Security Services

Lately, there are days I wake up and find it hard to believe it’s been 3 years since we began our Incident Response (IR) practice within Cisco’s walls. Coming in on the ground floor of such a monumental and important offering to our customers gave us the unique opportunity to define and shape our pr…

A new regulation is upon us. Set to take effect on May 25th, 2018, the General Data Protection Regulation (GDPR) is a new law implemented within the European Union (EU) to provide stronger protections for personally identifiable information collected, processed, and stored by business entities.   In…

The data center of today is dynamic yet complex. The constant evolution of new infrastructure, applications, distributed systems, and users has made the demands on the data center acute. Add to that the heightened need for security. No matter where the data center is hosted, mission critical informa…

The benefits and challenges of the new normal In the Pacific Northwest, the weather, especially in the spring, can be pretty variable. Just look at this tweet from the National Weather Service in Seattle: Living in Seattle, I can tell you with authority that cloudy days are the norm most of the yea…

Rethinking Secure Technical Innovation to Enable Successful Business Outcomes Over the past 25 years I have been employed in the technology field, my non-technical friends often ask me, “How do you keep up with technology as things change so quickly?”  I argue that change isn’t as dramatic as they m…

It’s good to be bad — for good! No, we’re not talking about villains, superheroes, and the struggle of light over dark. We’re talking about network security. And in network security, sometimes it’s better when the bad guys win. Or at least it is when it comes to a red team engagement. Here’s how it…

Fast, good, and cheap. Or: Time, resources and budget. The Project Management Triangle. The Iron Triangle.  The Triple Constraint. There are many names for the program management challenge of balancing three constraints, but it all comes down to this: you can’t have all three. You can do something…

A deep dive into logging as an often-overlooked but powerful tool for incident detection and response “Lack of instrumentation or insufficient logging” is often a phrase used on incident response reports. During incident response activities, this isn’t a phrase you want to see, since lack of logging…

The need to have a strong data privacy and protection plan continues to heat up. The more we share, the more market researchers gather information on their consumers, the more vigilant we need to be on our privacy programs and compliance. Guidance on creating a privacy program can seem pretty straig…