Archive for the ‘Security’ Category
National Missing Children’s Day
Last Updated on Friday, 24 August 2012 02:26 Written by Celframe Security Team Saturday, 17 November 2012 12:22
A photo of little Etan, taken by his father, circulated worldwide in the search that ensued. It was Etan’s photo – the image of an innocent little boy – that caught the attention of the nation and helped raise awareness of the issue of missing children. His disappearance, along with a number of other high-profile cases of missing children in the late 70′s and early 80′s, including Adam Walsh, showed us how ill-prepared we were as a nation to quickly identify and assemble resources in an effort to locate a missing child. These cases became a catalyst for change that brought about a national commitment to help locate and recover missing children. This commitment can be seen most notably today through the work of the National Center for Missing and Exploited Children.
National Missing Children’s Day serves as a reminder of our continued commitment, including our role in making child safety a priority.
A Time to Take 25
In honor of National Missing Children’s Day, the National Center for Missing and Exploited Children recognizes Take 25, an annual campaign designed to raise awareness of of children’s personal safety issues. Take 25 encourages parents, guardians, caregivers and others to spend time talking to kids about their personal safety at home, school, online or when they are just out and about.
I encourage you to Take 25 with your children today!
Security As A Service: “The Cloud” & Why It’s a Net Security Win
Last Updated on Thursday, 23 August 2012 10:14 Written by Celframe Security Team Sunday, 11 November 2012 06:19
If you’ve been paying attention to the rash of security startups entering the market today, you will no doubt notice the theme wherein the majority of them are, from the get-go, organizing around deployment models which operate from “The Cloud.”
We can argue that “Security as a service” usually refers to security services provided by a third party using the SaaS (software as a service) model, but there’s a compelling set of capabilities that enables companies large and small to be both effective, efficient and cost-manageable as we embrace the “new” world of highly distributed applications, content and communications (cloud and mobility combined.)
In the same way that I differentiated “Virtualizing Security, Securing Virtualization and Security via Virtualization” in my Four Horsemen presentation, I ask people to consider these three models when discussing security and Cloud:In the Cloud: Security (products, solutions, technology) instantiated as an operational capability deployed within Cloud Computing environments (up/down the stack.) Think virtualized firewalls, IDP, AV, DLP, DoS/DDoS, IAM, etc.For the Cloud: Security services that are specifically targeted toward securing OTHER Cloud Computing services, delivered by Cloud Computing providers (see next entry) . Think cloud-based Anti-spam, DDoS, DLP, WAF, etc.By the Cloud: Security services delivered by Cloud Computing services which are used by providers in option #2 which often rely on those features described in option #1. Think, well…basically any service these days that brand themselves as Cloud…
What I’m talking about here is really item #3; security “by the cloud,” wherein these services utilize any cloud-based platform (SaaS, PaaS or IaaS) to delivery security capabilities on behalf of the provider or ultimate consumer of services.
For the SMB/SME/Branch, one can expect a hybrid model of on-premises physical (multi-function) devices that also incorporate some sort of redirect or offload to these cloud-based services. Frankly, the same model works for the larger enterprise but in many cases regulatory issues of privacy/IP concerns arise. This is where the capability of both “private” (or dedicated) versions of these services are requested (either on-premises or off, but dedicated.)
Service providers see a large opportunity to finally deliver value-added, scaleable and revenue-generating security services atop what they offer today. This is the realized vision of the long-awaited “clean pipes” and “secure hosting” capabilities. See this post from 2007 “Clean Pipes – Less Sewerage or More Potable Water?”
If you haven’t noticed your service providers dipping their toes here, you certainly have seen startups (and larger security players) do so. Here are just a few examples:QualysTrend MicroSymantecCisco (Ironport/ScanSafe)JuniperCloudFlareZScalerIncapsulaDome9CloudPassagePorticor…and many more
As many vendors “virtualize” their offers and start to realize that through basic networking, APIs, service chaining, traffic steering and security intelligence/analytics, these solutions become more scaleable, leveragable and interoperable, the services you’ll be able to consume will also increase…and they will become more application and information-centric in nature.
Again, this doesn’t mean the disappearance of on-premises or host-based security capabilities, but you should expect the cloud (and it’s derivative offshoots like Big Data) to deliver some really awesome hybrid security capabilities that make your life easier. Rich Mogull (@rmogull) and I gave about 20 examples of this in our “Grilling Cloudicorns: Mythical CloudSec Tools You Can Use Today” at RSA last month.
Get ready because while security folks often eye “The Cloud” suspiciously, it also offers up a set of emerging solutions that will undoubtedly allow for more efficient, effective and affordable security capabilities that will allow us to focus more on the things that matter.
Related articles by Zemanta
ZERO DAY – a Film About War with Cybercrime
Last Updated on Thursday, 23 August 2012 10:14 Written by Celframe Security Team Saturday, 10 November 2012 10:30
ZERO DAY is a film about cybercrime, where a journalist Brian Krebs tracks down and takes an interview from a money mule, moves stolen money for the Russian mob. In addition, filmmakers are getting help from the Facebook’s Security Team at Menlo Park California headquarters.
This team is providing an unattended access to various criminal activities like intrusions, hacks and more. We see all the hard work of these charming personalities who solves the crimes of hackers every day. Nevertheless these hard to solve cases may lead anywhere in the world – filmmakers follow every move to catch everything on film.
ZERO DAY is co-financed by BBC Storyville, while the filmmakers are working with reporters like John Markoff (New York Times) and Joe Mell (Reuters). Author Misha Glenny takes part in this film too. 2-spyware team takes part in this project too. The filmmakers are talking with Mark Cuban and Magnolia Pictures, to be able to distribute in US TV and theatres.
2-spyware team invites everyone to support the creation of this film through Kickstarter. By donating money you become an official donor of ZERO DAY. Film is scheduled for release at September, 2013.This entry was posted on Monday, April 30th, 2012 at 8:25 am and is filed under News, What’s new. You can leave a response, or trackback from your own site.