CSC Launches Enhanced Global StrikeForce Security Assessment Suite FALLS CHURCH, Va., Aug. 30 – CSC (NYSE: CSC) announced today that it launched its enhanced CSC Global StrikeForce Security Assessments, a suite of elite services performed by a highly skilled global team of certified and licensed cybersecurity experts. The CSC Global StrikeForce Security Assessments evaluate the  Read More →

Someone sent me this quote in an attempt to convince me that we should focus on vulnerabilities and not threats…I don’t think they are mutually exclusive, but here nor there… Our data tells us that focusing on vulnerabilities is more effective in reducing risk than focusing on threats.  In fact, of nine specific types of threats we  Read More →

Recently I wrote a guest editorial for Virtual Strategy Magazine, although I have to admit I wasn’t made aware of my goofy picture – look away I’m hideous – until the article was published. You can find the full contents at Virtual Strategy Magazine From the article (here)… As I was pondering the challenges of  Read More →

I wouldn’t normally read Rolling Stone but strolling through the airport I noticed “The Biggest Cyber Crime in History – Sex, Drugs & Hackers Gone Wild” on the cover and like passing a train wreck you can’t help but stare at I had to buy a copy, that and it appears that Russel Brands armpit  Read More →

Michal Zalewski, a security researcher at Google, recently wrote a guest editorial for ZDNet entitled “Security Engineering: Broken Promises”. The article lays out a series of issues with the security industry, specifically looking at an inability to provide any suitable frameworks for software assurance or code security. We have in essence completely failed to come up with even the most  Read More →

Back 
to 
Basics: 
What 
is a Client Hosted Virtual Desktop (CHVD)? Client 
virtualization 
refers 
to 
the 
combination 
of 
a 
management
 system
 and
 a 
hypervisor 
on 
a
 client
PC,
 utilizing 
the 
local
resources 
to 
execute 
the 
operating
system. Figure 1. different desktop virtualization models segmented by central vs. distributed computing environment support and reliance on... 

Beijing, China – April 1, 2010 – The Chinese government announced that effective immediately all US based technology firms and associated products and services will be banned from all Chinese government and state-run agency IT environments. The ban is expected to include critical infrastructure, such as military, finance, utilities, and healthcare as well as education,  Read More →

From my recent posting on Computer World UK (here) Whenever I hear the phrase “identity theft,” I can only imagine what the late, great Rodney Dangerfield would have made of it: “Some guy in Moldova stole my identity. The FBI said, ‘…and you want it back?’ No respect!” Despite what seems to be a public fascination with  Read More →

I recently had an opportunity to discuss desktop virtualization with Bill Brenner from CSO online – you can listen to the podcast (here), you can also listen to the most recent Beyond the Perimeter podcast which focuses on Desktop Virtualization (here)  Read More →

We all know that IT security and operations is becoming a more challenging and untenable problem day by day – see “Top 10 Reasons Your Security Program Sucks and Why You Can’t Do Anything About it” – The reality is that we continue to build on top of inherently insecure and fundamentally weak foundations, such  Read More →

As I was traveling through Canada last week I was struck by an article in the Globe and Mail – “Track designers defend Whistler course” – in which the designers of the Winter Sliding Centre suggest that the unfortunate accident that resulted in the death of Georgian athlete Nodar Kumaritashvili was caused by human error  Read More →

To economists, the term “Broken Windows” refers to the question that if a shopkeeper pays a glazier to repair a broken window at his store, does this deliver an economic benefit to society? Many people would say yes, because it generates demand for glass and work for the glazier. Have you ever been witness to the  Read More →

The world needs a treaty to prevent cyber attacks becoming an all-out war, the head of the main UN communications and technology agency warned Saturday. “A cyber war would be worse than a tsunami — a catastrophe,” the UN official said, highlighting examples such as attacks on Estonia last year Craig Mundie, chief research and strategy  Read More →

(this post is dedicated to all those I have debated – poorly – on twitter and in blogs) I must admit that I do enjoy the experience of a good debate, the adrenaline rush, the give and take with a qualified adversary, the thrill of victory and hopefully the expanse of ones views. So often though many  Read More →

In the security industry we like to fool ourselves into thinking that we can materially impact an organizations security posture. We believe that new tools, a new framework, a new regulation, a new school of thought will lift the veil of organizational ignorance and enable us to attain the state of enlightened security practitioner. But as  Read More →