From Schneier on Security… Security and Human Behavior Bruce Schneier contributes this very thought-provoking post from the first “Security and Human Behavior” workshop, prompting a discussion of how perception and human psychology affect not only the way people assess their security, but the way security professionals devise solutions for problems. Schneier asserts that “[m]any real [...]
Archive for June, 2008
From JJ’s Security Uncorked… Network Based Entitlement… A Rose by Any Other Name JJ reviews Rohati’s recently-announced “Network-based Entitlement Control,” drawing the conclusion that Rohati’s approach to NAC is no different than what can already be accomplished by traditional hardware solutions available. From Emergent Chaos… Not quite clear on the subject This blogger corrects a [...]
Inside and outside the network perimeter
Posted: June 19, 2008 by vpnhaus in Posts, Rethink Remote AccessFrank Cassano has written a series of posts at BlogInfoSec titled “Assessing Your Organization’s Network Perimeter” (see Part 1 and Part 2). We had a quick chat with NCP’s Rene Poot to get his perspective on Cassano’s analysis. Here’s what Rene had to say: What should be mentioned as (one of the many) details would [...]
From Rational Survivability… Verizon Business 2008 Data Breach Investigations Report Christofer Hoff summarizes and comments on the results of a report culled from over four years and 500 forensic investigations performed by the Verizon Business RISK team. Interesting bits: 73% of breaches resulted from external sources, 83% of attacks were not highly difficult, 85% of [...]
From Rational Survivability… Security Will Not End Up In the Network… Hoff showcases a graph of the cycles of security investment, to rebut the pronouncement that “security will end up in the network.” “There’s no end state,” he writes. “It’s a continuum. The budget and operational elements of who “owns” security and where it’s implemented [...]
