Wellington Research delivers unseen cyber security insight. Our proprietary data and insight helps accelerate cyber security journeys in less time and with less risk.

Bots Change Security – Are You Ready?

Bots change security – at least that’s the view of most forecasters. But what does it mean that bots change security, and what kind of bots? Are we talking about: Programmed scripted bots, as in robotic process automation otherwise known as RPA? Programmed machine- and data- learning pattern recognition and response bots? Human learning bots

Dealing with the Security Vendor Merry-Go-Round

I had the opportunity to listen to a number of security vendors pitch their stuff and some of the recent Merry-Go-Round sounds pretty impressive until you start digging into it. Here are a few of the stories with names and specifics redacted to protect the innocent. Vendor One This provider of security stuff energized their

Artificial Intelligence – Cybersecurity’s Future

There was some controversy emerging from the most recent RSA conference when the CTO of RSA – Zulfikar Ramzan – was quoted saying “I think it (the technology of machine learning) moves the needle,” he said on Wednesday. “The real open question to me is how much has that needle actually moved in practice?” What

The Changing Nature of SOCs

Security Operations Centers (SOCs) are largely confined to use by big businesses and governments, especially large federal governments and large enterprises among the global 1,000. Unfortunately, the resources – and available security talent – that are common among global 1,000 and large federal governments are not common among local governments, small businesses, and most healthcare

Security’s Universal Truths

Security’s Universal Truths There are several universal truths about security, including: There are no silver bullets There is no perimeter There is no security, only degrees of risk If you turn off the power, you might have no risk, and even then I’m not sure Security is not secrecy Silver Bullets and the Long Ranger

The Digital Transformation of Security

The digital transformation of security is underway: are you prepared for it? Our security practices of have grown up and around the combination of procedures/technologies tools that we use to implement it. We are very proud of our defense in depth security approaches. We revel in their coverage and speak of their architectures. The only

Blockchain Disrupts Everything :-)

I saw a story the other day about how Blockchain technology is disrupting everything, as in present-tense, happening today, the world is being disrupted. The author goes on to cite voting, finance, music, ownership and counterfeiting. Not exactly everything, and not exactly present tense either. Another one from Forbes says Blockchain startups are disrupting the

Security and Merlin’s Magic Wands

Merlin’s magic wands. For security everyone wishes s/he could just wave their hands are move on but it’s not that simple. Wish you had a magic wand that could just make things right? We all have this fantasy at some time or another. But, work and life are about determination, persistence, teamwork and smart decisions,

Why Managing Risk Does Not Compute

One of the disciplines for information security is risk management. Managing the risk of using IT is after all, what it’s all about when it comes to digital security, or so they say. For example, when faced with the alternative of not closing a deal before the end of quarter versus closing it, what do

What’s Behind the Microsoft Linkedin Linkup

What’s behind the Microsoft Linkedin linkup announced in June 2016? Microsoft announced it intends to acquire Linkedin – the premier business social network – in an all-cash deal for the sum of $26 billion on June 13, 2016. The acquisition announcement set off a firestorm of controversy about the deal ranging from utter bewilderment and

Vendor Integration and Risk Management – Two

Vendor integration and management is posing growing demand on IT for its own needs, and those of multiple business line constituents. In this part two, we look at some of the common procedures being used to implement successful vendor integration and risk management efforts. More mature organizations collecting information related to business value and business

Vendor Integration and Risk Management – One

Vendor integration and risk management is a growing demand on IT that is taking more time and effort to do at all, never mind do it right. IT has traditionally ignored the necessary resources, time, and attention to vendor integration and risk management programs. For some enterprises integration and management of vendors is ignored while

Intrusion Deception and the New Rapid Detection and Response

The new kid on the block is Intrusion deception, the virtual version of the old physical honeypots. The new intrusion deception catches attacks from cyber-attackers because they are only seen by attackers – internal or external – who then touch virtual decoys such as looking PCs, Mobile phones, servers, network equipment and anything else connected

Security’s Next Generation – Form or Substance?

We keep hearing about Nex-Gen Firewalls, and for the vendors of firewalls it is next generation to add web-application filtering and other tricks to their network access rules. But this stuff isn’t really next generation from a technology perspective: it’s next generation from the perspective of integrating existing technologies. Security’s first generation used simple blacklisting

Security and the IoT – What are the Treatment Options

Security and the IoT – What are the Treatment Options? What are the digital risk treatment options? We can mitigate the risk by using cyber security controls to manage the business risk of using digital. We can transfer the risk of using digital to a third party via an insurance policy, and we often we

Microsoft and Market Dominance

Seventeen months after announcing that it would do so, Microsoft formally ended technical support and security updates for Internet Explorer versions 7, 8, 9 and 10 on most operating systems. Some see this as the end of an era while others see it as a potent of potential risk for web users and companies still

The New Analytics

The new analytics are already in play, and are about the become a more critical part of our lives in the future. They can be seen in use with Siri, Cortana and “Hey Google” through your phone. The new analytics are also being used with sales offers using new mass personalization applications, by healthcare providers

Google, Android and Stage Freight

Do you have Stage Freight?  No, not the kind of stage freight fear and anxiety that occurs when you have to deliver a speech or pose for the camera. This Stage Freight is a bug in the Android operating system powering the vast majority of mobile phones and tablets now on the market. This vulnerability

IoT Market Leaders and Laggards

Depending on who you talk with, the Internet of Things (IoT) is everything from the next big change that’s going to revolutionize entire industries to an interesting tech-led fueled publicity feeding frenzy. If you look behind the scenes there are some rather interesting pictures that are emerging of industries, products and breakout opportunities. FitBit Activity

Microsoft’s Big Mobile Gamble

Microsoft is – quietly and not so quietly – gambling big on mobile. The company loudly bet big when it acquired Nokia for $7.2 billion in 2014. In the year since the acquisition, the company has figured out that it’s route to market is not going to be as a manufacturer of handsets competing with

Featured Research

2018 Cyber Security Spend Report

The 2018 Cyber Security Spend Report focuses on global spend today through the coming five years. Did you know that global spend on cyber security is: More than $103 billion today Will exceed $130 billion by or before 2022 Today’s top two spend categories account for almost 50 percent of spend by enterprises today. The

Innovative Digital Business Models

Is your company making money using some of the innovative digital business models of the future, today? If not, it is important to understand what some of the new digital business models are, what they are best used for, who should consider using them, why they are important, and when they should be used. Not