AKA: Are you building a house of cards? The gear myth is the mythical view that investing in more technology will inevitably make an enterprise network more secure. While there is a tremendous amount of new gear available to help make networks more secure, our perspective is that more gear, in fact, may not only fail to achieve your security goals, but it may even add risk. First let me visually explain the gear myth, then I’ll discuss why layering … →
If you ask the 50 banks that recently had customer data exposed when their accounting firm lost a number of their audit laptops to theft, the answer is no. Incredibly, the accounting firm’s lost laptops apparently did not utilize data encryption even though they contained sensitive customer information. This left the banks in the un-welcomed position of having to notify customers of a data breach. Anecdotally, our experience doing security audits across many industries indicates that much (maybe even most) … →
