|
||||||
Will the user define security policies in the future?I think, I blogged about this event already earlier: Years ago I was meeting a customer and was talking about the future of IT. I was telling the audience (about 10 people including the Security Officer) that there is a good chance that IT will not define a set of hardware anymore but that the user will buy their own and use it for business. Additionally, different people have different ... 
Get off XP or Risk your Business?One of the highest hit rates I ever had on my blog was one I wrote right before Conficker broke out. I called it Playing Russian Roulette with your Network. The background was, that we released an out of band security update and our customers came back and asked us, whether they really shall deploy it – this situation then led to Conficker. About 12 months from today, Windows XP will ... 
Security in 2013 – the way forward?Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into the context of typical hygiene of any IT environment. Let's try to understand, where we stand ... 
The Directory in the Cloud?It seems that it is an eternity ago – and it is. Pretty much three years ago, Doug Cavit and me published a paper called the Cloud Computing Security Considerations. Even though it is three years, the paper is still worth reading as the content still applies. What we basically said was, that if you look at the Cloud, there are five areas of Considerations: Compliance and Risk Management: Organizations shifting ... 
You know my opinion on collaboration between countries, on public-private-partnerships as well as on collaboration between companies. Since quite a while we run a program called MAPP – the Microsoft Active Protections Program, where we share vulnerability information with security vendors to help them to get signatures out to our joint customers the moment we . . . → Read More: Microsoft and Adobe: Collaboration Against Threats This is always a fairly emotional theme. What is better to protect the ecosystem? Public or private disclosure? Should somebody paying for vulnerabilities or not? Is a vulnerability auction ethical or not? I know that there are numerous views on that and I do not want to debate them here and now. What I just . . . → Read More: How to Deal With Vulnerabilities After my overall announcement that we grow the community in Off to See the World, and Stuart Aston joining as the CSA in the UK, it is a great pleasure to see Magnus Lindkvist coming back. Magnus was the CSA in Sweden a few years back and accepted the offer now to come back and . . . → Read More: Chief Security Advisor in Sweden: Magnus is back As you have seen in my post Off to see the World, we are hiring Chief Security Advisors all over the place. The first one was announced last week: Stuart Aston was announced to take over the Chief Security Advisor in the UK. Have a good start! Roger And everybody tells me how secure they are….. So,according to this article Secunia: Apple makes the most vulnerable software in the market today, apple hast most vulns, then Oracle and then us (and then the rest). And you know, the interesting thing is that the comparison is not “apples with apples” as we tend to . . . → Read More: Secunia: Apple makes the most vulnerable software in the market today Even though it might be obvious, compliance is not only about protecting data but identities as well – and more. Jon Collins, Freeform Dynamics, whom I value high, wrote a good article: Doing the right thing on ID management isn’t enough… – you should read it! Roger The Department of Homeland Security published a report on A Roadmap for Cybersecurity Research, I was definitely impressed! All the themes, which are important to me are in their list : Scalable trustworthy systems (including system architectures and requisite development methodology) Enterprise-level metrics (including measures of overall system trustworthiness) System evaluation life cycle (including approaches . . . → Read More: US Cybersecurity Research! You know that I am not a big fan of blocking social networks within enterprises for different reasons. I just read an article on this subject based on a study by Trend Micro. One of the conclusions in the article is: Trying to just prevent users accessing social networks from work could potentially increase the . . . → Read More: Blocking Social Networks? Think Again… I just wanted to remind you: The support for Windows XP SP2 ends today. I hope that this does not catch you by surprise. If you need all the information about which kind of support ends when for which product, please consult out Lifecycle page. If you have a Premier Support contract with us, your . . . → Read More: Support for Windows XP SP2 ends today! If you follow my blog you saw recently that there are two themes constantly popping up: One is everything about a government’s Cybersecurity Agenda (or the lack thereof) and the second one is the Cloud. Let me briefly line them out: When I talk to governments I often feel that there is a lack of . . . → Read More: Off to See the World |
|
|||||
|
Copyright © 2013 Roger Halbheer on Security - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
