Latest Blog Posts

65be44ae7088566069cc3bef454174a7

Avoid this Common Privacy Choice Mistake

August 26, 2014 Added by:Rebecca Herold

Many marketing professionals have a common temptation; they want to send as many marketing messages to as many people as possible, and they would love to send it to all folks who have ever been customers or clients of their business, and often times actually want to simply send to everyone whose email address they can obtain in any way.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Are Connected Cars on a Collision Course with Network Security?

August 26, 2014 Added by:Patrick Oliver Graf

Flipping through any consumer publication that rates vehicles, you’ll see all the metrics you would expect – from safety and performance (acceleration, braking, etc.) to comfort, convenience and fuel economy. What you won’t find is an assessment of the car’s risk of being remotely hacked.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

P2PE Versus E2EE

August 25, 2014 Added by:PCI Guru

I have been encountering a lot of organizations that are confused about the difference between the PCI SSC’s point-to-point encryption (P2PE) certified solutions and end-to-end encryption (E2EE). This is understandable as even those in the PCI community are confused as well.

Comments  (1)

Ebe141392ea3ebf96ba918c780ea1ebe

How to Help

August 25, 2014 Added by:Wendy Nather

There are a few movements afoot to help improve security, and the intentions are good. However, to my mind some are just more organized versions of what we already have too much of: pointing out what's wrong, instead of rolling up your sleeves and fixing it.

Comments  (1)

B689dd1362bef7eb372a540d3b6e6287

Preparing for a Successful IAM Integration Project (Part 2 of 2)

August 21, 2014 Added by:Identropy

An identity management implementation project will often extend 18-36 months based on the size and complexity of the organization. This is an extraordinary amount of time for any project sponsor to maintain passion around the project.

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

NERC CIPS and Keeping Lights On – Are They the Same?

August 21, 2014 Added by:Joe Weiss

August 19th, I spent a day with the NERC Critical Infrastructure Protection (CIP) Version 5 Drafting team working on one of the NERC CIP Standards. The focus was on boundary protection, not on the actual control system devices and serial communications which were explicitly excluded.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Save $300 on ICS Cyber Security Conference Registration

August 21, 2014 Added by:Mike Lennon

Attendees who register by Friday, August 22 will Save $300 and pay just $1695 for a full conference registration which includes 4 days and pre-conference workshops.

Comments  (1)

B689dd1362bef7eb372a540d3b6e6287

Preparing for a Successful IAM Integration Project (Part 1 of 2)

August 20, 2014 Added by:Identropy

If you have ever hired a Professional Services team to do an integration project, you know that it takes planning and tenacity to pull it through to the end. Depending on the breadth of the integration, the difficulty of accomplishing this varies.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Vulnerability Management: Just Turn It Off! PART III

August 20, 2014 Added by:Tripwire Inc

In our third and final post of this series, Tripwire’s Vulnerability and Exposure Research Team (VERT) highlights four more unnecessary risks that often appear in even the most secure networks.

Comments  (0)

306708aaf995cf6a77d3083885b60907

Hackers Exploited Heartbleed Bug to Steal Patient Data from Community Health Systems

August 19, 2014 Added by:Mike Lennon

TrustedSec, citing sources familiar with the incident, said on Tuesday that the initial attack vector was through the infamous “Heartbleed” vulnerability in OpenSSL which provided the attackers a way in, eventually resulting in the compromise of patient data.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

‘BadUSB’ Malware Leaves Terrible Taste at Black Hat 2014

August 19, 2014 Added by:Patrick Oliver Graf

If awards were given out at Black Hat 2014, one nominee for “Exploit of the Conference” would have won in a runaway – the “BadUSB” exploit.

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

More Dot-Gov Sites Found Compromised

August 19, 2014 Added by:Malwarebytes

With the number of .gov sites we have seen that are insecure, it pays for users to be careful of potential risks they may encounter when visiting them.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Is EMET Dead?

August 18, 2014 Added by:Tripwire Inc

Exploit mitigation techniques have come a long way.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Getting in Our Own Way

August 18, 2014 Added by:Rafal Los

The security community has this widely-understood reputation for self-destruction. This is not to say that other communities of professionals don't have this issue, but I don't know if the negative impact potential is as great.

Comments  (0)

306708aaf995cf6a77d3083885b60907

2014 ICS Cyber Security Conference Agenda Update

August 15, 2014 Added by:Mike Lennon

The 14th ICS Cyber Security Conference will have 5 major themes: Actual ICS cyber incidents; ICS cyber security standards; ICS cyber security solutions; ICS cyber security demonstrations; and ICS policy issues.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Requirement 10.6.2 Clarification

August 14, 2014 Added by:PCI Guru

The argument in PCI circles is the definition of “all other systems”. Some of us believed that it meant systems other than those in-scope. Other people believed that it had to refer to only in-scope systems such as a user workstation.

Comments  (0)


« First < Previous | 1 - 2 - 3 - 4 - 5 | Next > Last »