Maneuvering though the IT Threatscape: A video blog


I was fortunate to receive an invitation to speak at the recent 2013 Credit Union InfoSec Conference in Las Vegas. One of the key drivers for many of the attendees is the burden of compliance and finding ways to remove nagging blindspots due to the creation of technology islands meant to analyze and monitor different aspects of keeping

applications secure, data  and account information private, devices inventories and identities properly managed.

In my hour long chat, I looked to frame the issues in terms of various threats in which credit union are particularly susceptible, and how compliance looks to mitigate those threats. I approach this by offering several strategies, tactics that show how a unified, layered and holistic approach from the cloud is an not only an emerging best practice, but an achievable and manageable process. As the official title was Beyond SIEM, I take the liberty of introducing how manageable it is to

incorporate intrusion detection, real time alerting, identity management, password management, user access control, SSO, log management and security-as-a-service under a single pane of glass. But more than just centralizing them is the practice of using each solutions specialty to collaborate, correlate and leverage one another to provide true visibility. And that it is done from the cloud, makes it affordable and

Here is a link to an 8-minute excerpt. Because of some issues with the video, we decided to use the audio and a portion of the accompanying PowerPoint…so maybe next week you’ll get to see my smiling face!

And if you want to see it without the PowerPoint slides:



Tags: , , , , ,