Latest Blog Posts

E313765e3bec84b2852c1c758f7244b6

Tips for Writing Good Security Policies

November 13, 2014 Added by:Brent Huston

Almost all organizations dread writing security policies. When I ask people why this process is so intimidating, the answer I get most often is that the task just seems overwhelming and they don’t know where to start.

Comments  (3)

201d6e4b7cd0350a1a9ef6e856e28341

How Can ICS Cyber Security Risk be Quantified and What Does it Mean to Aurora

November 13, 2014 Added by:Joe Weiss

Risk is defined as frequency times consequence. There is little information on frequency of ICS cyber attacks.

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

How to Steal Data From an Airgapped Computer Using FM Radio Waves

November 12, 2014 Added by:Tripwire Inc

More and more organisations today have some airgapped computers, physically isolated from other systems with no Internet connection to the outside world or other networks inside their company.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Three Danger Signs I Look for when Scoping Risk Assessments

November 12, 2014 Added by:Brent Huston

Scoping an enterprise-level risk assessment can be a real guessing game.

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

ISPs Removing Their Customers' Email Encryption

November 11, 2014 Added by:Electronic Frontier Foundation

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted

Comments  (1)

Ffc4103a877b409fd8d6da8f854f617e

First Victims of the Stuxnet Worm Revealed

November 11, 2014 Added by:InfosecIsland News

Kaspersky Lab today announced that after analyzing more than 2,000 Stuxnet files collected over a two-year period, it can identify the first victims of the Stuxnet worm.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

7 Security Threats You May Have Overlooked

November 11, 2014 Added by:Patrick Oliver Graf

In today’s business environment, the list of overlooked network security threats is endless. Information security professionals are modern-day gladiators, tasked with defending corporate data and networks against both known and unknown threats, but no matter how skilled they are, there will always be new threats to their networks.

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Preventing and Recovering From Cybercrime

November 10, 2014 Added by:Pierluigi Paganini

Prevention means to secure every single resource involved in the business processes, including personnel and IT infrastructure.

Comments  (2)

7ddc1f3000a13e4dfec28074e9e7b658

What Makes a Good Security Audit?

November 10, 2014 Added by:Electronic Frontier Foundation

In order to have confidence in any software that has security implications, we need to know that it is has been reviewed for structural design problems and is being continuously audited for bugs and vulnerabilities in the code.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Data Breaches are a Global Problem

November 06, 2014 Added by:Brent Huston

For those of you who maybe just thought that data breaches were only happening against US companies, and only by a certain country as the culprit, we wanted to remind you that this certainly isn’t so.

Comments  (4)

Ebb72d4bfba370aecb29bc7519c9dac2

MSSP: Integrate, NOT Outsource!

November 06, 2014 Added by:Anton Chuvakin

My early research conversations with both MSSP customers and providers themselves reveal the theme: those who think “integrate, NOT outsource” usually get much more value out of the MSSP relationship.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Remote Access No More: Reddit Requires Worker Relocation Before End of Year

November 05, 2014 Added by:Patrick Oliver Graf

To make sure remote workers are able to safely access their corporate network, administrators need to make sure that all endpoints – the company-owned devices employees use for remote work – are secure.

Comments  (1)

D36d0936f0c839be7bf2b20d59eaa76d

Can Hackers Get Past Your Password?

November 05, 2014 Added by:Steve Durbin

Password-based authentication is easy and familiar for customers, and is initially inexpensive for organizations to deploy at scale. But, while password-based authentication may be appropriate in some instances, it is no longer suitable for the wide range of services where it is currently being used.

Comments  (2)

65be44ae7088566069cc3bef454174a7

Risk Management is more than a Risk Assessment

November 04, 2014 Added by:Rebecca Herold

Every business, no matter how small, needs to have a risk management process in place to be able to effectively mitigate information security risks.

Comments  (1)

7ddc1f3000a13e4dfec28074e9e7b658

Verizon Injecting Perma-Cookies to Track Mobile Customers, Bypassing Privacy Controls

November 04, 2014 Added by:Electronic Frontier Foundation

In an effort to better serve advertisers, Verizon Wireless has been silently modifying its users' web traffic on its network to inject a cookie-like tracker.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Ask The Experts: Why Do Security Testing of Internal Computer Networks?

November 03, 2014 Added by:Brent Huston

It is true that the most attacks against information systems come from external attackers, but that does not mean the internal threat is negligible.

Comments  (3)


« First < Previous | 2 - 3 - 4 - 5 - 6 | Next > Last »