I’ve recently had the great fortune to be called in as an industry expert
to comment on current news at the Fox Business “Money with Melissa
Francis”. I’ll be the first one to tell you that every (read: EVERY) mass
media outlet has an agenda. From Fox, through CBS, NBC, CNN to Al-Jazeera.
They have […]
Aha! Can’t believe I managed to avoid the unbelievable hype flood that
swept across the interwebs in the last month. And to think that the last post
(long overdue, I know… had REALLY good reasons for not being able to post
anything) was somewhat oracleish in predicting that this would be the focus
of this year.
Just to set the stage right – we are at a point where I just saw a USA
Today “Money” section front page article on how Google’s engagement
with the NSA post the breach will affect the security vendor market, and a
few VCs were also quoted to the fact that we will be seein... (more)
Just wanted to let you all know (as a member of the CSA-IL board) that we
will be having a conference on September 2nd who’s title is “Cloud
Security Technology and Innovations” in Tel-Aviv, Israel.
We expect to have great participation from all areas of the industry, are
working on a great venue to host the conference, and are opening up the Call
Please see the CSA-IL WiKi for additional information on how to submit for
Looking forward to seeing you all there!
Related posts:Upcoming Conf... (more)
So everyone has been fully focused on Stuxnet – trying to figure out
(again) what 0-days were involved, how were networks crossed, which
command-and-control channels are utilized and how the systems were
I’m really hoping that the technical analysis would help us get a better
grip on what kind of risk a persistent and well-funded attacker poses to a
target. Nevertheless, it’s almost as we have not really learned a lot from
past events – and yes, I’m talking about connecting the dots again. This
time not in the sense of linking between crime and nation-state,... (more)
I’m guessing that having “APT” in anything that goes outside for public
consumption these days is mandatory, but this post actually has a good reason
to do so. If you look back just one post in the past, we were discussing the
new initiative to define “Penetration Testing”. The post, and the
proposed standard itself really take a good look at what organizations need,
and how to address such needs from a practical point of view, rather than
from a compliance or a “check-box ticking” perspective.
For me this is one of the things that the security industry has done a great