Security is a Holistic Proposition

Gorka Sadowski

Subscribe to Gorka Sadowski: eMailAlertsEmail Alerts
Get Gorka Sadowski via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Gorka Sadowski

The debate between data and information has been going on for quite some time. When people say "knowledge is power", are they referring to data or information? Is knowledge different still? And how about "intelligence" where does that fit? How can we go from data to information to knowledge to intelligence? The answer is simple. By understanding the animated nature of data evolution and transformation, and acting upon this understanding. And this is brought to light by logs from your Information Systems. Understand this and unleash the Power of Logs. Figure 1 - Data to Information to Knowledge to Intelligence, and the role of logs as metadata Data seems mainly one-dimensional. Consult any data base or data warehouse, perform even complex queries on these and you will get a "flat" answer. The fact that you get a single answer will make you think that data is absolut... (more)

Back from SecureCloud 2010 in Barcelona

Back from SecureCloud 2010 in Barcelona I’ve been in information and system security for almost 20 years. Yes it’s possible! At the time Gopher was the killer app and NCSA Mosaic was in the making; I was working on Arpanet and Internet wasn’t born; and information security was a non-issue, all my friends, colleagues, coworkers and family were telling me “don’t even try and make a living out of this dead-end information security thingy stuff”. But somehow I was convinced that it would be a great ride, that it would be fun and that I had to do it. My crystal ball was crystal clear,... (more)

Why Rule-Based Log Correlation Is Almost a Good Idea - Part 3

We'll see below some examples of security attack scenario that many people will put forth as a perfect example of how powerful, valuable and simple correlation is. As you can see, the overall approach of using static rule-based correlation on these is simply flawed. Attack Scenario Example 1: Identity Theft There are numerous ways to perform an Identity Theft attack, but let's focus on just one of them, recognizing that somebody cannot be in two places at the same time and hence that a user cannot log in your infrastructure from VPN and locally from the office "at the same time."... (more)

60% of EMEA still NOT using Cloud Services

ISACA, the Information Systems Audit and Control Association just surveyed 1 529 of its members across 50 countries in EMEA. It turns out that UK businesses are leading Europe on Cloud Adoption 40% to 33%. But a whopping 35% of respondents do not plan to use Cloud for any IT services (actually 35.6% in Europe and 31.8% in the UK). This is a huge impediment to the growth of ItaaS – IT as a Service, such as SaaS, IaaS and PaaS respectively Software as a Service, Infrastructure as a Service and Platform as a Service. Let’s spin this another way: 60% of respondents are not using Clou... (more)

Logs for Better Clouds - Part 2

Last time, we saw that the biggest impediments to Cloud Provider's adoption are Trust and Visibility. Today, we'll look at the difficulty of predictive rightsizing, and how elasticity is one of the biggest value proposition of Cloud Providers. One advantage of Cloud Computing is elasticity with self-provisioning, which provides a level of flexibility that didn't exist with traditional Managed Service Providers, and which also allows the selection of a level of service and performance that is close to what is needed. With "traditional" MSPs (Managed Service Providers) and outsource... (more)