Chima Njaka

Chima Njaka is based in Palo Alto, California and has broad experience in developing, selling and marketing technical solutions that include scalable log and security intelligence platforms for the enterprise and cloud. Chima takes pride in helping customers work with terabytes and more of big data coming from their own IT infrastructure.


When Will Security Systems Start Avoiding the Avoidable?

April 25, 2013 by Leave a Comment
Email

Personal SecurityThis week, TIBCO LogLogic has been taking part at InfoSec Europe, the largest Information Security Event in Europe.  According to initial reports, there are over 17,000 registrants at this year’s event.  We are at booth F50 and we hope to see you there.

One of the highlights about going to one of these shows is the chance to soak up the latest and greatest in information security and put it out for the public (recall my observations from the RSA show earlier this year).  Often, there are regional differences.  In EMEA, “Big Data” has not yet captured as much attention in IT Security as it has in the States (locals say, “Give it another six months.”).  More often, however, you find common security issues — more common than regional people probably realize.

Avoiding the Avoidable

A favorite topic is the latest information on security breaches.  At InfoSec Europe, the 2013 Cyber Security Breaches Survey was officially released, and details of the survey’s results were discussed and reviewed.  One observation I made at RSA noted that 80% of successful security attacks will exploit well-known vulnerabilities that could have been detectable via security monitoring.  This finding is corroborated in the UK government’s 10 Steps to Cyber Security recommendations from last year.

Despite this, the 2013 survey found that take-up of these basic security guidelines, including analysis of log data to monitor networks, was patchy at best (only 30% of large organizations had followed the guidelines).  As such, perhaps it should come as little surprise the survey’s finding that 93% of large organizations (250+ employees) and 87% of small business had at least one security breach last year.

How long can we avoid avoiding the avoidable?

Filed Under: Cyber Security Tagged With: , , , , , ,

How North Korea is Like a Rogue Computer Process

April 17, 2013 by 1 Comment
Email

Recognizing North Korea and Kim Jong-un’s recent actions as probable bluster has parallels to assessing a rogue computer process or questionable user activity on a network. When a process goes wrong in a system, log monitoring software gives off a real-time alert as a warning. With a less-than-enterprise class solution, this alert might be all that happens, which forces systems administrators to decide on an action based on isolated, incomplete information. With lives at stake rather than system and network resources, the result could be tragic.

Context is Key for Real Understanding

The U.S. government has the benefit of a sophisticated infrastructure providing correlated analysis of any situation from multiple angles. The direct threats from North Korea are correlated with data on their lack of actual troop movements, no missile facilities preparations, and in context of historical data of frequent threats right around national holidays. Similar to the U.S. government, a true enterprise-class log management and data analytics system should enable IT managers to have a fully informed view of any specific event with all the pertinent information available at once to enable fully intelligent action. [Read more...]

Filed Under: Event Processing Tagged With: , , , , , , ,

Three Key Security Observations from the 2013 RSA Conference in San Francisco

February 27, 2013 by Leave a Comment
Email

At the RSA Conference in San Francisco, it’s all security, all of the time. When one topic is the only focus over such a short period, it becomes easy to see current trends. Here are three that have caught my attention:

1. Advanced persistent threats (APTs) – APTs will continue to be an issue for enterprises in 2013 and beyond. The machine layer of defense is excellent at catching threats that are known ahead of time, where rules can be written, filters created and bad things can be “bucketed” from good things. Sometimes a human eye is brought in to spot things computers don’t “see” so easily. In a perfect world, that is enough.

But the significant problem is the A in APT. Advanced threats haven’t been identified, and only by collecting all data available and using user and machine activity monitoring can these threats be identified and blocked.

2. Bring Your Own Device (BYOD) – BYOD brings problems as well when people using their own devices can break any policy at any time. Enforcing policies across disparate devices (some more secure, some more vulnerable) requires monitoring of systems and user activity. [Read more...]

Filed Under: Event Processing, Tech Trends Tagged With: , , , , , , , , ,

What’s Logs Got to Do with IT?

November 5, 2012 by Leave a Comment
Email

Many of the conversations about Big Data focus on information flowing into the organization from somewhere else. It isn’t as widely discussed that there is an enormous amount of information coming out of every enterprise’s IT infrastructure that is just as critical, offers enormous insights and is just as time sensitive. Big Data isn’t complete without log data.

What is Log Data?

Log data, effectively, is like non-stop tweets coming from IT assets and is generated by almost every element within an enterprise’s infrastructure. By managing this data proactively instead of just when something goes wrong, organizations mitigate risk, ensure service availability and promote operational efficiency.

This data provides an immutable fingerprint of user and system activity that can be, at the lowest level, a failed logon and at the higher levels, a significant diversion from baselines, runaway application or an actual security breach. Logs leave behind a track that can be followed to answer questions like: “Who did what and when?”; “Are we following regulations?”; “Is our network performing optimally?” and “Is our data safe and secure?” These are all critical to business operations and can bring down an organization that isn’t paying attention.

Getting specific, log data gives us a view into: [Read more...]

Filed Under: Analytics and Optimization, Cyber Security, Tech Trends, Two-Second Advantage Tagged With: , ,