Connect with us

Hi, what are you looking for?


Industry Experts

We’re facing a generation gap when it comes to combatting today’s attacks. Adversaries are using next-generation attack methods while many organizations are using first-generation defenses. And the situation is likely to get worse before it gets better. Designed for another time, most first-generation network security devices can’t keep pace with challenges like:

In a previous SecurityWeek column in May of this year, I wrote about “Network Security Considerations for SDN”. As described in the article, SDN technology includes the separation of control plane from the data plane (onto a centralized controller), dynamic programmable flows via this centralized controller, and automation and orchestration for the various SDN components.

Until the first smartphone hit the shelves, enterprise security was primarily focused on protecting an organization’s perimeter, since business processes and data resided primarily inside the corporate network. However, the mobile revolution completely changed the way employees interact with, access, and share information.

At VMworld last month, VMware announced the new NSX network virtualization platform to much fanfare. There was certainly a great deal of excitement at the show, as NSX promises to bring innovation to networking that has not been seen in years. For many, this announcement represents a clash of the titans between VMware and Cisco. But how does network virtualization differ from software defined networking (SDN) and network functions virtualization?

There’s a lot of talk in the security industry and among organizations about the threats we face – malware, advanced persistent threats, zero-days, targeted attacks, viruses, Trojans, Distributed Denial of Service attacks, worms, phishing...the list goes on and on. But no matter how you parse it, it all comes down to threats. More specifically, two fundamental types of threats: known and unknown.

Modern networks have expanded. Their components constantly evolve and spawn new attack vectors including endpoints, mobile devices, web-enabled and mobile applications, virtual infrastructure, data centers, social media, web browsers and home computers. These networks are complex to deploy, manage and secure. Any gap in protection across this extended network can have a ‘ripple effect’ across your entire IT environment, exposing your organization to greater security risk.

August is a special month for those of us who live in the San Francisco area, because it’s when the masses of geeks descend on Moscone Center for one of the biggest virtualization conferences in the world. Yes, I’m talking about VMworld.

The ability to travel back in time has captured the imaginations of generations around the world for hundreds of years. One of the more universally-recognized examples is the ‘Back to the Future’ film trilogy which grossed nearly $1 billion US dollars in theaters worldwide. Being able to go back to a previous time, observe what happened and then learn from those events to improve the present and future is a powerful notion.

While many organizations today are looking to build private cloud infrastructures in-house, the reality is that the majority will end up with a hybrid cloud environment. A hybrid cloud consists of a mixed IT infrastructure -- an internal private cloud infrastructure and one or multiple public cloud infrastructures. If you’re already using some type of SaaS application, you have a simple form of a hybrid cloud.

It seems that nearly every five years we’re faced with a new cycle of threats – from viruses to worms to spyware and rootkits. Today we find ourselves combatting the latest wave – advanced malware, targeted attacks and advanced persistent threats (APTs). While these threats have demonstrated themselves to be more damaging than any in their wake, technologies are available to deal with them. We just need to select the right ones and apply them correctly.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights