I heard a question the other day that caught me off guard. “Why do you guys even sell IPS (Intrusion Prevention Systems), is there even value in that anymore? Shouldn’t you just recommend patching vulnerable systems?” 

Benjamin Franklin’s famous axiom is as true today, regarding data loss prevention (DLP), as it was when Franklin first made the quote.  While Franklin was actually addressing “fire safety,” data loss incidents today can cause organizations, both large and small, to “get burned.” Many IT chiefs are spending a vast majority of their precious budgets…

Vulnerability scanning and reporting are becoming a driving need within healthcare.  As advanced persistent threats or APTs are on the rise and constant exploits are being found, IT staffs are not always able to patch/update healthcare systems due to equipment guidelines. Having the tools in place to see potential issues and mitigate risk helps IT…

Our nation’s state and local law enforcement agencies have looked to the FBI’s Criminal Justice Information Services (CJIS) Security Policy for many years to set the standard for security requirements in the industry. The CJIS Policy dictates the minimum level of security requirements while providing guidelines and agreements for organizations to protect the transmission, storage…

The big security news last week was Shellshock, a vulnerability that affects the Bash shell on *nix operating systems (including Macs). So good news, Windows admins, you get to sit this one out. For the rest of the world, the impact of Shellshock is still unclear and perhaps that’s what is making it most unsettling….

We are in the middle of security conference season. Therefore, it’s not entirely unexpected to see headlines from Black Hat and other conferences discussing “grave” security threats, and what they mean to our ability to protect our organizations and ourselves.