You can't secure what you don't acknowledge.SM

Friday, April 26, 2013

Clueless in the cloud - think before you act

A recent Network World piece about an RSA 2013 panel that covered cloud forensics and whether or not your cloud providers will be able to come through for you in the event of a lawsuit or breach bringing some critical pitfalls of cloud computing. 

Two things are certain:
  1. If you're lucky enough for your business to be around for the long haul, odds are that it'll ultimately be hit with a lawsuit or a breach in some capacity, some way, that will involve a cloud provider. And...
  2. Your cloud providers won't be prepared to help you out. At least in the foreseeable future.
In an era where cloud providers still believe "security" is a SSAE 16 checkbox, we've got a looong way to go before they're going to be in a position to help us in even greater capacities such as these. They simply don't have the means nor the incentive.

I can't stress this enough: unless you want to appear foolish, think through the security, legal, and business aspects of cloud computing before you fall for the marketing hype and jump on the bandwagon.

I've written pieces with more insight and prescriptive cloud advice here. Take it slow and good luck.

Tuesday, April 23, 2013

Wednesday (early) morning's webcast: State of Cyber Security 2013

ISACA and TechTarget are putting it on...It starts tomorrow (Wednesday) morning at 7:45am ET.

Several thousand people will be in attendance...it's the largest crowd I've ever spoken to.

It'll be engaging. It'll be informative. You'll hear what I really think about Obama's Cybersecurity mandates.

You can't miss it.

I'll be kicking things off with the keynote...then I'll be followed by some true information security experts:
  • Theresa M. Grafenstine, Inspector General U.S. House of Representatives
  • Dr. Ron Ross, senior computer scientist and information security researcher, National Institute of Standards and Technology (NIST)
  • Jack E. Gold, founder and principal analyst at J.Gold Associates
and...
  • Chenxi Wang, former vice president, principal analyst serving, Forrester Research Inc.
This is going to be good...I promise. And you can join in the live Q&A to ask me a question, throw me some curve balls, perhaps even send some heckles my way.

Would love to see you there. You can register here

Thanks a ton for Kara Gattine, Rachel Shuster, Chris Bent, and all the other fine folks at TechTarget for making this happen.