IANS For: Enterprise Teams Solution Providers
Home About Ians In The News Blog Contact Secure Login

DDoS Attacks: A Reality Check

Published: June 04, 2013

Even as DDoS attacks against everything from large financial institutions to online gaming companies continually hit the news, most organizations still underestimate not only the rising threat but the steps necessary for mitigating it.
Read More »

Practical IAM: A 9-Step Guide

Published: May 06, 2013

Just like little kids chasing a soccer ball, infosec groups continually run to figure out the next big thing—whether it’s big data, APTs, DDoS attacks, compliance or some other buzzword du jour—while sometimes overlooking the primary goal, ensuring the overall safety and security of the organizations. And identity and access management (IAM) is prime example, says Ameriprise Financial CISO Steve Jensen.
Read More »

A Question of Trust: Mitigating the Insider Threat

Published: April 14, 2013

When it comes to threats to steal your company’s intellectual property—the trade secrets that make your business successful—internal employees you know and implicitly trust can inflict far more damage than any Chinese attacker, Russian mafia cartel or Anonymous-based hacker. But unlike those attackers, insider threats are far more difficult to identify and prevent, unless you know and continually watch for the signs.
Read More »

Big Data at RSA 2013: Getting Past the Hype

Published: March 19, 2013

Now that the dust settled from the RSA Conference 2013, it’s time to take a look back, evaluate what we saw and put it into context for the year ahead. One theme that stood out to us, primarily due to the overwhelming hype accompanying it, was big data and its role in enterprise security. Our takeaway? Big data is a promising vision, no doubt. But that vision is far from reality in today’s enterprise security world.
Read More »

GRC Theory vs. Practice

Published: March 04, 2013

Here at IANS, we see the vast majority of our CISO clients seeking to employ a governance, risk and compliance (GRC) model, dutifully trying to deploy their capital and employ their people in a way that addresses some of the biggest risks to their business. But, here’s the problem: GRC is, in theory, the right way to go, but no one knows the steps—how to actually implement GRC in practice inside a large enterprise.
Read More »

Barbarians at the Gate? Watch the Exits

Published: February 13, 2013

“There are only two kinds of American companies these days: Those that have been hacked and those don’t know they’ve been hacked.” 
Read More »

IANS Spotlights Top Security Threats in the Year Ahead

Published: January 31, 2013

What are the main security threats facing IANS clients in 2013? In a recent webinar, IANS faculty members Kevin Johnson, Diana Kelley and Dave Shackleford outlined what they see as the most pressing areas of concern, ranging from the web to mobile, to virtualization, the cloud, and more.
Read More »

Security in 2013: Are You Ready?

Published: January 16, 2013

Looking ahead to 2013, the only certainty IANS clients face is that uncertainty will abound. While we all know new types of attacks, malware and other potent security issues will emerge, determining exactly what those attacks will be and gauging how they will affect specific organizations is not so clear cut.
Read More »

What's Your Threat IQ? - Part 2

Published: December 26, 2012

What about the counter-intelligence route? Back in the early days of internet security there were companies that bragged that they had spies in the hacker community who would keep them abreast of what was going on. And today we have journalists like Brian Krebs, who try to ingratiate themselves within some of the hacker community(ies) to learn where they’re going and what they’re doing, next. I know another security practitioner whose hobby is maintaining multiple “sock puppet” personas that are members of certain well-known hacking groups. In principle this sounds like it could be interesting, as well as fun, but in practice I’m dubious about its benefits.
Read More »

What's Your Threat IQ?

Published: December 20, 2012

Sometimes, when I talk to my peers about threat intelligence, I wonder if we’ve all watched too many 1970s television science fiction specials, and whether we mistake our NOC for the bridge of a starship. Unfortunately, the metaphor really doesn’t fit very well, since internet security attacks and defenses don’t really map very well to the stuff of dramatic excitement. As Joe Haldeman’s brilliant “The Forever War” points out, warfare in the future will probably happen virtually instantly between robotic systems, and the humans that are along for the ride will know they’ve won if they live, and will be snuffed out before they can understand it if they lose.
Read More »