Have you ever been in a store with an important purchase, rolled up to the cash register and handed over your card only to have it denied? You scramble to think why: “Has my identity been stolen?” “Is there something wrong with the purchase approval network?” “Did I forget to pay my bill?” While all of the above are possible explanations – there’s a very common one you may not think of immediately: anomaly detection. Specifically, if the purchase you have in your hand doesn’t match up with your buying history, your bank might think it’s fraud and refuse the transaction. Even small changes in buying habits can trigger an alert. For example, credit card holders traveling outside the US for the first time may find their card declined in Paris on a European vacation. Buyers that rarely charge items over a couple of hundred dollars in value could find their first large ticket item (like a couch or a piece of jewelry) purchase blocked, at least temporarily.

“It’s critical that they understand your vertical — setting up SIEM in a healthcare environment is different than retail,” said Diana Kelley, partner and co-founder at consultancy Security Curve. “They’ve learned something over time about what’s going on in that kind of organization and can reuse some of those correlation rules and give that benefit.”

On Wednesday, we mentioned that Cloud Computing security is the front-and-center focus of RSA 2010 and we took a look at the announcements from some of the biggest players. In this part of our RSA coverage, we’re bringing you announcements from some of the other innovative vendors.

First up, the company that won the “Innovation Sandbox” award, beating out 10 other finalists is Altor Networks for their VF3.0 virtual firewall.[1] The VF3.0 virtual firewall brings traditional security services – such as policy enforcement, intrusion detection, and high-performance stateful inspection – to the virtual world and in the cloud. It’s an interesting product and the tie-in to virtualization is top-of-mind for attendees; however, let’s not forget that the Innovation Sandbox focuses on entrepreneurial ventures, so post-acquisition players that are also developing and shipping firewalling solutions in the virtualization space (e.g. ThirdBrigade, recently acquired by Trend Micro) are de facto out of the running.

If 2009 was a lackluster year for security product sales, you certainly wouldn’t know it from some of the vendors on the floor this year at the RSA® Conference in San Francisco. In contrast to last year’s show, attendance appears up – both from delegates and vendors alike. However, things aren’t all rosy. A number of vendors opted not to rent space on the show floor citing economic concerns. Though RSA is not quite back to “heyday” levels from a few years ago, if this year’s show is any indication, the security industry is showing signs of life despite global economic setbacks.

So what is everyone here to learn about? Surprisingly, much of the attention of show attendees is not on completely new themes, but in re-examination of an existing topic that has been with us for some time now. Cloud computing, a logical conclusion of the increasing move to both off-premises and virtualized environments is of primary interest to both vendors and delegates here at the show. RSA President Art Coviello set the direction and tone of the official program with his well-attended cloud-focused keynote and it’s clear that interest in these topics has not waned – in fact, if anything, it’s increased. And vendors are pushing this agenda pointedly as the cloud meme dominates the show floor.

For the rest of our write-up, please click over to eSecurity Planet.

“My top piece of advice is to understand why you want to outsource this kind of solution and then what you need as you outsource it,” said Diana Kelley, partner at Amherst, N.H.-based IT security consultancy SecurityCurve.

Speaking at a recent seminar hosted in Markham, Ont., sponsored by security vendor Symantec Corp., Kelley outlined key points companies should keep in mind prior to signing a contract for SaaS-based messaging security and hygiene.

Any size organization, from businesses with one employee to Fortune 100 companies, can get value out of the SaaS model, she said. “The bottom line is, companies don’t want all of this stuff coming to their mail server,” said Kelley.

The National Weather Service (NWS) recently started a project that invites the Twitterverse to submit weather reports. The reports can be manually tagged with the Tweeter’s location, or automatically tagged using Twitter’s geotagging functionality. For anyone who’s watched a local weather reporter explain that today will be cloudy with a remote chance of rain, and then looked out the window at an active downpour, the promise of more accurate location-based weather reporting is appealing. And on the surface, what possible harm could come from letting the world know you’re in Old Orchard Beach, ME right now and the weather is perfect? Thinking beyond weather, though, consider an Executive retreat at a Twitter-friendly enterprise. Auto-geotagged Tweets could instantly update others on the precise location and current travel conditions for employees as they journey to the meeting. Add presence awareness to geotagging, and you can identify not only when one of your in-flight colleagues is back on the ground, but also if they’ve landed safely at their target destination or were unexpectedly re-routed to another airport.

Geo-location and presence have a myriad of positive uses for individuals and enterprises. But, as with many things, there is another side to consider: privacy and risk. Specifically, what are the mis-use cases for presence and geotagging?

For the rest of my article, please click here to visit eSecurity Planet.

Just because using a cloud service means your important enterprise data will reside on an off-premise site does not make the system in inherently less secure than keeping it in-house. Before making the jump to the cloud, though, some research should be done in terms of security — both the service provider’s and your own.

If you’d like to read the rest of the this article, please click here.

Now that we’re past January, most of us have received all of our W2 and 1099 tax forms. We all know that it’s important to keep these forms until we’ve filed our taxes and most of us also keep the forms for seven years after filing in case there is a problem with a previous year’s filing. But how many of us keep those records past the seven year mark? Keeping too much data can be as problematic as not keeping records at all. One of the biggest problems with retention of too much information is that storage needs increase and it becomes difficult to parse through the existing data to find what’s most important.

The challenge of balancing information with intelligence is often referred to as a “signal to noise ratio” problem. When there is too much noise, the signal gets lost. Without proper management, log data collection can quickly turn into a classic “white noise” scenario. Worst case, everything is stored, there is little organization, and the utility of the business intelligence is lost in terabytes of unsorted log entries.

If you’d like to read the rest of the this article, please click here.

questions that pose the greatest challenge to enterprises as they struggle to interpret the requirements; outlines recent and upcoming clarifications from the PCI Security Standards Council; and discuss strategies used in the field to reduce the complexity.

Does “one function per server” mean that we can’t use virtualization?
Must our penetration testing and/or quarterly scanning cover everything or just the cardholder environment?
If we miss one of our quarterly scans, does that mean we need to wait a full year to be compliant?
The requirements state individuals with a “legitimate business need” can view PANs. What does that mean?

Thanks!

Chicago, IL
Tuesday, February 16, 2010
Hyatt Regency O’Hare

Boston, MA
Thursday, February 18, 2010
Sheraton Needham Hotel

Toronto, ON
Tuesday, February 23, 2010
Hilton Suites –
Toronto / Markham Conference Centre and Spa

Houston, TX
Thursday, February 25, 2010
The Magnolia Houston