Threat modeling frameworks and methodologies

Threat modeling is a process by which organizations can shift their security approach from reactively plugging exploits to proactively and systematically understanding and addressing potential threats in the design stage. This process identifies potential threats to the system, data/asset exposure, logical/architectural vulnerabilities, and relevant security controls to help evaluate security decisions, serve as a guide... Continue Reading →

Application visibility is key for data center micro segmentation

Micro segmentation is key for zero-trust network Micro segmentation divides a network at a granular level, allowing organizations to tailor security settings to different types of traffic and create policies that limit network and application flows to those that are explicitly permitted. It allows security teams the flexibility to apply the right level of protection... Continue Reading →

Importance of security operational metrics and reports

Enterprise today has limited security resources and are strive to ensure the confidentiality, availability and integrity of data. The cost of securing operational assets and data is an important consideration. Each enterprise must find ways to balance between managing risk and cyber security expenditures. Role of measurements and metrics in security operation center Measurements tend... Continue Reading →

Securing Container workloads for Enterprise

What are containers?  Containers represent a transformational change in the way apps are built and run. Containers package an application and all its dependencies into a single image that can be promoted from development, to test, to production, without change. Containers provide consistency across environments and multiple deployment targets: physical servers, virtual machines (VMs), and... Continue Reading →

NIST released the draft NICE Cybersecurity Workforce Framework (NCWF)

The NICE Cybersecurity Workforce Framework (NCWF) is a national resource that categorizes and describes cybersecurity work. It provides employers, employees, educators, students, and training providers with a common language to define cybersecurity work as well as a common set of tasks and skills required to perform cybersecurity work. Through the process of identifying the cybersecurity... Continue Reading →

US Cybersecurity Framework – Common concerns

US Cybersecurity Framework - Common ConcernsSpending on security continues to increase. Recent Wall Street Journal article says, “Global cybersecurity spending by critical infrastructure industries was expected to hit $46 billion in 2013, up 10% from a year earlier, according to Allied Business Intelligence Inc.”President Obama released E.O. 13636 on Feb. 12, 2013 including Sec. 7. Baseline... Continue Reading →

Blog at WordPress.com.

Up ↑