Following the Wh1t3 Rabbit - Practical Enterprise Security

Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.

Rafal (Principal, Strategic Security Services)

Security Intelligence for the Enterprise - Part 3

Wrapping up (finally!) my 3-part post on security intelligence for the enterprise ... this time I'm dispensing little nuggest of knowledge...

Security Intelligence and Threat Intelligence are not the same thing

I believe it was the character Enigo Montoya who in the movie The Princess Bride said it best: "You keep using that word. I do not think it means what you think it means." It's a bit shocking how many times, and how directly that applies to the security community, and the words we use... especially when it comes to threat intelligence vs security intelligence.

Security Intelligence for the Enterprise - Part 2

Security intelligence is a big buzz word, but sometimes even if you have all the best tools you're still not a very good carpenter. In this segment I discuss getting value from security, and what it means to your enterprise.

Security Intelligence for the Enterprise - Part 1

Security Intelligence.

We can all agree we need more of it, and that it can be extremely useful in defending our enterprise if it's "done right." What does that mean? More importantly, what is "security intelligence" exactly?


Let's discuss that in part 1 of 2 on this topic

Data Loss Prevention - Step 1: "Known What's Important"

I'm writing a series of posts (should be about 7 if all goes well) to follow up on my blog post titled "Data Loss Prevention - Without the New Blinky Boxes" which addressed some of the silliness that comes with believing that DLP comes in a box, or is a product you can buy to solve your DLP needs. It's silly, but few people out there actually understand why I've hopefully addressed the madness and added some sanity, now I want to go through the things I've outlined in the previous post one by one and give them more clarify.


First, let me tackle Know What's Important as an entry way into this much longer discussion.

Data Loss Prevention - Without the New Blinky Boxes

I can't help but notice that amongst the Information Security professionals I've talked to lately at various conferences and venues across the country there is a very serious push to return to basics. There is a backlash against vendors selling an appliance of a quick fix to point-in-time problem. The glut of blinking lights, and devices that require time and effort to manage has gotten out of control ...or so I'm being told. I've not manged an Information Security team in 4 years now (my how time flies!) but even back when I managed the glut of boxes, products and solutions was becoming too much to bear. I can only imagine it now.

About the Author(s)
Follow Us
Twitter Stream

Community Announcements
HP Blog

Technical Support Services Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation