Ryan Wakeham
More by Ryan Wakeham
The Value of Detective Controls
Security professionals have spent the majority of their time focusing on preventative controls for years. Recently, as organizations have begun to accept that they cannot prevent every threat agent, they have also begun to realize the value of detective controls.
2013 Cyber Threat Forecast Released
Ryan Wakeham's thoughts on the recently released Georgia Tech Information Security Center and Georgia Tech Research Institute's 2013 report on emerging cyber threats.
Thoughts on Web Application Firewalls
I recently attended a talk given by an engineer from a top security product company and, while the talk was quite interesting, something that the engineer said has been bugging me a bit. Let's discuss.
Web Application Testing: What is the right amount?
It is becoming more common these days (though still not common enough) for organizations to have regular vulnerability scans conducted against Internet-facing, and sometimes internal, systems and devices. Let's dive into this.
Enterprise Vulnerability Management
Secure360 conference recap from Ryan Wakeham.
Pentesting the Cloud
Thoughts on cloud pentesting after much discussion and buzz at an industry conference.
The Annual Struggle with Assessing Risk
In my experience, one of the security management processes that causes the most confusion among security stakeholders is the periodic risk assessment. Let's discuss.
Why I Hate The Cloud
The Cloud is one of the "new big things" in IT and security and I hate it. To be clear, I don't actually hate the concept of The Cloud (I'll get to that in a minute) but, rather, I hate the term. Hear me out...
Mobile Devices in Corporate Environments
Mobile computing technology is hardly a recent phenomenon but, with the influx of mobile devices such as smartphones and tablet computers into the workplace, the specter of malicious activity being initiated by or through these devices looms large.
Do You Know Where Your Data Is?
When it comes to application of security controls, many organizations have gotten pretty good at selecting and implementing technologies that create defense-in-depth.
Hacking Twitter for Fun (and Profit?)
Just last week, on the eve of the tenth anniversary of the 9/11 attacks, NBC News’ Twitter account was hacked by a group calling itself The Script Kiddies.
Metrics: Your Security Yardstick – Part 2 – Defining Metrics
After a number of questions on the topic, I have decided to follow up on my earlier security metrics blog with a bit more information regarding metrics development.