AristotleInsight Blog

By Sergeant Laboratories in Security Posted February 3, 2016

ARE CYBER SECURITY VENDORS THE WORSE CRIMINALS

There is no doubt that those who maliciously attack IT environments or steal data are criminals who need to be prosecuted. Unfortunately, some of the inventive malware used to commit crimes, [...]

By Sergeant Laboratories in AristotleInsight, Security Posted January 26, 2016

INFO SECURITY'S LACK OF SOLUTIONS TO TRACK, TREND, AND MEASURE PROCESSES

The security and compliance industry is advancing at a frantic rate, yet due to years of perceived unimportance, still lags behind other departments of enterprise. In other words, security and [...]

By Sergeant Laboratories in Security Posted January 7, 2016

THE CHALLENGE OF BOARD ROOM BUY IN

One of the top complaints raised by CISOs and CSOs is a lack voice in the boardroom. From David Barton, CISO at Websense in an article for csoonline.com: “Too many CISOs are relegated to [...]

By Sergeant Laboratories in Security Posted December 23, 2015

MORE RULES DOESN'T EQUAL BETTER SECURITY

The marketing for just about every SIEM type solution available touts huge numbers of “built-in” or “out of the box” rules included in the solution. The assumption seems to be that 700 built-in [...]

By Sergeant Laboratories in AristotleInsight, Security Posted December 14, 2015

CUTTING THROUGH THE FOG OF MORE

Originally published via LinkedIn over a year ago, the problem of “The Fog of More” still exists. Security professionals still spend too much time fighting to install, configure and maintain [...]

By Sergeant Laboratories in Security Posted December 10, 2015

THE FRAUD TRIANGLE

The sides forming the standard business fraud triangle are opportunity, pressure, and rationalization. While the triangle was developed well before we became worried [...]

By Sergeant Laboratories in Security Posted November 24, 2015

TRACKING THE AVERAGE TIME TO PATCH

In the past we have discussed prioritizing vulnerabilities, and the importance of eliminating mistakes from the patching process. Today, we discuss a more basic question: Is your vulnerability [...]

By Sergeant Laboratories in Security Posted November 17, 2015

PRIORITIZING VULNERABILITIES

Even organizations with a well-oiled vulnerability detection and patch implementation processes struggle to keep pace with the endless stream of newly discovered vulnerabilities. Although we [...]

By Sergeant Laboratories in AristotleInsight, Security Posted November 9, 2015

PREVENTION VS DETECTION? THE ANSWER IS UNDERSTANDING

There is an ongoing discussion within the security and compliance community (fueled by vendors) about the value of preventing attacks immediately, versus the value of detecting them once they [...]