ANX Corporate Blog

The Payment Card Industry Data Security Standard (PCI DSS), is “a set of comprehensive requirements for enhancing payment account data security.”  In other words, PCI provides a set of tactics to protect the confidentiality and integrity of data.  Great place to start – but it’s only part of the picture.  Applying them appropriately requires situational awareness and knowledge of the company’s core values and strategy.

This series explores Sun Tzu’s approach to assessing an army’s readiness for battle as applied to compliance requirements in support of business strategies.

Assess the Risk

“Regulations are not designed to handle the kinds of threats, the kinds of vulnerabilities, and the kinds of problems that organizations are facing today,” said Edward Schwartz, CSO of...

Read more

The 20th Anniversary of the RSA Security Conference is being held this week in San Francisco, CA.  It's always exciting to see and hear what the latest security products and initiatives are for the upcoming year with all of the participating vendors.  What you often find is an ebb and flow affect due to an ever changing threat landscape that drives the evolution of the security technologies we use.  Additionally, organizations are continually looking to improve efficiencies and maximizing their security budgets.  Enter cloud computing.

With much intrigue and focus being given towards cloud computing, and more importantly cloud security, how does an organization fully comprehend the definition of the cloud?  Simply stated you have Infrastructure (IaaS), Platform (PaaS), and...

Read more

At the close of RSA, Former U.S. President Bill Clinton closed the conference with his talk entitled “Embracing Our Common Humanity”. Unfortunately the speech wasn’t so much about Embracing Humanity (which we seem to have lost) and more about our responsibility as Security Professionals to be the Internet Police of the world ensuring that the Internet remain free. As we have all seen with the recent events in Egypt and now other parts of the Middle East, information must be allowed to flow freely. That freedom, however, does come with responsibility as President Clinton repeatedly stated “we must get back to reading and understanding the facts and not fall into Ideology”.

Overall the speech focused on the importance of making sure there is good political policy to back up new...

Read more

RSA 2011. Another rainy cold week in San Francisco. Being from the East Coast, I typically do not come west of the Mississippi for a Security Conference. With the CISO Summit in Orlando and INTEROP in New York, it’s basically same show, just a longer plane ride.

Being a 30 year veteran of the Information Security industry you become rather slighted to the “been there done that” mentality. So in attending RSA I had no preset expectations on the event in general. As I’ve transitioned more into a Strategy roll within Information Security I am more interested in “What’s Innovative”.

 The RSA Conference

If you are a veteran of the industry like me the vast majority of the topics and discussions were nothing new. The panel discussions, specifically around Cyber Security and...

Read more

Hello from RSA! 

As we traveled into a rainy San Francisco, we couldn't help but laugh at all of the 'RSA will be mostly cloudy' jokes.  Truly, rain included, we are thrilled to hear all of the excitement around the cloud this year! 

ANX has a large group running around this year’s show.  Look out!  ANX faces include: Matt Peterson, Curtis Blunt, Glenn Moore, Kim Francisco, Paul Arceneaux, and our CEO Rich Stanbaugh.  If you see any of us, please say hi.  One of our goals at RSA this year is to meet great people face-to-face.

We also encourage you to follow us on Twitter @ANX.  We will be live-tweeting throughout the show. 

Hopefully we get a chance to see all the great tracks that are being offered at the show.  I am looking forward to the GRC track and the cloud security...

Read more