The Sys Admin Did It!

Like the butler in classic murder mysteries, we’re quick to suspect the person with unfettered access, and that’s often the proverbial “red herring”. The 2011 Verizon Data Breach Investigations Report (DBIR) provides system administrators with a statistical alibi.  Apparently, the System/Network Administrator was the culprit in only 3% of their ... Read More

From Point of Entry to Compromise

The leather-clad Trinity, of Matrix fame, runs an Nmap port scan against a target IP address, detects a vulnerable SSH service and, a few keystrokes later, has root access to the power grid. This is the view many hold of the cyber threats we face, but the 2011 Verizon Data ... Read More

Log Management: Bad News, Good News

The “bad news” is that log management has failed miserably. The “good news” is that it can’t get any worse. That’s the obvious conclusion from the 2011 Verizon Data Breach Investigation Report (DBIR) where they report that NONE of the breaches they investigated were detected via log analysis. In a ... Read More

Secret Service – Guarding Presidents and Payments

The Secret Service may be best known for their role as the President’s guardians, but it’s their role protecting the U.S. currency that has them guarding all forms of payment and financial systems, and actively pursuing cybercriminals.  While this group may not need to “take a bullet” for us, we ... Read More

2011 Verizon DBIR: Insights and Opportunities

The annual Verizon Data Breach Investigations Report (DBIR) is making headlines, generating tweets and motivating blog posts – like this one. Weighing in at 74 pages, it’s a significant report, and if you’re serious about getting a “state of the union” handle on network security, I encourage you to read ... Read More

Barracuda: Got SIEM?

The announcement of a breach at Barracuda Networks is only the most recent among several high profile network security companies.    We applaud Barracuda’s announcement and the description of what happened.  It’s important that the industry share this information and accept that breaches happen – even among some of the most ... Read More