Welcome!

The Sky is No Longer the Limit: Thoughts from the Cloud

Kevin Nikkhoo

Subscribe to Kevin Nikkhoo: eMailAlertsEmail Alerts
Get Kevin Nikkhoo via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Kevin Nikkhoo

Of course not. But that’s the dollar figure companies stand to lose in terms of consumer trust when security protocols are breached according to a recent study by the research firm Ponemon. In terms of dollars and cents on a risk analysis spreadsheet, it is easier to put a value on a particular asset than the potential recurring value of a client, customer or even partner. Beyond lawsuits and capital and operational expenses to repair a mea culpa, weak cryptography, hack defenses or shoring an previously-undiagnosed vulnerability gap, the damage done to a brand because the user no longer trusts doing business with that company is staggering. The report uses a failure in cryptographic keys and certificates as the breach point, but the bigger issue is that a breach of any nature (especially one that would have been preventable with the application of additional res... (more)

FFIEC's Recognition of Cloud Security Advantages

Last month the Federal Financial Institutions Examination Council (FFIEC) shared an opinion on the viability and security of cloud computing. In the four-page statement, the interagency body empowered to prescribe uniform principles, standards, stated that cloud computing is “another form of outsourcing with the same basic risk characteristics and risk management requirements as traditional forms of outsourcing.” What they are offering is a back-handed endorsement of cloud computing with the caveat that if you perform your due diligence and the solution passes the security smell... (more)

Adaptive Risk: Making Sure You Are Who You Say You Are

Does this sound familiar? Ann, sitting at her desk eating lunch, is surfing the Net. She checks her personal Yahoo email account and sees a message from a purported survey company asking her about her music preferences. She opens the email and takes the survey. Seems harmless enough, but what Ann doesn’t know is that this survey company doesn’t exist and embedded in some of the survey prompts hides an undetected botnet that downloaded onto her desktop. This nasty bugger can record her keystrokes and take screen shots as she navigates through your network. Now some unauthorized en... (more)

The New Standard: Intelligence-Driven Security

In a recent blog post, Art Coviello, the executive chairman at RSA, posed an important question. How do we move from traditional security to intelligence-driven security? In his answer he described that the quickly interdependent exchanges between parties (B2C, B2B, B2P, etc) have grown beyond the traditional means of securing the enterprise: “IT organizations have continued to construct security infrastructures around a disintegrating perimeter of increasingly ineffective controls.” He described a new-model of cyber-security that includes five concepts: A thorough understanding o... (more)

The Challenge of BYOD

“Don’t care how…I want it now!” -Veruca Salt (Willy Wonka and the Chocolate Factory) We live and work in a world of immediate gratification. In the name of greater productivity if you need to check inventory from a supplier’s warehouse…click there it is. Share a file on Dropbox, no problem. Add detail about a meeting in the sales database… click! Update your Facebook or LinkedIn status. Email a white paper to a potential client...click, click. Want to see that flying pig meme…well, you get the picture. Now that’s not necessarily a bad thing…unless you’re an IT professional and th... (more)