Are you part of the DDOS Problem?

Yes, your network, your service provider, and your government can be actively contributing to the global Denial of Service (DoS) epidemic! DoS attacks come in two “families.” The first DoS family are from tools which are launched from infected, violated, and penetrated devices on the Internet. There “remote controlled” by the attackers to hit a Read More

Preparing for the next DDOS Wave

This week I was helping with a top 10 list to prepare for DDOS attacks. I did it without reviewing the industry to see the marketing overload of “prepare for DDOS steps.” These all seem to lead the one conclusion … “buy my product.” Steve Zurier (Dark Reading) and I pulled together these ten steps to Read More

DoS Attacks? Reporting DoS Attacks are the Key to Fighting Back!

Are you prepared for the next DoS Extortion attack? Armada Collective “like” DoS extrusion attacks are picking up. It is time to review those “DoS” preparation checklist. This white paper explore the data that would need to be collected to successfully push back on DoS attacks. It includes information your “DoS Defense Allies” will need to help you mitigate, remediate, and potentially whack down the DoS attack.

Demand Security from your Vendors

Demand Security from your Vendors

Demande Security from your Vendors. Ask the right “Security Questions.” This provides a list of questions that anyone can use with their vendors to get a better understanding of their security capabilities. Start meaningful “Security Conversations.”

5 Principles to Vulnerability Disclosure

What is the best time for a vendor to Disclose a Vulnerability? Vulnerability disclosure is the most painful activity for any software/hardware company. Conversely, receiving vulnerability notifications from any vendor is one of the most disruptive events any organization can encounter. Rapid and unexpected vulnerability patches are a massive operational disruption. What follows are some Read More

The “Practical Security Checklist” – Part 2.1

This is part “2.1” of a multipart post to help organizations take security action. Stay tuned for next week’s practical security checklist item. Board members, CxOs, and professionals are saturated with security advice. This security advice is often confusing, contradictory, and always biased toward “buying something.” “Good security advice saturation” results in paralysis of action. Read More

Are you ready for the next attack? (Part 1)

As many of my colleagues know, I’m constantly on the look out for tools that would help my peers in all networks find ways to mitigate the security risk in their operations. At MYNOG 5 ( I reviewed the latest tool, a checklist operators can use to prepare their network for before the next security Read More

Adding IPv6 Requirements to your RFP

[ Originally posted on Linkedin here: IPv6 – Adding Requirements to your RFP.] Updated! We have some excellent suggestions to be included in the list. Please consider these question for any RFP you send out for Network, Systems, Cloud, SDN, NFV, Data Center, IoT, M2M, or any other buzz word you can think of …. Read More

Remediation is the Foundation of your Security Strategy!

In many ways, this year’s RSA conference was overwhelming. In other ways, it was a disappointment in how the market is providing solutions to mitigate our security risks. As several colleagues have pointed out, “remediation” is a huge gaps at 2015 RSA, As Adam Stein pointed out, Remediation is not a dirty word. on the Read More

Open Source – Destroying Myths – Leveraging the Strengths

NTP - Open Source Critical to the Internet

Your organization depends on Open Source software. You may not realize it, but open source is critical to the many parts of the business. Also Open sources is not free. It is essential for your organization to fund Open Source work throughout the industry. Here are two approaches to kick start your support for open source critical to your organization.