Latest Posts


An Open Letter to Executives

April 17, 2014 Added by:PCI Guru

I should have published this letter a long time ago as this is not a new issue.

Comments  (0)


FAQs Concerning the Legal Implications of the Heartbleed Vulnerability

April 16, 2014 Added by:David Navetta

Overall, in most cases, the Heartbleed vulnerability and associated security and legal risk is manageable as long as organizations take swift action to remediate their risk.

Comments  (0)


Security Pros Need Better Security Awareness Training Options

April 16, 2014 Added by:Tripwire Inc

One of the basic security measures that every company should be taking is giving security awareness training to its employees.

Comments  (0)


Would a Proprietary OpenSSL Have Been More Secure than Open Source?

April 16, 2014 Added by:Rebecca Herold

The OpenSSL Heartbleed vulnerability has resurrected the age-old debate of whether or not open source code is more or less secure than proprietary code.

Comments  (0)


Is User Experience Part of Your Security Plan?

April 15, 2014 Added by:Tripwire Inc

One common theme across the information organizations that I work with is that everyone wants to do the right thing. Unfortunately, that often means onerous and complicated security policies that translate into awkward steps that users must take.

Comments  (0)


SIEM Webinar Questions – Answered

April 15, 2014 Added by:Anton Chuvakin

Last year, I did this great SIEM webinar on “SIEM Architecture and Operational Processes”...and received a lot of excellent questions. This is the forgotten post with said questions.

Comments  (0)


Electric Grid Safety Hinges on Partnership and Information Sharing

April 14, 2014 Added by:InfosecIsland News

Electric utilities have been focused on improving the safety and reliability of the complex and dynamic electric grid for years, testified Sue Kelly, president and CEO of the American Public Power Association (Public Power) at a Senate Energy and Natural Resources Committee hearing.

Comments  (0)


Rx for Incorrect Compliance Claims and XP

April 14, 2014 Added by:Rebecca Herold

I advise all organizations to identify their systems running XP, determine the risks to PHI of those systems, and then establish a plan to upgrade appropriately and in the nearest time feasible.

Comments  (0)


FBI Plans to Have 52 Million Photos in its NGI Face Recognition Database by Next Year

April 14, 2014 Added by:Electronic Frontier Foundation

New documents released by the FBI show that the Bureau is well on its way toward its goal of a fully operational face recognition database by this summer.

Comments  (0)


NSA vs. Cloud Encryption: Which is Stronger?

April 12, 2014 Added by:Gilad Parann-Nissany

The NSA is powerful: they watch, they listen, they collect data. In cases of national security, perhaps this is a good method to catch terrorists. In cases of private business data, there is a way to block the NSA from getting to your sensitive information: strong data encryption.

Comments  (0)