Cloud Security Architectures: Lifting the Fog from the Cloud

A growing body of technical knowledge has been codified and broadly taught to computer science students on how to properly architect a large-scale application or system to meet functional and performance goals. A similar body of security engineering knowledge needs to be developed to architect a corresponding security architecture. A ... Read More

HIPAA, GDPR and the Dreaded “Second Hop” Security Problem

Malicious attacks targeting a healthcare company’s confidential data are nothing new. The industry has lived under the stringent HIPAA requirements for years and many have made great strides deploying systems to manage and protect their data. What is disturbing, however, is the number of breaches that still occur. A recent ... Read More
Microsoft Age of Collaboration

Microsoft and the Age of Collaboration: Now, We Stand

Thank you, Microsoft. When teaching about computer security, I’ve often quipped, “There is ‘Infosec,’ ‘Comsec’ and ‘Jobsec.’”  Thanks to the ubiquitous Windows platform, fraught with security holes that were found on what felt like a weekly basis. Patch Tuesday was “celebrated” almost as much as Friday nights (not really). But ... Read More
Security Boulevard

Fast Detection of Breaches is ideal to keep Financial Data Safe

Malicious attacks targeting a company’s confidential financial data with the intent to make a profit is nothing new. What is disturbing, however, is the amount of time the hacker can go unnoticed, in some reported cases of breaches as long as months. In 2015, 32 Ukranian hackers made as much ... Read More