With the decade rapidly coming to a close, I’ve been reflecting on 2019, a year wrought with massive, public breaches that illustrated hacker sophistication unlike anything we’ve ever seen before. Collection #1 exposed over 770 million unique email addresses and over 21 million passwords, the Capital One breach affected nearly 106 million U.S. and Canadian residents, and 540 million Facebook user records were exposed on AWS. And that’s just the tip of the iceberg.Read more »
This article was originally published on Forbes.com.
Flat networks have become so prevalent because they are typically simple to architect, cheap to construct and easy to operate and maintain. However, it turns out that malicious actors love flat networks, too. That's because once a single host on a flat network has been compromised, the integrity of the rest of the network starts to resemble a house of cards. Once an enterprise is penetrated, the flat network delivers the uninvited and unwelcome guest unfettered network access to scan, identify and target high-value assets. Unfortunately, many organizations fail to mitigate or even fully recognize these risks.Read more »
It's that time of year again so I took some time to reflect back on 2018 and what we can expect to ring true in 2019. I've boiled it down to two predictions. The first takes an introspective view into the organizations we're all ultimately tasked with protecting. The second takes an outward-facing view that acknowledges that enterprises are part of a broader business ecosystem, and with that comes upstream and downstream risk.Read more »
In this post, I explain the various factors in calculating the Illumio Vulnerability Exposure Score (VES), which allows organizations to combine industry-standard vulnerability scoring measurements with context from their own unique environment. The VES also helps security professionals prioritize security controls to minimize the exposure of the attack surface and potential impact of vulnerabilities.Read more »
"It’s much more pleasant to be obsessed over how the hero gets out of his predicament than it is over how I get out of mine."
— Woody Allen
Today, security is kind of an artisanal industry. With a total addressable market north of $85 billion per year – and not one player above 5 percent – it is a chaotic industry of niches: Endpoint, AV, Cloud, Network/Infrastructure, Application, Compliance, and the list goes on and on.