As hackers get better at breaking into networks and compromising data, IT security experts continue to debate the best ways to defend their systems against highly targeted malware attacks. In the PCWorld article, “How to Stop Hack Attacks In One Easy Step: Whitelisting,” InfoSec pro Tony Bradley highlights some of the key differences between application whitelisting and traditional blacklist-based defenses. Let’s review those difference, but then I want to make the case for Total Application Control (TAC)–a blending of the best of both approaches. Continue reading this post…
Over the past decade, Apple has avoided the types of security problems that have plagued the Windows-based platform. Part of this can be attributed to the fact that the Mac’s relatively low market share has kept the platform under the radar of malware writers, who have primarily focused on Windows PCs to launch more widespread attacks.
But as cyber crime evolves and targets change, Mac users who once operated with the mindset that attackers are only focused on Windows systems, need to think again. Continue reading this post…
As technology evolves, so do cyber attacks and the security tools we use to protect our systems. With 2011 quickly approaching, I want to share my predictions for next year’s top security challenges. The five themes I’ve included are based on emerging security trends we’ve seen in 2010. I believe the following areas could have a significant impact on the security market in 2011 (for the full list, please read the article here):
- Blended threats will become the norm; Stuxnet clones will be rampant, but the real threats will be far more dangerous and sophisticated: My concern is that Stuxnet was far too public and easily discovered. While Stuxnet clones will have a profound impact in the security industry, these threats may be the tip of the iceberg for real threats that are far more powerful and dangerous. Continue reading this post…
I recently came across an interesting article that struck a cord with me on many different levels. In the story, “McAfee CEO stresses mobility at T.O. event,” I once again agree with a number of points Dave DeWalt made at a partner summit in Toronto, with one big exception.
First, I couldn’t agree more with his general outlook:
- Mobile devices are the wave of the future
- Microsoft is not going to be the end-all, be-all dominant player in the corporate environment
- Whitelisting and blacklisting in combination is the way the security world is going
- Blacklisting is moving to the cloud rather than directly on every single device Continue reading this post…
In all my years in the security game — as an officer in the Air Force Information Warfare Center to my current role as president and CEO of CoreTrace — I’ve seen many changes along the way. Through it all, the one thing I’ve learned is that you can’t make sound security decisions relying on outdated information or perceptions, particularly in today’s vastly changing technology arena.
This is why I’ve made it my personal crusade to make sure security and operations professionals everywhere have the most updated information about application whitelisting. Not only did I feel compelled, but I felt it was my obligation to publish the new security brief, “Top Seven Things You Need to Know about Application Whitelisting,” to dispel the myths and outdated perceptions that surround application whitelisting. Continue reading this post…