Security Analytics: Buy or Build

How big a market is Security Analytics? If you ask our guest, Gartner Research VP Dr. Anton Chuvakin you’ll hear that there actually is no specific or defined market called Security Analytics. He says that while there are technology providers offering products or services so labeled they all do somewhat different things in different ways.

There are vendors who look at packets, others that look at logs or roles and those that look at malware among other things and they all carry a label of analytics but according to Dr. Chuvakin the fact that all of the vendors do different things in different ways indicates that there is no market that you can just go to and buy a security analytics product.

Organizations need to self define what they want to analyze and then assemble the required pieces and perhaps integrate with a Security Information and Event Management (SIEM) system, which in some cases is essential for aspects of security analytics to work.

In any case, the buy versus build discussion becomes much more than binary. Dr. Chuvakin explores this largely undefined territory with Security Current’s Vic Wheatman.

 

Details

A Five Time CISO on Attacks, Security Personnel Shortages, and More

Five-time CISO Jeff Klaben, who is currently at a Silicon Valley think tank and also is an adjunct professor, says there is a shortage of skilled security professionals, especially at the management level, to combat an increasingly complex enterprise attack surface.

Klaben was exploring the connection between cyber security education, threat intelligence and incident response. He told Security Current’s Vic Wheatman that the aim was to create actionable intelligence but the question remained, “how do we prepare folks to leverage these tools and capabilities?”

He said education and particularly mentoring within an organization would be integral to a successful security program and encouraged CISOs to mentor up and coming security professionals within. Klaben also called on CISOs to work with security start-up vendors to, at the very minimum, provide them feedback so as to ensure they are developing cutting edge technologies.

He was speaking at the Security Innovation Network’s (SINET) Conference at the Computer History Museum in Mountain View California.

 

Details

Automotive Security and the Car of the Future

Imagine a future when cars are no longer controlled by the driver.

With automatically controlled cars coming “just around the corner” and with more automation features being introduced there are concerns that vehicles might be vulnerable to security attacks.

But advancements in connectivity and automation need to keep pace with market needs. Automation may be able to make a dent in the 33 thousand annual road fatalities.

So what should be the relative roles of government and industry? Should the automobile companies collaborate on security and are they doing it already?

Security Current’s Vic Wheatman spoke with Dr. Peter Sweatman, Director of the University of Michigan’s Transportation Research Institute, about the self-driving car. The podcast was recorded at SINET, the Security Innovation Network’s recent conference in Mountain View, California.

 

Details

Cloud Security Monitoring, Cloud Access Security Brokers and MSSPs

Monitoring new cloud environments for adequate security is challenging, particularly when trying to determine which approach might be best.

Most Managed Security Service Providers (MSSPs), while “out there” in someone else’s data center, are not operating from the cloud and are not necessarily the right choice for monitoring the security of cloud instances.

Organizations have a responsibility to manage the relationship when MSSPs are used or money could be wasted.

Emerging between the enterprise and the cloud are Cloud Access Security Brokers or CASBs. These topics are explored in this discussion between Security Current’s Vic Wheatman and Gartner Research Vice President Dr. Anton Chuvakin.

 

Details

Addressing a Critical Vulnerability Management Problem

Scanning a network, devices or applications for security vulnerabilities may not tell the whole story or even tell the true story. IP addresses and host names are a moving target, constantly changing. This leads to frustration and potentially remediation of the wrong assets while broken assets may remain unevaluated and vulnerable. And the problem is worse as organizations use cloud environments.

In this sponsored podcast, Security Current’s Vic Wheatman speaks with security expert Tom Desot, CIO of Digital Defense Inc., who talks about the problem and offers ways to mitigate.

 

Details

The Security Hits Keep Coming

Some research suggests that 97 percent of organizations are already compromised, according to former Gartner analyst Eric Ouellet. And according to Oullet the hackers are smarter and more persistent than ever, often having a better understanding of an organization’s particular computing environment better than its owners.

Recorded on the streets of San Francisco with Security Current’s Vic Wheatman, Ouellet who is currently VP of Strategy for Bay Dynamics says that hackers will find a way to get inside an organization’s network even if it takes a long time. There is only so much you can do to protect your environment, Ouellet adds and points to credit card companies use of anomalous behaviors as where the industry needs to head to mitigate attacks.

 

Details

FBI Views on Cybersecurity and Information Sharing

The recent US Presidential Directive along with White House statements on cybersecurity have brought new energy to law enforcement approaches against cybercrime.

Sharing threat data within the public and private partnership is becoming increasingly important as work continues to mitigate security breaches.

In this podcast, Security Current’s Vic Wheatman speaks with FBI Assistant Special Agent in Charge for San Francisco Cyber Division Malcolm K. Palmore about the evolution of cyber threats, cyber terrorism, and industrial espionage and the FBI’s focus.

 

Details

The City of San Diego’s CISO Talks Security & Innovation

You wouldn’t think that innovation and city government go hand in hand but in The City of San Diego that is precisely the case.

In this conversation with Vic Wheatman, the city’s CISO Gary Hayslip discusses how the City of San Diego embraces cutting edge technology, working with early stage security startups. At the same time he is dealing with legacy systems that are “duct taped” to newer applications in an environment that is increasingly using cloud services to cope with its security requirements.

With 41 departments and 400 applications under their purview, Hayslip talks about how by their very nature they are under constant threat.  He relays his top three security issues that keep him up at night and how he has developed programs to attract and retain talented security professionals.

 

Details

Emerging Deception Techniques, Technologies and Tools

There’s a desire to “get back” at infrastructure attackers through offensive deception techniques. Products are just emerging designed to lead the bad guys into worthless, time-wasting activities to minimize the damage they can cause. But there are risks to existing business processes and partner relationships, suggesting a cautionary approach.

Security Current’s Vic Wheatman speaks with Lawrence Pingree, Research Director at Gartner, Inc. about this new class of tools for cyberspace defense.

 

Details

Aviation Security: Who’s Looking Out for Us?

The aviation industry is a pillar of critical infrastructure and the industry is very complicated. It has cargo, passenger, military and leisure components with an overlay of complex communications systems.

Networks connect all of the information yet airlines and their networks are independent. There are potential vulnerabilities that can be exploited by people intending to do harm.

What agencies are responsible for securing air travel? Security Current’s Vic Wheatman speaks with attorney Lawrence Dietz, General Counsel and Managing Director of Information Security at TAL Corporation talks about who is responsible for aviation security from a cyber perspective.

 

Details