tag:blogger.com,1999:blog-65772111739805658432024-03-16T14:49:30.265-04:00An Analytical ApproachJosh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.comBlogger477125tag:blogger.com,1999:blog-6577211173980565843.post-42803918550573998082024-03-12T04:28:00.001-04:002024-03-12T04:28:10.912-04:004 Security Tips From PCI DSS 4.0 Anyone Can UsePCI 4.0 is here. In my latest DarkReading piece, I discuss four aspects of the standard that security teams may want to be aware of: <a href="https://www.darkreading.com/cybersecurity-operations/pci-dss-4-0-is-good-security-guidance-for-everyone">https://www.darkreading.com/cybersecurity-operations/pci-dss-4-0-is-good-security-guidance-for-everyone</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-50916083877603005172024-02-21T07:55:00.002-05:002024-02-21T07:55:13.500-05:00Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged ApproachSecurity teams need to combine the angles of client-side and server-side detection in order to have the best chance of mitigating the risk of advanced mobile malware. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/diversifying-defenses-fjordphantom-malware-shows-importance-of-a-multi-pronged-approach/">https://www.securityweek.com/diversifying-defenses-fjordphantom-malware-shows-importance-of-a-multi-pronged-approach/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-24900548401507506672024-02-13T02:41:00.002-05:002024-02-13T02:41:16.686-05:00How Changes in State CIO Priorities for 2024 Apply to API SecurityWhat are the 2024 updates to NASCIO's State CIO priorities and what can we learn from them about securing our applications and APIs? I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/application-security/how-changes-in-state-cio-priorities-for-2024-apply-to-api-security">https://www.darkreading.com/application-security/how-changes-in-state-cio-priorities-for-2024-apply-to-api-security</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-85264417348258753202024-01-17T01:44:00.001-05:002024-01-17T01:44:09.192-05:00As Enterprise Cloud Grows, So Do ChallengesWhat can parenting teach us about navigating the challenges of distributed cloud environments? I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/cloud-security/as-enterprise-cloud-grows-so-do-challenges">https://www.darkreading.com/cloud-security/as-enterprise-cloud-grows-so-do-challenges</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-25054556144536033002024-01-04T08:29:00.005-05:002024-01-04T08:29:50.987-05:00Beyond Protocols: How Team Camaraderie Fortifies SecurityThe most efficient and effective teams have healthy and constructive cultures that encourage team members to go above and beyond the call of duty. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/beyond-protocols-how-team-camaraderie-fortifies-security/">https://www.securityweek.com/beyond-protocols-how-team-camaraderie-fortifies-security/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-53061126484344386112023-12-19T00:05:00.003-05:002023-12-19T00:05:19.626-05:00API Security: The Big PictureAPI security is all the rage these days. Hype won't solve operational security problems though. In my latest DarkReading piece, I discuss 10 important points to consider when evaluating API security solutions: <a href="https://www.darkreading.com/application-security/api-security-the-big-picture">https://www.darkreading.com/application-security/api-security-the-big-picture</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-15232407568993591062023-12-18T00:27:00.001-05:002023-12-18T00:27:08.774-05:00Beyond the Noise: Appreciating the Quiet Work of Effective DoersMore often than not, we are grateful for and celebrate the wrong people. It is incumbent on all of us to take the time to appreciate and acknowledge the doers in our lives. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/beyond-the-noise-appreciating-the-quiet-work-of-effective-doers/">https://www.securityweek.com/beyond-the-noise-appreciating-the-quiet-work-of-effective-doers/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-64817570715510561372023-11-22T07:14:00.000-05:002023-11-22T07:14:01.753-05:00Humans Are Notoriously Bad at Assessing RiskAs humans, we are notoriously bad at assessing risk. Even so, all is not lost. I discuss some techniques for more objectively assessing risk in my latest SecurityWeek piece: <a href="https://www.securityweek.com/humans-are-notoriously-bad-at-assessing-risk/">https://www.securityweek.com/humans-are-notoriously-bad-at-assessing-risk/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-74390789577068685612023-11-14T00:09:00.001-05:002023-11-14T00:09:30.629-05:00A Closer Look at State and Local Government Cybersecurity PrioritiesLet's dig a bit deeper into a few of the NASCIO top 10 and take a closer look at state and local government cybersecurity priorities. I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge/a-closer-look-at-state-and-local-government-cybersecurity-priorities">https://www.darkreading.com/edge/a-closer-look-at-state-and-local-government-cybersecurity-priorities</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-72524446104636311102023-10-24T00:42:00.001-04:002023-10-24T00:42:04.073-04:00How State and Local Governments Can Serve Citizens More SecurelyHow can the NASCIO top 10 guide state and local governments to serve citizens more securely? I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge/how-state-and-local-governments-can-serve-citizens-more-securely">https://www.darkreading.com/edge/how-state-and-local-governments-can-serve-citizens-more-securely</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-48136047184784639492023-10-12T02:09:00.004-04:002023-10-12T02:09:35.544-04:00Applying AI to API SecurityBeyond the hype, what are some security problems that AI can help solve? I would argue that API security is one of them. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/applying-ai-to-api-security/">https://www.securityweek.com/applying-ai-to-api-security/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-51062828623806989452023-09-20T09:57:00.003-04:002023-09-20T09:57:24.942-04:00Staying on Topic in an Off Topic World<p>How can we stay on topic in an off topic world? I believe this to be an important skill for security professionals. