tag:blogger.com,1999:blog-4088979.post4034105687384261383..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: "Protect the Data" -- What Data?Richard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-4088979.post-63236282167614197552009-10-18T14:31:37.887-04:002009-10-18T14:31:37.887-04:00Inaugural NetWitness user conference November 4&am...Inaugural NetWitness user conference November 4&5, Ronald Reagan Building, Washington DC<br /><br />NetWitness is holding its inaugural user conference next month and we'd like you to attend as a VIP! <br />This action-packed two-day event will include a FULL DAY of advanced NetWitness NextGen training, followed by a rich day of customer presentations and panels, problem-solving use cases, and lots of new information about upcoming NetWitness innovations.<br />• Meet key NetWitness development and engineering staff and executives.<br />• Exchange ideas and use cases with fellow NetWitness government and commercial customers, partners, and end users.<br />• Dramatically improve your skills and learn new and valuable uses for NextGen.<br />• Discover advanced topics such as FlexParser, Rule Creation, and Live Feed development...and much more.<br />Cost for NetWitness Customers and Freeware Users: FREE! <br />(you just need to get to Washington DC).<br />Please feel free to pass this invitation to any of your staff members who may be interested in the event. Advance registration is essential as space is limited. <br /><br />The conference information page contains additional details regarding the conference, area hotels, and the preliminary agenda. If you need additional information, please contact: userconference@netwitness.com or your NetWitness Regional Sales Manager. <br />http://www.netwitness.com/userconference.html<br /><br />Agenda Located at:<br /><br />http://www.netwitness.com/userconference_agenda.html<br /><br />NetWitness Corporation, the leading provider of next generation network monitoring and threat analysis solutions, announced several milestones today demonstrating major momentum in the U.S. Government marketAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-20114937982854626812009-10-13T17:57:58.738-04:002009-10-13T17:57:58.738-04:00Here:
"the protect the data mindset, it's...Here:<br />"the protect the data mindset, it's clearly a response to the sorts of data loss events that involve 'records' "<br /><br />...you invoke one of the more common misconceptions concerning the limits of Data Loss Prevention tech. The innovation that got this space off the ground: new search algorithms for detection of both unstructured IP and database records.<br /> <br /><br />Highly accurate search and protection is now possible on engineering design documents, source code, M&A transaction terms, exec memos, etc....<br /><br />Furthermore, you go on to ask:<br /><br />"What about the following?<br /> * Credentials used to access systems. [..]<br /> * Systems that don't house PII or other records, but do serve critical functions. [..]<br /> * Data provided by others. [..]"<br /><br />Point by point:<br />>> Login credentials can in fact be indexed and searches unleashed to detect exposure. The new (well new as of 2001) algorithms I mentioned above are highly effective at running accurate search on exactly this kind of case.<br /><br />>>Systems that don't house PII that have no data of any sort are obviously not a ICRM risk management target, but frankly, availability issues are rarely a reason to pursue such protections. Confidentiality is usually primary.<br /><br />>> Data flow provided by third parties is often a big reason enterprises are engaging in DLP deployments. Primary reason here is the identification of broken business processes.<br /><br /><br />We may have done a poor job at getting the word out far and wide on this matter, but DLP is now widely in use protecting a broad range of classes of data far outside of just PII/records/CC#s etc..<br /><br /><br /><br />KevinKevin Rowneynoreply@blogger.com