September 6, 2011 - Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers (continue reading...) Read more
August 19, 2011 - Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored (continue reading...) Read more
June 27, 2011 - If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets. The threat landscape has evolved beyond PCs, tablets, and smartphones to (continue reading...) Read more
May 23, 2011 - While 99.9% network and server uptime has long been an established standard in data centers, the consumer experience so often fails to live up to that, and I as I was reminded of again this weekend. Unplanned network or (continue reading...) Read more
May 19, 2011 - Recently I have been meeting with customers and resellers throughout Italy and Spain and it was interesting to hear that their needs from a security partner are very similar to those from the other countries I have recently visited. I have (continue reading...) Read more
May 18, 2011 - As an IT professional, often times you’re pulled in many different directions. With technology and the role of IT changing, you’re asked to cover various disconnected silos within an enterprise. When it comes to security, regardless of your business size (continue reading...) Read more
May 11, 2011 - With much fanfare and much to the chagrin of ne’er-do-wells far and wide, the Zeus Toolkit source code has been released to the public. This is notable because normally it would cost quite a bit to purchase the kit and associated (continue reading...) Read more
March 30, 2011 - As many of you are aware, last week McAfee announced a definitive agreement to acquire privately-owned Sentrigo. Sentrigo offers a complete suite of database security technologies including vulnerability management, real-time change monitoring, database activity monitoring, database audit, (continue reading...) Read more
March 23, 2011 - If you’re responsible for database security and feel like scaring the living daylights out of yourself, check out www.privacyrights.org/data-breach. It’ll give you some idea of just how large of a problem security breaches truly are. Significant breaches (continue reading...) Read more
March 16, 2011 - I had the privilege of speaking before the House Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies at a hearing titled “Examining the Cyber Threat to Critical Infrastructure and the American Economy.” I was pleased to have the (continue reading...) Read more
March 2, 2011 - The 9th Circuit U.S. Court of Appeals held recently, in Krottner v. Starbucks Corporation, that increased risk of future misuse of personal data following the theft of a laptop containing the unencrypted personal data of a group of current (continue reading...) Read more
February 28, 2011 - Last week, McAfee released a report titled “Risk and Compliance Outlook for 2011″ which has some shocking end-user statistics around risk management, patch management, policy compliance, and configuration management. First up – 41% of companies admitted they are not well protected (continue reading...) Read more
February 22, 2011 - I went to the CES conference a few weeks ago and was blown away by the proliferation of new devices and mobile applications that were being announced. Then, last week, I was at the RSA Conference and (continue reading...) Read more
February 1, 2011 - At FOCUS10, we introduced the concept of Security Connected and recently discussed the foundations of enterprise security and “5 Ways to Get Hacked” here on the blog. In this series, we’ll break down these five key elements of (continue reading...) Read more
January 31, 2011 - Business needs to secure mobile devices. Account for mobile devices. Manage mobile devices. Let employees access their apps on mobile devices. These are – more or less – the requirements in the new world of mobile devices. But employees are also (continue reading...) Read more
January 25, 2011 - Blocking spam is the top job of your email security solution. When it is not working well, the user complaints come flying in. An effective anti-spam solution is critically important to have, but are spam catch rates the important criteria (continue reading...) Read more
January 14, 2011 - It seems that for many businesses, the first thing that suffers during the holiday crunch is anything that doesn’t bring in additional revenue – among them, maintaining PCI compliance. Look Back to Look Forward As you look back on the holidays, here (continue reading...) Read more
December 22, 2010 - During FOCUS10, we announced our Security Connected initiative as a way to get the enterprise one step ahead, breaking down the silos of security technology and processes. In January, we’ll dissect all the elements of Security Connected here on (continue reading...) Read more
December 21, 2010 - The second Tuesday of every month (“Patch Tuesday”) is a very busy day for information security warriors. They have to digest a flood of information from affected vendors (primarily Microsoft and Adobe) and then cross-check and correlate that against whatever their (continue reading...) Read more
December 14, 2010 - Recent discussion around Wikileaks and Founder Julian Assange has been immense and politically charged, and as the story continues to unfold the implications become more complex. From a security standpoint, here at McAfee we’ve discussed the importance of DLP (continue reading...) Read more