Browsed by
Author: Brad Bussie

Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.
Understanding File Activity Monitoring

Understanding File Activity Monitoring

The ability to monitor file access activity across file shares residing on NAS and Windows devices represents both a tremendous gap and opportunity for organizations looking to identify threats, achieve compliance, and streamline operations. Unfortunately, most organizations can’t answer the most basic questions surrounding data activity, and it ultimately boils down to a handful of seemingly simple reasons: Volume – The volume of data is typically more than organizations can handle with manual auditing. System Performance – Native logging introduces…

Read More Read More

Market Trends: Protecting Against Ransomware

Market Trends: Protecting Against Ransomware

Ransomware is a form of malware currently taking the world by storm. Take for instance the headlines this month about a Kentucky hospital being struck down by a virulent strain, essentially halting all use of company equipment and websites until the malware could be quarantined. Think of ransomware in terms of your data being held ransom by a third party. The way the attacker orchestrates the attack is what ensures total loss of data unless the ransom is paid. The…

Read More Read More

The Security Marathon

The Security Marathon

I never considered myself a runner. I am your typical IT guy. I like hot wings, beer, and video games. Information security was something that I had an interest in at a young age, but running? No. That could possibly involve sweating. So why I am writing a blog about security and how it relates to running? Because both of them are something I NEED to do. I want to protect myself from the crippling effects of my often sedentary…

Read More Read More

RSA 2016 – STEALTHbits Recap

RSA 2016 – STEALTHbits Recap

RSA gets bigger every year. More vendors, sessions, and people flooded the halls of Moscone Center. The conference came from humble beginnings to the now largest security conference in the world. What was RSA 2016 like you are wondering? It was special. We celebrated the twenty fifth anniversary of the conference and you could feel that emphasis in all aspects of the show. For those of you who haven’t attended an RSA conference before, it can be divided up into…

Read More Read More

Market Trends: Saying Goodbye to One-Size-Fits-All IAM Solutions

Market Trends: Saying Goodbye to One-Size-Fits-All IAM Solutions

Interest in IAM solutions has increased substantially over the past few years, as the perpetrators of many high profile breaches have exploited stolen credentials to steal sensitive data and inflict damage on their victim organizations. And, as the popularity of IAM solutions has increased, the solutions are evolving. Once one-size-fits-all IAM products forced their customers’ processes to bend to the product’s requirements. Now, flexibility is replacing rigidity as the governing concept, as IAM solutions – now more accurately described as…

Read More Read More

Advanced Persistent Threats vs. Targeted Attacks

Advanced Persistent Threats vs. Targeted Attacks

I read an article the other day about Advanced Persistent Threats vs. Targeted Attacks. It had some insightful information that got me thinking about hackers of today. I think we all can agree that the word hack or hacker has changed since its inception. One of my favorite movies back in the 90’s was called “Hackers”. I wanted to be those guys. Not just because I could possibly date Angelina Jolie, but I wanted to be able to become a…

Read More Read More

Market Trends: The Risk Factor

Market Trends: The Risk Factor

Authentication-based attacks remain a primary concern for many of our clients no matter the size or sector of their organization. While knowledge of these threats has increased, understanding the risk factors – and how to remediate them – has not. Most attacks are premised on stealing data for financial gain, and obtaining access is only the first step. Figuring out where valuable data is located, how it’s protected, and ultimately how to access it will take any infiltrator significant time….

Read More Read More

Market Trends: Extending On-Prem Data Access Governance to the Cloud

Market Trends: Extending On-Prem Data Access Governance to the Cloud

Access governance ‘in the cloud’ can be no different than access governance in general. For most organizations, at minimum, the same levels of controls will be required that were in force before the service was transitioned to a cloud-based offering. Adoption of Office 365, Dropbox and similar cloud services requires translating access governance concepts such as managing and reviewing access, monitoring activity, understanding where sensitive data is stored to those cloud-based services. The key to this will be treating the…

Read More Read More

Access Governance in the Cloud

Access Governance in the Cloud

Data is like a precious metal to a business. Like any precious metal it has to be found, extracted, valued, and refined before it can be truly useful. Understanding how precious data is to an organization leads us down the path of needing to know who has access to what data within the organization. The practice of understanding who has access to what has become known as Access Governance. With the emergence of cloud technology, governance has taken on a…

Read More Read More

Market Trends: Advanced Persistent Threats

Market Trends: Advanced Persistent Threats

If you’ve heard the terms “lateral movement” or “golden tickets” recently, you might be wondering what they were referring to, and maybe not even realized they had anything to do with computer security. They are in fact references to the new breed of ‘Advanced Persistent Threats’ (APT) which have come to prominence as a result of some of the higher profile security breaches in the last 12 months. In fact, according to ISACA’s study “2015 Advanced Persistent Threat Awareness-Third Annual”,…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.