search menu icon-carat-right cmu-wordmark

Posts by Tim Shimeall

Three Places to Start in Defending Against Ransomware

Three Places to Start in Defending Against Ransomware

• Blog
Tim Shimeall

Ransomware is an active and growing threat, affecting many government agencies and private companies. Costs of a ransomware attack (including loss of capability, restoration of data, preventing further attacks, and cleaning up the damage due to the ransomware) frequently run from hundreds of thousands to millions of dollars, over and above any payment of ransom, which is not recommended and may open the organization up to sanctions. Organizations wanting to avoid this damage face a...

Read More
Situational Awareness for Cyber Security Architecture: Tools for Monitoring and Response

Situational Awareness for Cyber Security Architecture: Tools for Monitoring and Response

• Blog
Tim Shimeall

Visibility into the activities within assets enables network security analysts to detect network compromises. Analysts monitor these activities directly on the device by means of endpoint visibility and in the communications going to and from the device on the network. In our earlier blog posts on cyber situational awareness (SA) for the enterprise, we discussed endpoint visibility and network visibility. However, endpoint and network visibility will do little good if analysts don't have tools to...

Read More
Traffic Analysis for Network Security: Two Approaches for Going Beyond Network Flow Data

Traffic Analysis for Network Security: Two Approaches for Going Beyond Network Flow Data

• Blog
Tim Shimeall

By the close of 2016, "Annual global IP traffic will pass the zettabyte ([ZB]; 1000 exabytes [EB]) threshold and will reach 2.3 ZBs per year by 2020" according to Cisco's Visual Networking Index. The report further states that in the same time frame smartphone traffic will exceed PC traffic. While capturing and evaluating network traffic enables defenders of large-scale organizational networks to generate security alerts and identify intrusions, operators of networks with even comparatively modest...

Read More

Contact the Author

Tim Shimeall

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Tim Shimeall

View publications