by John Whetstone | Nov 28, 2018 | Blog
Those of you in the trenches of cybersecurity likely share a perspective held by many of us at NSS Labs: “the only constant is change.” In other words, as threats continue to evolve, so must the employees who use the data and the products deployed to...
by John Whetstone | Nov 6, 2018 | Blog
The more cloud applications and services an organization adopts, the more vulnerable it becomes—that is, unless it has implemented the appropriate security protections to defend these new apps and services. What security technology is best suited for this task? If you...
by John Whetstone | Aug 29, 2018 | Blog
In a previous blog, I discussed the importance of understanding data ownership roles in the cloud. Today’s blog discusses two practices every organization utilizing cloud-based services should implement: data categorization and data classification. Flexible Guidelines...
by John Whetstone | Jun 29, 2018 | Blog
Understanding who is responsible for an organization’s data is essential for security. Unfortunately, when data is stored in the cloud, the waters get rather muddied. Evidence of a disconnect was revealed during the NSS Labs 2017 Shared Responsibility Study, in which...
by John Whetstone | Jun 5, 2018 | Blog
In a blog published in January (Visibility in the Cloud and the Role of the CASB), I discuss the growing interest expressed by our enterprise clients in cloud access security brokers (CASBs). Throughout our discussions with these clients there has been a consistent...
by John Whetstone | Mar 29, 2018 | Blog
Throughout my research into cloud security, the topic of identity management is always present. In fact, many in the industry feel that when it comes to securing the cloud, identity is the new perimeter. The challenge here is that most users require access to many...
by John Whetstone | Jan 24, 2018 | Blog
If I had to guess which topic NSS Labs discusses most often with clients, regardless of organization size, it would have to be network visibility. But it isn’t just our clients that want to know more on this topic, enterprises throughout the US lack visibility into...
by John Whetstone | Jan 15, 2018 | Blog
Back in September of 2017, we published a blog that posed the question, “Is SD-WAN ready for prime time?”. The blog encouraged enterprises to ask themselves four fundamental questions prior to purchasing SD-WAN technology: How secure is it? Which security components...
by John Whetstone | Dec 6, 2017 | Blog
The only constant in security is change. Over the last few years, we have witnessed a growing consensus among security practitioners that everyone is at risk of a breach, and that it is hard to do security well all the time. At NSS Labs, we spend our days helping...
by John Whetstone | Nov 9, 2017 | Blog
First patented in 1994 by Check Point Software, stateful firewalls are an evolution of the packet filtering firewall. Stateful firewalls were a game changer because they introduced state tables, which permit a firewall to store the status (or state) of each network...
by John Whetstone | Oct 30, 2017 | Blog
Distributed denial-of-service (DDoS) attacks are nothing new, yet these attacks remain one of the most common causes of high-profile outages and interruptions of client-facing services. DDoS attacks are often linked to acts of hacktivism and are perpetrated by...
by John Whetstone | Oct 4, 2017 | Blog
Some might say that if marketing departments and encryption have anything in common, it’s the ability to obfuscate a message. A perfect example of this is the term “cloud”—surely one of today’s most overused and abused terms. You can’t turn on the television or go...
by John Whetstone | Oct 2, 2017 | Blog
Intrusion prevention systems (IPS) analyze network packets for exploits, protocol irregularities, and security policy violations. When an event is detected, the IPS sends an alert and relevant log information for security operations teams to review and act on. The IPS...
by John Whetstone | Sep 25, 2017 | Blog
Meet Ben, an accountant for a technology startup in Austin. After a great weekend with his pals at Austin City Limits, Ben heads to the office. He logs into his computer and goes through his work emails. Next, he fires up his web browser and navigates to Gmail. He...
by John Whetstone | Sep 11, 2017 | Blog
Chances are your mother has yelled this at you at least once. However, contrary to what she might have had you think, sockets aren’t always a bad place to stick things. This is especially true when we share information across nonsecure channels, such as the Internet....
