Following the Wh1t3 Rabbit - Practical Enterprise Security

Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.

Rafal (Principal, Strategic Security Services)

Security Intelligence and Threat Intelligence are not the same thing

I believe it was the character Enigo Montoya who in the movie The Princess Bride said it best: "You keep using that word. I do not think it means what you think it means." It's a bit shocking how many times, and how directly that applies to the security community, and the words we use... especially when it comes to threat intelligence vs security intelligence.

Anonymous, LulzSec and the Trouble with Hacktivism

If anyone doubts that political and social activism is alive and well, clearly they haven't been reading the news over the past year.  The havoc the causes have created has left carnage across the Internet, in board rooms, and on the fore-front of consumers' minds.  There are two main issues, from a defender perspective that concern me in these causes though - predictability and the "tag-along" effect.

DOE Networks Under Siege - Labs Report Sophisticated Breaches

As Sherlock Holmes would have said - "The game is afoot!"

 

Let me ask you one fundamentally disturbing question ...What if ESnet was to get compromised?

Search
About the Author(s)
Follow Us
Twitter Stream


Community Announcements
HP Blog

Technical Support Services Blog

Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation