Wednesday, October 28, 2015

User-Based Use Cases

What are some use cases for a user-based approach to information security?  I've explored some in my most recent piece in The Business Journals: http://www.bizjournals.com/bizjournals/how-to/technology/2015/10/4-user-based-considerations-for-security.html.  Hope you enjoy!

Wednesday, October 21, 2015

See Security From The User Perspective

The technology experience is a user-centric one.  Given that, why do security professionals take a system-centric approach?  I've always wondered.  I discuss this topic in my latest SecurityWeek piece entitled "See Security From The User Perspective": http://www.securityweek.com/see-security-user-perspective.  Hope you enjoy.

Thursday, October 15, 2015

An Atypical Approach To DNS

DNS logging is extremely important for security operations and incident response.  So much so that organizations that don't log DNS are typically quite sorry they don't when crunch time comes.  On the other hand, implementing dedicated DNS logging infrastructure can increase cost and complexity.  Is there a better way?  I think so.  My latest piece in DarkReading explains: http://www.darkreading.com/risk/an-atypical-approach-to-dns/a/d-id/1322666.  Hope you enjoy.