Dominic Wellington – BMC Blogs BMC Software Tue, 19 Jun 2018 13:01:33 +0000 en-US hourly 1 Dominic Wellington – BMC Blogs 32 32 SecOps Closes the Boyd Loop Tue, 07 Apr 2015 18:58:19 +0000 A good presentation should give the audience some food for thought. I’ve sat through my share of presentations, and I try to learn from those experiences to make sure that I deliver value to my audience during my own talks. Delivering a remote presentation constitutes a whole other level of difficulty, of course, and so […]]]> Compliance is a process, not an event Wed, 25 Mar 2015 13:48:36 +0000 …or at least, it should be A recent PCI compliance report from Verizon contains some interesting findings. It starts off with what seems like good news: compliance rates between audits are increasing, with an 80% increase in the number of companies being validated as PCI-DSS compliant at their interim assessments. However, 80% of companies are still […]]]> The real story behind security breaches: the SecOps Gap Thu, 05 Mar 2015 16:25:11 +0000 The IT security news over the past year or so has been really bad. Sometimes it seemed that each day brought the story of yet another breach, every one bigger than the one before. According to a recent report, more than one billion records were exposed over more than 1,500 individual incidents. It can be difficult […]]]> Cloud Security Issues: Tips For Minimizing Risk Fri, 30 Jan 2015 03:32:25 +0000 The first rule of cloud security is, you do not talk about cloud security issues. No, wait, that’s not right – everybody talks about cloud security risks and issues. Gartner just ran a survey on the factors preventing adoption of the cloud, and more than 50% of respondents cited security and privacy. The problem is […]]]> 1 The SecOps Gap in action Thu, 29 Jan 2015 12:27:06 +0000 I had no sooner posted about how Heartbleed is somehow still a problem than there was yet another new vulnerability out there. Reassuringly, the new disclosure from our good friends at Qualys reinforces my point. My post explored why Heartbleed is still a problem more than nine months after it was first disclosed, and I blamed the SecOps Gap. […]]]> Heartbleed and the SecOps gap Tue, 27 Jan 2015 09:42:37 +0000 Why 2015 won’t be like 2014—oh, wait As we all know, 2014 was a banner year for security breaches. I won’t even list the victims, not least because that would make for a very long, boring blog post. Instead, let’s talk about how we can make 2015 the year we fix IT security. This is, […]]]> Security Beyond The Perimeter Thu, 15 Jan 2015 10:28:56 +0000 There has been a certain amount of excitement in the news media, as someone purportedly associated with ISIS has taken over and defaced US Central Command’s Twitter account. The juxtaposition with recent US government pronouncements on cyber security is obvious: Central Command’s Twitter Account Hacked…As Obama Speaks on Cybersecurity. The problem here is the usual […]]]> The state of IT security in 2014 Tue, 09 Sep 2014 11:16:59 +0000 This week I have been taking the temperature of the Gartner Security and Risk Management Summit in London. Security is a very hot topic right now, with a constant drumbeat of news about security breaches. I already wrote about Community health Systems, and now Home Depot are in the news, with some claiming that the consequences […]]]>