You are viewing 'security team'

The NTT Security Global Threat Intelligence Center (GTIC)

Global visibility, leadership and roadmap empowering detection capabilities

Rob Kraus

April 11, 2017 - Posted by Rob Kraus to Threat Intelligence

Threat Intelligence

In a recent press release, NTT Security announced the formation of the Global Threat Intelligence Center (GTIC) as a natural evolution of the previously established Security Engineering and Research Team (SERT). As a founding member of the legacy SERT, and current director within the GTIC organization, I am excited to be part of this next great step.

This move marks a significant point in the future of NTT Security in its ability to address security threats, as NTT Security must bring together its international threat intelligence assets, to further enhance our global capabilities.

The GTIC’s mission, under the leadership of Steven Bullitt (VP Global Threat Intelligence), is to apply actionable and detailed insight with a focus on reducing risk for clients and customers. GTIC will... read more >

Aligning Cybersecurity with Business Models

Matt Ireland

March 16, 2017 - Posted by Matt Ireland to Security Insight

IT Security Team

Does your organization face challenges with effectively aligning cybersecurity teams and business executives? In many organizations, it seems that business executives and cybersecurity teams don't always understand each other's roles. Executive leadership may not realize the cyber risks to their organization, such as APT threats, insider threats, espionage, phishing. Also, cybersecurity teams may not know what business systems are MOST important to protect before and during an incident. 

So how can you successfully align cybersecurity with the C-Suite, and keep the collaborative alignment effective? Before we answer that question, let's first talk about the challenges that have historically kept security and business executives out of alignment.

Strategic vision directly influences and impacts the success of implementation of cybersecurity controls. Cybersecurity MUST be positioned as a business enabler. And businesses... read more >

Developing a Strong Application Security Program: Part 2

The Agile Movement

Michael Born

September 29, 2016 - Posted by Michael Born to Security Insight

In my previous blog, Developing a Strong Application Security Program: Part 1, I looked at aspects of a successful application security program as it pertains to a more traditional waterfall Software Development Life Cycle (SDLC). In part two of this series, I’ll focus more on an agile-based SDLC and options for implementing a successful application security program.

Let’s briefly describe some of the differences between a traditional waterfall SDLC and agile SDLC. In a waterfall SDLC, there are clear project objectives through each phase of development. Typically, each project consists of several phases: planning, design, coding, and finally testing. Security teams are injected into the phases and should have sign-off authority on each phase before the project continues to the next. I detailed security’s role in this... read more >

Developing a Strong Application Security Program: Part 1

Michael Born

August 18, 2016 - Posted by Michael Born to Security Insight

InfoSec Employees

As a Security Consultant for NTT Security (US), Inc. Professional Security Services, I have the privilege of witnessing many application security programs. I see programs that work great, are healthy, and handle risk management very well. Then there are programs that have either missed the mark completely, or are healthy but have some maturing to do.

In this blog I’ll be focusing on organizations or development teams that use a more traditional “waterfall” style approach to application development. I’ll attempt to identify traits of a healthy application security program in order to provide ideas for programs that could use some maturing. If your organization uses a more modern “agile,” “iterative,” or “kanban” style of development we will address those specific challenges in Part 2 of the series.

I’m sure many of us have heard that successful... read more >

Prevention Blog Series

Secure Your Network: A Second Step in Security

Loren Paquette

April 14, 2016 - Posted by Loren Paquette to Security Insight

Ounce of Prevention

This blog is a continuation of the Prevention blog series. The first blog, "Four Tips to Secure Your Network," discussed prevention and four tips to immediately help secure your network. The second blog, "Scan Your Network: A First Step in Security," is the first of four steps to assist with security, and discussed ways to scan your network. This blog will cover the second step with ways to secure your network. Links to the other blogs will be provided as they are posted!

Security groups are ultimately responsible for securing our network. If it fails, it’s our fault. Blame is not our friend and casting it will not make you a good fisherman. People in general are hoping to find a mistake to justify their positions or to... read more >

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS