Welcome to the Sergeant Laboratories Blog Space. Here we will share news and tips about using AristotleInsight as well as share commentary, stories, and opinions on information security, audit, governance, and compliance topics.
By Sergeant Laboratories in Security Posted February 3, 2016
ARE CYBER SECURITY VENDORS THE WORSE CRIMINALS
There is no doubt that those who maliciously attack IT environments or steal data are criminals who need to be prosecuted. Unfortunately, some of the inventive malware used to commit crimes, [...]
Read MoreBy Sergeant Laboratories in AristotleInsight, Security Posted January 26, 2016
INFO SECURITY'S LACK OF SOLUTIONS TO TRACK, TREND, AND MEASURE PROCESSES
The security and compliance industry is advancing at a frantic rate, yet due to years of perceived unimportance, still lags behind other departments of enterprise. In other words, security and [...]
Read MoreBy Sergeant Laboratories in Security Posted January 7, 2016
THE CHALLENGE OF BOARD ROOM BUY IN
One of the top complaints raised by CISOs and CSOs is a lack voice in the boardroom. From David Barton, CISO at Websense in an article for csoonline.com: “Too many CISOs are relegated to [...]
Read MoreBy Sergeant Laboratories in Security Posted December 23, 2015
MORE RULES DOESN'T EQUAL BETTER SECURITY
The marketing for just about every SIEM type solution available touts huge numbers of “built-in” or “out of the box” rules included in the solution. The assumption seems to be that 700 built-in [...]
Read MoreBy Sergeant Laboratories in AristotleInsight, Security Posted December 14, 2015
CUTTING THROUGH THE FOG OF MORE
Originally published via LinkedIn over a year ago, the problem of “The Fog of More” still exists. Security professionals still spend too much time fighting to install, configure and maintain [...]
Read MoreBy Sergeant Laboratories in Security Posted December 10, 2015
The sides forming the standard business fraud triangle are opportunity, pressure, and rationalization. While the triangle was developed well before we became worried [...]
Read MoreBy Sergeant Laboratories in Security Posted November 24, 2015
TRACKING THE AVERAGE TIME TO PATCH
In the past we have discussed prioritizing vulnerabilities, and the importance of eliminating mistakes from the patching process. Today, we discuss a more basic question: Is your vulnerability [...]
Read MoreBy Sergeant Laboratories in Security Posted November 17, 2015
Even organizations with a well-oiled vulnerability detection and patch implementation processes struggle to keep pace with the endless stream of newly discovered vulnerabilities. Although we [...]
Read MoreBy Sergeant Laboratories in AristotleInsight, Security Posted November 9, 2015
PREVENTION VS DETECTION? THE ANSWER IS UNDERSTANDING
There is an ongoing discussion within the security and compliance community (fueled by vendors) about the value of preventing attacks immediately, versus the value of detecting them once they [...]
Read More