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/staying-on-topic-in-an-off-topic-world/">https://www.securityweek.com/staying-on-topic-in-an-off-topic-world/</a>. </p>Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-53353892675236312252023-09-12T02:31:00.000-04:002023-09-12T02:31:01.579-04:00Being Flexible Can Improve Your Security PostureBe flexible. Changing your approach when necessary pays dividends, especially in these six areas. I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge-articles/being-flexible-can-improve-your-security-posture">https://www.darkreading.com/edge-articles/being-flexible-can-improve-your-security-posture</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-49107757387557554292023-08-14T23:55:00.002-04:002023-08-14T23:55:21.547-04:007 Reasons People Don't Understand What You Tell ThemHave you ever noticed that what we write, say, or do and what another person reads, hears, or perceives can be vastly different? I discuss this and offer some tips to improve communication in my latest DarkReading piece: <a href="https://www.darkreading.com/edge/7-reasons-people-don-t-understand-what-you-tell-them">https://www.darkreading.com/edge/7-reasons-people-don-t-understand-what-you-tell-them</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-19559857238829130582023-08-14T00:47:00.004-04:002023-08-14T00:47:38.061-04:00Managing and Securing Distributed Cloud EnvironmentsThe complexity and challenge of distributed cloud environments often necessitate managing multiple, redundant stacks, policies, and controls. There is a better way. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/managing-and-securing-distributed-cloud-environments/">https://www.securityweek.com/managing-and-securing-distributed-cloud-environments/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-12584508704000365392023-07-20T09:06:00.003-04:002023-07-20T09:06:10.736-04:0010 Steps to Help Secure Your APIsAPI security is a hot topic these days. Beyond the hype, what are 10 steps enterprises can take to help secure their applications and APIs? I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/10-steps-to-help-secure-your-apis/">https://www.securityweek.com/10-steps-to-help-secure-your-apis/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-11647613937764568932023-07-11T01:47:00.001-04:002023-07-11T01:47:04.190-04:0010 Features an API Security Service Needs to OfferWhat are 10 important features to consider when selecting an API Security partner? I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge/10-features-an-api-security-service-needs-to-offer">https://www.darkreading.com/edge/10-features-an-api-security-service-needs-to-offer</a>. Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-9611190966127104452023-06-09T06:37:00.002-04:002023-06-09T06:37:28.141-04:00Stay Focused on What’s ImportantHow important is staying focused in security? Very important. I discuss the "Why", the "What", and the "When" in my latest SecurityWeek piece: <a href="https://www.securityweek.com/stay-focused-on-whats-important/">https://www.securityweek.com/stay-focused-on-whats-important/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-17324245368797822852023-05-10T02:03:00.002-04:002023-05-10T02:03:15.672-04:00Why the 'Why' of a Data Breach MattersWhy does the "Why" of a data breach matter? I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge-articles/why-the-why-of-a-data-breach-matters">https://www.darkreading.com/edge-articles/why-the-why-of-a-data-breach-matters</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-42031302599868946762023-04-24T08:49:00.002-04:002023-04-24T08:49:10.502-04:00External Signs of Narcissism – Raising Awareness to Avoid Collateral DamageNarcissism can be a big problem for security and fraud teams. Raising awareness around the signs of narcissism is the first step to combatting it. I discuss this important topic in my latest SecurityWeek piece: <a href="https://www.securityweek.com/external-signs-of-narcissism-raising-awareness-to-avoid-collateral-damage/">https://www.securityweek.com/external-signs-of-narcissism-raising-awareness-to-avoid-collateral-damage/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-41175209334691634472023-04-11T01:36:00.005-04:002023-04-11T01:36:54.358-04:00How and Why to Put Multicloud to WorkWhat are the challenges and opportunities that hybrid and multicloud environments present? I discuss in my latest DarkReading piece - my 100th - a personal milestone: <a href="https://www.darkreading.com/edge-articles/how-and-why-to-put-multicloud-to-work">https://www.darkreading.com/edge-articles/how-and-why-to-put-multicloud-to-work</a>Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-43826725381950306512023-03-29T07:14:00.002-04:002023-03-29T07:14:16.235-04:00What Makes an Effective Anti-Bot Solution?What makes for an effective anti-bot solution? In my latest SecurityWeek piece, I discuss several interesting points for buyers to consider: <a href="https://www.securityweek.com/what-makes-an-effective-anti-bot-solution/">https://www.securityweek.com/what-makes-an-effective-anti-bot-solution/</a>Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-52262586034903140162023-02-08T09:49:00.004-05:002023-02-08T09:49:39.044-05:00Application Security Protection for the MassesWhile there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular. I discuss in my latest SecurityWeek piece: <a href="https://www.securityweek.com/application-security-protection-for-the-masses/">https://www.securityweek.com/application-security-protection-for-the-masses/</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-77236574616548077762023-02-07T10:46:00.006-05:002023-02-07T10:46:58.613-05:005 Ways to Survive Scam Season — or Rather, Tax SeasonWhat are some ways in which we can protect our enterprises and our end-users from scams? Hint: user education is not enough. I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge-articles/5-ways-to-survive-scam-season-or-rather-tax-season">https://www.darkreading.com/edge-articles/5-ways-to-survive-scam-season-or-rather-tax-season</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0tag:blogger.com,1999:blog-6577211173980565843.post-24246407328653496732023-01-10T01:47:00.003-05:002023-01-10T01:47:27.906-05:007 Use Cases for Distributed Cloud EnvironmentsAs infrastructure has grown more complex, the need to effectively manage it has grown, too – particularly for applications and APIs. I discuss in my latest DarkReading piece: <a href="https://www.darkreading.com/edge-articles/7-use-cases-for-distributed-cloud-environments">https://www.darkreading.com/edge-articles/7-use-cases-for-distributed-cloud-environments</a>.Josh Goldfarbhttp://www.blogger.com/profile/17554034910610177442noreply@blogger.com0