Excerpts from Randy George’s "Dark Side of DLP"

January 3rd, 2010 admin

Randy George wrote a good article for InformationWeek titled The Dark Side of Data Loss Prevention . I thought he made several good points that are worth repeating and expanding. [T]here’s an ugly truth that DLP vendors don’t like to talk about: Managing DLP on a large scale can drag your staff under like a concrete block tied to their ankles. This is important, and Randy explains why in the rest of the article. Before you fire off your first scan to see just how much sensitive data is floating around the network, you’ll need to create the policies that define appropriate use of corporate information. This is a huge issue. Who is to say just…


Originally posted on TAOSecurity

Related Videos from Youtube

  • phone security and cybersecurity ar...
    taosecurity.blogspot.com another of my two in one videos but this time i want to say to my subbers, that i will protect you guys from hackers, whenever i can in any form, cell phone security or pc i'm here for you guys and the youtube cominuty at large....
  • is prillo a nice security person or...
    geeks.pirillo.com i wouldn't mind if i got more subscribers who can watch my videos and i could help them in a friendly way and a good way, i'm not like prillo in any way i don't get mad at hateful comments etc taosecurity.blogspot.com
  • Zombie aware month.......avi...
    blog.fortinet.com come on join me and help in the fight against pc zombies..... i will deffend the youtube comminuty against hackers...... taosecurity.blogspot.com
  • AFCERT circa 2000...
    This video shows the United States Air Force Computer Emergency Response Team (AFCERT) in 2000. Kelly AFB, Security Hill, and Air Intelligence Agency appear. The colonel who leads the camera crew into room 215 is James Massaro, then commander of the Air Force Information Warfare Center. The old Web-based interface to the Automated Security Incident Measurement (ASIM) sensor is shown, along with a demo of the "TCP reset" capability to terminate TCP-based sessions. We have a classic quote about a "digital Pearl Harbor" from Winn Schwartau, "the nation's top information security analyst." Hilarious, although Winn nails the attribution and national leadership problems; note also the references to terrorists in this pre-9/11 video. "Stop the technology madness!" Incidentally, if the programs shown were "highly classified," they wouldn't be in this video!

More videos ...

 
  Related Posts
Podcast #62 – Mike Rothman goes to the dark side
Podcast #62 – Mike Rothman goes to the dark side
Fast on the heals of our podcast with Steve Goodbarn of DNSSEC vendor Secure64 , Alan and I whipped up an interview with Mike Rothman to talk shop about security and his goings on at his new company, eIQ Networks . Honestly, I thought Mike had sworn off working for another product company and would never had guessed he’d join someone from the... 
My Article on Advanced Persistent Threat Posted
My Article on Advanced Persistent Threat Posted
My article Understanding the Advanced Persistent Threat provides an overview of APT . It’s the cover story in the July 2010 Information Security Magazine . From the article: The term advanced persistent threat, or APT, joined the common vocabulary of the information security profession in mid-January, when Google announced its intellectual... 
Security Is Never Free — Ask DNSSEC
Security Is Never Free — Ask DNSSEC
Volume 13 Number 1 of the Cisco IP Journal features a fascinating DNS troubleshooting article titled “Rolling Over DNSSEC Keys” by George Michaelson, APNIC, Patrick Wallstrõm, .SE, Roy Arends, Nominet, and Geoff Huston, APNIC. It’s one of the best articles I’ve ever read in IPJ. You should subscribe (it’s free) if... 
Feds: TSA Worker Tried to Sabotage Terror Database
Feds: TSA Worker Tried to Sabotage Terror Database
A former Transportation Security Administration contractor is being charged in Colorado for allegedly injecting malicious code into a government network used for screening airport security workers and others. The malicious code, a logic bomb installed last October, was designed to cause damage and disrupt data on servers on an undisclosed date... 
Underground Services Let Virus Writers Check Their Work
Underground Services Let Virus Writers Check Their Work
I have often recommended file-scanning services like VirusTotal and Jotti , which allow visitors to upload a suspicious file and scan it against dozens of commercial anti-virus tools. If a scan generates any virus alerts or red flags, the report produced by the scan is shared with all of the participating anti-virus makers so that those vendors... 
Time Issues in Libpcap Traces
Time Issues in Libpcap Traces
Time is an important aspect of Network Security Monitoring. If you don’t pay close attention to the time shown in your evidence, and recognize what it means, it’s possible you could misinterpret the values you see. My students and I encountered this issue in TCP/IP Weapons School at Black Hat this week. Let’s look at the first... 
Network Forensics Vendors: Get in the Cloud!
Network Forensics Vendors: Get in the Cloud!
I know some of us worry that the advent of the “cloud” will spell the end of Network Security Monitoring and related network-centric visibility and instrumentation measures. I have a proposal for any network forensics vendors reading this blog: get in the cloud! For example, imagine you are a proxy-in-the-cloud (PITC) provider, like... 
Should the Government Stop Outsourcing Code Development?
Information technology is increasingly everywhere, and it’s the same technologies everywhere. The same operating systems are used in corporate and government computers. The same software controls critical infrastructure and home shopping. The same networking technologies are used in every country. The same digital infrastructure underpins the... 
Critical Adobe Flash Update
Critical Adobe Flash Update
It’s the second Tuesday of the month and there are important updates being released. From Microsoft, of course, but also from Adobe. There’s a critical security issue in Adobe Flash Player 10.0.32.18 and earlier. It’s important that organizations deploy these updates before the Christmas holiday reduces IT staffing. Fortunately,... 
Lessons from NETOPS vs CND
Lessons from NETOPS vs CND
Volume 13 Issue 2 of IATAC’s IA Newsletter features an article titled Apples and Oranges: Operating and Defending the Global Information Grid by Dr Robert F Mills, Maj Michael Birdwell, and Maj Kevin Beeker. The article nicely argues for refocusing DoD’s “NETOPS” and “CND” missions, where the former is defined... 
  Related Tweets from Twitter
asteingruebl (Andy Steingruebl)  : @taosecurity That was true of incidents Verizon and USSS handled. That doesn't by itself = all incidents. Right?..
Updated : 2010-07-31T02:40:16Z   |  Reply  |  View Tweet
shirkdog (shirkdog)  : @taosecurity so... the outsider attacks would be 69% pre 2008 :)..
Updated : 2010-07-31T01:59:43Z   |  Reply  |  View Tweet
shirkdog (shirkdog)  : @taosecurity When jobs are there, maybe some people think about getting back at the company...but people seem to be more pessimistic now...
Updated : 2010-07-31T01:58:37Z   |  Reply  |  View Tweet
alexhutton (Alex Hutton)  : RT @taosecurity: Schultz: study puts to rest the lingering legend that most attacks are due to insiders http://bit.ly/cafM51..
Updated : 2010-07-31T01:47:12Z   |  Reply  |  View Tweet
taosecurity (Richard Bejtlich)  : Schultz: This study should put to rest the lingering information security legend that most attacks are due to insiders http://bit.ly/cafM51..
Updated : 2010-07-31T01:44:00Z   |  Reply  |  View Tweet
  Related News from Digg
Leave a comment | Trackback
No comments yet.
You must be logged in to post a comment.
TOP