Stuck in Traffic – BCP for Ransomware

Archive for October, 2017

We Got it Wrong at GrrCon 2017

Posted by

We Got it Wrong

This session is on all the things we all say all the time, about all the things we all know. Security through obscurity is bad. Defense in depth is good. Stop clicking things. Next generation is bad, or maybe, next generation is good. The list goes on and on. The resulting rules of thumb are sometimes contradictory and often misleading. With war stories and anecdotes, we’ll explore what happens when teams run security by tribal knowledge instead of research and reason. Spoiler alert: they get pwned. Turns out, we were wrong.

(Friday, October 27, 2017. Grand Rapids, Mi)

Watch more videos on my YouTube channel.

Hybrid Cloud — The IT leader’s guide

Posted by

The Entprisers Project has an article on hybrid cloud.

What are the key considerations for hybrid cloud security?

As we recently noted, “Hybrid cloud should strengthen your organization’s security posture, not diminish it. But that doesn’t mean improved security is a default setting. While security fears are declining as cloud matures, security remains an ongoing challenge that needs to be managed in any organization.”

CIO Security LockHybrid cloud security is a big topic; it can be hard to know where to focus. What are the hybrid cloud security questions that you should bear down on now? It starts with visibility. “Too often in modern IT, CIOs and other IT leaders have blind spots in their environments, or they focus too narrowly (or even exclusively) on their on-premises infrastructure,” cybersecurity veteran J. Wolfgang Goerlich, who serves as VP of strategic programs at CBI, told us.

Other key issues include asset ownership controls; compliance controls; security tool interactions; communications, and risk assessment.  As your hybrid cloud strategy grows, so should your security planning.

Read more here: