Data loss prevention from inside out
I love how this Cisco video clip on Blip TV starts with examples of DDOS attacks and then uses shots of incoming content filtering and then dramatizes with a cop not allowing a visitor into the booth – what is going on here? Cisco didn’t have budget for an editor who knows the difference between […]
Cultural factors in security
At the DLP Expert 2009 conference in Moscow 2 weeks ago I heard the following insight from Bill Nagel from Forrester: American companies are rule-based. 40% of US companies state that they have implemented some form of DLP technology. European companies are principles-based. In EMEA, 80% of chief security officers do not have plans to […]
Free agent DLP from Sophos
Sophos has announced that they will soon include endpoint data loss prevention functionality in their anti-virus software. Developed in-house, Sophos will have an independent offering – unlike Websense, RSA, Symantec, Trend Micro and McAfee (who all purchased DLP technology) and have integrated it into their product lines with various levels of success (or not). The […]
The Americanization of IT Research
The Burton Group have released the results of their research that concludes that Symantec (Vontu), RSA (Tablus) and Websense (Port Authority) are the leading DLP vendors. Burton’s choice is indicative of the Americanization of the information security space, where government compliance regulation and large security vendor marketing agendas appear to drive US customer security decisions. […]
Data security for SMB
Yesterday, I gave a talk at our Thursday security Webinar about data security for SMB (small to mid-sized businesses). I’ve been thinking about DLP solutions for SMB for a couple of years now; the market didn’t seem mature or perhaps SMB customer awareness was low, but with the continued wave of data security breaches, everyone […]
Datat loss prevention conference: DLP-Expert Russia
Friday October 2, 2009 I gave a talk at the data loss prevention conference DLP-Expert in Istra – just ouside of Moscow. I say “just outside” euphemistically, because it took us 4 hours to drive from Domdedovo airport to Istra – a trip of about 80 kilometers. Natalya Kaspersky presented an interesting market survey they […]
Information security best practices workshops
Every Thursday at 14:00 GMT we host a best practice security workshop online for business professionals, vendors and consultants. There is a short high-quality presentation and we share knowledge gained in the trenches. It’s 20 minutes, it’s free and it’s always a lot of fun. Register Here you will receive a confirmation email with a […]
Sharing security information
I think fragmentation of knowledge is a root cause of data breaches. It’s almost a cliche to say that the security and compliance industry has done a poor job in preventing data breaches of over 245 million personal records in the past 5 years. It is apparent that government regulation is ineffective in preventing identity […]
Return on security investment
The Control Policy Group is presenting a series of 6 free online workshops starting Sep 3, 2009 at 15:00GMT. The first workshop, “Using data security metrics and a value-based approach”, will teach measurement of how well security tools reduce Value at Risk in dollars (or in Euro) and how well they will do 3 years […]
Is data loss prevention possible?
I recently saw an article on Computerweekly that asks – “Is data loss prevention possible?” I think that a more relevant question is “Is information protection possible?” The author correctly identifies that it’s easier to access data (and leak it) than to modify or delete data. However, the notion that data is out of control […]
