Final Week! Get an iPad Mini 4, Samsung Galaxy Tab A, or $250 Off OnDemand and vLive - Ends May 24!

SANS Security Trend Line

The Information Loss Costs Waaay More Than the Device Loss

SANS Newbites recently carried a news item I commented on: Two Laptops Stolen From Insurance Office Contained Unencrypted Patient Data (December 16, 2013) Earlier this month, a New Jersey health insurance company began notifying more than 800,000 members that their personally identifiable information was stored, unencrypted, on laptops stolen from Horizon Blue Cross Blue … Continue reading The Information Loss Costs Waaay More Than the Device Loss


Twelve Word Tuesday: Just Because It Is Policy Does Not Mean Security is Responsible

Monitoring/blocking unproductive use of corporate assets or connectivity shouldn't be a security function. Continue reading Twelve Word Tuesday: Just Because It Is Policy Does Not Mean Security is Responsible


SANS "Security Difference Makers in 2013" Awards

Over my 13 years working with enterprises at Gartner, I noticed that the companies with the fewest security incidents were rarely the ones with the biggest budgets. Almost invariably, the common denominator was the quality of their information security team, and in particular some person or small group of people that took the initiative to … Continue reading SANS "Security Difference Makers in 2013" Awards


Twelve Word Tuesday: All I Want for Christmas Is a Meaningful SSL Certificate

SSL certificates today are to security as balsa wood is to strength. (New Microsoft advisory forunauthorized SSL certificate issuance reported yesterday by Google.) Continue reading Twelve Word Tuesday: All I Want for Christmas Is a Meaningful SSL Certificate


Twelve Word Tuesday: December is Test Your Backup/Recovery and DDoS Mitigation Approaches Month

Akamai acquires Prolexic - do you know if your DDoS mitigation approach works? Continue reading Twelve Word Tuesday: December is Test Your Backup/Recovery and DDoS Mitigation Approaches Month