Hi {{ session.user.profile.firstName }}
J.J. Thompson, CEO, Rook Consulting
Clean, nice, positive, polite, unobtrusive, under-the-radar security has not worked. The recent flood of successful hacks illustrates security's abysmal failure to hit the target. Large enterprise organizations and government agencies are getting hacked with the same frequency as drink orders at "dollar you call 'er" specials at your local watering hole. When we look at the score, the promise of secure data from PCI compliance, ISO2700x, a slew of state privacy laws, and a plethora of spending on security technology has failed to deliver. In this talk, the presenter discusses what has led to security professionals not only missing the bullseye but missing the target all together and what must be done to zero back in. Go ahead, chug some courage and strap on your boots. It’s time to get serious about effective security.
Sep 15 2011
45 mins
Real Security is Dirty
More from this community:

IT Security

  • Date
  • Rating
  • Views
  • Today’s cyber defenses generate a torrent of security alerts. Some of them can be useful, even essential. Many are not. And telling the difference isn’t always easy.

    When assessing security products, organizations often equate a large volume of alerts with more thorough threat detection. But as anyone who’s been roused awake by a car alarm at 3 a.m. knows, it’s the quality of these alerts—not the quantity—that really matters.

    This webinar will examine the four biggest problems with reactive, alarm-based defenses in conventional security deployments.

    Join us to:

    -Learn how to alleviate alert fatigue
    -Detect true threats, provide quality alerts and enhace them with ample context and insight so security teams can act on them
    -Sort out the alerts you must respond to from those you should respond so
    -Discover how to recognize multiple separate alerts that might be part of a multi-pronged attack on your network
  • Join cloud security expert Tricia Pattee on August 27 for a quick, cut-to-the-chase analysis on where to get the most bang for your security buck. The interactive, hour-long discussion will include:

    -The five most common security mistakes
    -Top six areas of security spend
    -How to maximize budget – and minimize risk
    -Hidden cloud security costs

    The presentation will include a Q & A to answer your specific questions about security budgeting and cost management.

    Register today.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Cloud Access Security Brokers (CASBs) are one of the hottest new security technologies on the market. Recommended by Gartner, they provide visibility and control in a new IT world now based in public cloud applications and corporate data being accessed by employee BYOD devices.
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Real Security is Dirty
  • Live at: Sep 15 2011 6:00 pm
  • Presented by: J.J. Thompson, CEO, Rook Consulting
  • From:
Your email has been sent.
or close
You must be logged in to email this