What we’re reading, week of 6/9

Posted: June 9, 2008 in Highlights

From Rational Survivability…

Security Will Not End Up In the Network…

Hoff showcases a graph of the cycles of security investment, to rebut the pronouncement that “security will end up in the network.” “There’s no end state,” he writes. “It’s a continuum.  The budget and operational elements of who “owns” security and where it’s implemented simply follow the same curve.  Throw in disruptive innovation such as virtualization, and the entire concept of the “host” and the “network” morphs and we simply realize that it’s a shift in period on the same graph.” The accompanying post outlines a very thorough view of enterprise security.

 

From StillSecure, After All These Years…

Security – Passive versus active response

Alan Shimel summarizes some key takeaways from the Gartner IT Security Conference, based on conversations with vendors. A theme that emerges is the difference between passive security (reporting data access violations) and active security (blocking them). Shimel suggests that active-response methods will usually encounter resistance in the market before their eventual adoption.

 

From Securosis.com…

The Good (Yes, Good) And Bad Of PCI

Rich Mogull writes about the pros and cons on PCI – concluding that for all of its faults, PCI is helping security directors get the resources they need from the business – which is why PCI is a positive step in the long term.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s