Java is currently the leading exploit vector for Windows machines, and Java vulnerabilities are packaged into many of the “exploit kits” available in the darker corners of the Internet (see http://krebsonsecurity.com/2010/10/java-a-gift-to-exploit-pack-makers/). Internet Explorer, Flash Player, and even the Windows operating system itself have done a good job of either improving the security of their products or …
TVP Category Archives
In the New Year, Can CISOs Move On?
On the December 18 Virtualization Security Podcast, we were joined by Rafal Los (@Wh1t3Rabbit) to discuss whether it is time for CISOs to move on. Should CISOs start to look beyond simply the problems at hand? Should they drive security into all decisions made at the business and architecture levels? The discussion was mixed, to …
Cloud Dependency: Data Protection and Security
The premise of security is confidentiality, integrity, and availability. The premise of data protection is integrity and availability. The two go hand in hand. However, it is often the case that certain groups within organizations handle data protection (disaster recovery, business continuity, and backup) while other groups handle security. As security moves closer and closer …
Continue reading “Cloud Dependency: Data Protection and Security”
Cloud Dependency: Visibility
We have looked at the hidden dependencies around upgrades (Cloud Dependency: Automated Upgrades) as well as the hidden dependencies around networking (Cloud Dependency: Ubiquitous Networking). Now, we will look at the hidden dependencies on visibility. Or more to the point, the lack of visibility within the cloud. With regard to visibility, the question most often …
Cloud Dependency: Automated Upgrades
In my last cloud dependency article, I reviewed the need for ubiquitous networking. In this article, I look at the need for automated upgrades. I do not mean the need for automation in general, but specifically the need to automate any upgrade or update behavior. There are two sides to every cloud story: what the …
Will Technology Be Our Ultimate Downfall?
Question of the day: Will technology end up being our ultimate downfall? In the not-so-distant past, I wrote a series of blog posts on the expectation of privacy with user device tracking. If you are interested, you can check them out here. Lately, there have been a few things in the news that make it …
Continue reading “Will Technology Be Our Ultimate Downfall?”