Bob Tarzey

Senior Director

Quocirca Ltd

IT Forensics in Real Time

Posted on: 28 Apr 2014

In an ideal world threat intelligence should prevent IT security incidents from occurring in the first place; however, in reality incidents are inevitable, often with associated data breaches. Post-event clear up requires intelligence gathering as well and the quicker this can be done the better. As incident response capability speeds up the ability to use…

The Safe Use of Test Data

Posted on: 27 Mar 2014

The best time to eliminate software bugs is early on in the application development lifecycle. Doing so helps ensure better code is released in the first place; it will be less vulnerable to attack and more secure. But, how do you get closer to achieving the ultimate goal of bug free code that delivers to…

FIDO – Fast Identity Online: No More Dogs on the Internet

Posted on: 04 Mar 2014

Web users rely on SSL (secure sockets layer) on a regular basis without having to know what it is or even if it is securing their transactions and data in the background. Without SSL there would have been no Internet banking, no e-commerce, no Internet revolution. There are limits to the level of security offered…

Convergence of SIEM and Forensics

Posted on: 26 Feb 2014

Sometimes technology areas that once seem distinct converge. Indeed there was a time when the term convergence was used, without qualification, to refer to the coming together of IT and traditional telephone networks, something that for many is now just an accepted reality. Two recent discussions Quocirca had brought into focus a convergence that is…

Why Would they DoS Us?

Posted on: 03 Feb 2014

As various pundits have reeled off their security advice for 2014 many have listed the growing threat of denial of service (DoS) attacks as something to look out for. They are probably right to do so; two recent publications, the Arbor Worldwide Infrastructure Security Report (WISR) and the Prolexic Global DDoS Attack Report, both show…

Beyond Microsoft Active Directory

Posted on: 08 Jan 2014

Embedded in all Microsoft Windows server operating systems and in its Azure platform as a service offering is Active Directory; a store of information about all the objects and their attributes that are active within a given Windows network domain. This includes printers, network devices, hardware servers and, most importantly, users. This storage of user…

The Increasing Mobility Threat to IT Security

Posted on: 02 Jan 2014

Any organization that has not already started to think about the impact mobility has on IT security should start doing so this year. 63% of businesses provide formal access to some of their business applications to mobile users, a Quocirca research report “Digital Identities and the Open Business,” showed. Furthermore, the sheer ubiquity of mobile devices and…

Getting Real About Network Access Control (NAC)

Posted on: 29 Dec 2013

The two biggest concerns organizations have when considering the use of cloud based services are the safety of personal data and complying with data protection laws (see complimentary Quocirca report, “The adoption of cloud based services,” downloadable here). The report shows that these are issues that those recognizing the benefits of such services overcome by…

Securing the Cloud – Coming if You’re Ready or Not

Posted on: 22 Oct 2013

No business can avoid “the cloud.” Some embrace cloud based services with enthusiasm as a formal way of delivering all or part of a given organization’s IT requirements, whilst others grudgingly accept them because it is near impossible to stop individual users or lines of business from building them in to business processes. A recent…