Introducing Forrester's Cyber Threat Intelligence Research

We have started a new report series on Cyber Threat Intelligence.  The first report, "Five Steps To Build An Effective Threat Intelligence Capability," is designed to help organizations understand what threat intelligence is and how to establish a program. If you're not a Forrester client and would like the report, Proofpoint is providing a complementary copy. On Thursday March 28th, I will be conducting a Forrester webinar on the report.  Please join me if you'd like to get a deeper perspective on it.  In the future, we will expand on sections of this intial report with additional research including:

  • A collaborative report with Ed Ferrara looking at the cyber threat intelligence vendor landscape
  • An in depth report on "Step No. 5: Derive Intel" 
Read more

Crowdsourcing my RSA panels

The San Francisco RSA conference is now less than two weeks away, and this year I am moderating two great panels. I thought I'd reach out and solicit suggestions for discussion. 

1) Too Big to Fail: CISO Panel on Scaling Security in the Era of Big Data

This Forrester-moderated panel of top security executives from Allergan, Zappos and Humana will discuss the impact of scale in solving Big Security challenges. Issues from the importance of scale in detecting advanced threats to benefits to the average user will be debated. Drawing on their experiences, these experts will share their views on why scale matters in the era of big data.

Panelists: 
David Hannigan, Zappos, Information Security Officer
Stephen Moloney, Humana Inc., Manager, Enterprise Information Security
Jerry Sto. Tomas, Allergan, Inc., Director, IS Global Information Security
 

2) 50 Minutes Into the Future: Tomorrow's Malware Threats

Predicting what malware will look like five years from now requires more than a crystal ball. In order to fully understand future threats and challenges, you need a finger on the broader pulse of technological innovation. Our panel of esteemed experts will attempt to guide a better understanding of where we may need to target our defensive efforts in the coming months and years.
 
Panelists: 
Read more

Bit9’s Operational Oversight Is Probably Your Operational Reality

You are now no doubt aware that Boston-based security firm Bit9 suffered an alarming compromise, which resulted in attackers gaining access to code-signing certificates that were then used to sign malicious software. See Brian Kreb’s article for more details. (Symantec breathes a quiet sigh of relief to see a different security vendor in the headlines.)

The embarrassing breach comes at a time when the company has been seen as one of the security vendor landscape’s rising stars. Bit9 has actually been around for more than a decade, but the rise of targeted attacks and advanced malware has resulted in significant interest in Bit9’s technology. In late July, Bit9 secured $34.5 million in funding from Sequoia Capital. Bit9’s future was bright. 

On Friday afternoon, Bit9 CEO Patrick Morley published a blog providing some initial details on the breach. A few of his comments stood out:  “Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network … We simply did not follow the best practices we recommend to our customers by making certain our product was on all physical and virtual machines within Bit9."

Read more