere 1 in 8 households actually cook using real ingredients, the rest of us are eating a record number of ready meals and indeed many people don’t know how to cook even the most basic of meals.  We spent a whopping £1.9 billion on ready meals in the last year, the highest for any European country.

Continue Reading

Your thoughts matter

As summer draws to a close, I resumed my usual heavy schedule of travel last week with a keynote at the SIGS Technology Summit in Bern, Switzerland at which Hugh Thompson also gave a keynote.

Continue Reading

Your thoughts matter

The recent Target breach is a really good example of Trusted Third Party (TTP) attacks have become commonplace with shuddering results.  Indeed the compromise on RSA a few years ago was not to attack RSA but steal information to make someone else’s security controls weak.

Continue Reading

Your thoughts matter

Several announcements in July have focused attention on security vulnerabilities and risks in the Internet of Things. Siemens announced an update to fix vulnerabilities in its SIMATIC automation system for energy management. Ponemon Institute, jointly with Unisys, announced its report on security vulnerabilities in critical infrastructure. And HP announced its research on vulnerabilities in IoT devices.

Continue Reading

Your thoughts matter

The BBC’s Digital Media Initiative (DMI) was envisioned not only to replace the old tape-driven system for sharing content, but to transform the whole production process, taking the BBC into the modern world of distributed digital working. None of the elements needed to achieve such a vision is ground breaking or novel at a technical level.  So what went wrong?

Continue Reading

Your thoughts matter
July 23 2014

At the same time that my RSA Research colleagues were uncovering the Boleto fraud in Brazil reported this week, Symantec released a Security Response describing a 2013 cyber-attack on US energy infrastructure, dubbed “Dragonfly“.  (Also researched by Kaspersky under the name “Energetic Bear”. F-Secure have been tracking one of the malware variants used, called Havex.) The attack used spear-phishing, water-holing and  Remote Access Trojans to compromise a number of important organizations in the United States, Spain, France, Italy, Germany , Turkey and Poland. These targets included energy grid operators and electricity generation firms, as well as oil and gas infrastructure and industrial control system equipment manufacturers.

Continue Reading

Your thoughts matter

TheDoctor landed in the Old Billingsgate Market, in London on Tuesday to help EMC reveal a number of product announcements. Possibly for most, the main news of the day was the announcement that the existing high end storage array VMAX would be replaced with VMAX3. This updated array also included an updated and rebranded version of the operating system called HYPERMAX OS.  

Continue Reading

Your thoughts matter