“Today, we can’t do our jobs effectively without Counterpane.”

- David MacLeod, Ph.D.
CISSP, The Regence Group CISO
Security Resources

Literature

Essays and White Papers by Bruce Schneier

Mitigating Identity Theft
Identity theft is the new crime of the information age. A criminal collects enough personal data on someone to impersonate a victim to banks, credit card companies, and other financial institutions. Then he racks up debt in the person's name, collects the cash, and disappears.

Managed Security Monitoring: Network Security for the 21st Century
Companies have no choice but to connect their internal networks to the rest of the world. But with that connection comes new threats. Unless companies can successfully navigate around them, they will not be able to unlock the full business potential of the Internet. This essay shows how vigilant network monitoring helps a company realize a secure network.

Closing the Window of Exposure
Internet security is a business problem, and the risks of Internet attacks need to be managed the same way as any other business risks. This essay introduces the concept of the "Window of Exposure" and explains how product vulnerabilities put your company at risk...and what to do about it.

Why Outsource?
More and more companies are outsourcing their network security. This trend is driven by one truism: there is no other way to deal with the shortage of skilled computer security experts, the increasing requirements for businesses to open their networks, and the ever-more-dangerous threat environment. For the Internet to succeed as a business tool, security has to scale. Outsourcing is how it will do that.

Presentations by Bruce Schneier

BT and Managed Security Monitoring
BT offers real-time detection and response using advanced correlation technology and expert human security analysts. This presentation explains how Managed Security Monitoring works and how it can benefit your organization.

Network Monitoring and Security
Network security is no different from real-world security. The correct paradigm is "risk management." Strong countermeasures combine protection, detection, and response. The way to build resilient security is with vigilant, adaptive, relentless defense by experts (people, not products). There are no magic preventive countermeasures against crime in the real world, yet we are all reasonably safe, nevertheless. We need to bring that same thinking to the Internet.

Fixing Network Security by Hacking the Business Climate
Network security has long been considered an engineering problem, and companies try to solve it by applying technologies. This approach is failing; the technologies are failing and the problem is worsening. What we need are security processes, such as detection, response, and deterrence. However, the only way to get corporate management to adequately address security is to change the risk-management equation. This can be achieved by enforcing liabilities, and giving corporate management the means to reduce or insure against those liabilities. It's only after we do all of these things will the Internet be a safe and secure place.

Risk, Complexity, and Network Security

 

CONTACT US

Call Us:
888-710-8175

E-mail Us

Have a Managed Security Services Specialist Contact You

©2008 BT   >privacy policy  >site map  >terms of use  >contact us