General
Cached Domain Credentials in Vista/7 (AKA Why Full Drive Encryption is Important)
July 17, 2014 Added by:Neohapsis
Without full disk encryption (like BitLocker), sensitive system files will always be available to an attacker, and credentials can be compromised.
Comments (0)
Hacks of Houston Astros, Butler University Put Network Security on Center Stage
July 14, 2014 Added by:Patrick Oliver Graf
Together, the high-profile hacking of the Houston Astros and Butler University show why it’s important for every organization to think like an enterprise in constructing a network security plan.
Comments (0)
Big Data's Big Promise Isn't Here Yet
June 24, 2014 Added by:Tripwire Inc
What is interesting to me is how much hope people have for big data being the savior of the security world. I don’t believe that’s going to happen anytime soon.
Comments (0)
Adventures in Finding Cardholder Data
May 21, 2014 Added by:PCI Guru
In the past, organizations would rely on their database and file schemas along with their data flow diagrams and the project was done. However, the Council has come back and clarified that the search for cardholder data (CHD), primarily the primary account number (PAN).
Comments (0)
Insider Threat: Does It Matter Now? And How Much?
May 08, 2014 Added by:Anton Chuvakin
While everybody is reading the DBIR 2014, I wanted to re-read it with a particular lens – that on the insider threat.
Comments (0)
Verizon 2014 DBIR: Hide Your Servers and Call the Cops
April 23, 2014 Added by:Tripwire Inc
Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.
Comments (0)
BYOD For Government?
March 23, 2014 Added by:Cam Roberson
BYOD is fast becoming the norm for many enterprises, despite the security risks. Government agencies have been slower to adopt, but will need to start implementing policies that address BYOD.
Comments (1)
Zero Trust and the Age of Global Connectivity
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
Comments (0)
Stopping Remote Access Breaches with “Honey”
February 07, 2014 Added by:Patrick Oliver Graf
A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.
Comments (6)
What the Snowden Leaks Can Teach Us About Data Security
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
Comments (0)
Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
Comments (1)
Gaining a Data Security Edge with Social Threat Detection
August 16, 2013 Added by:Vince Schiavone
From weak data protection practices to sophisticated organized attacks, enterprises are facing a multi-front war when it comes to protecting and preserving their information and intellectual property.
Comments (0)
Cyber Security and Terrorism – See Something, Say Something
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
Comments (0)
Cyber Security – Is Offensive Cyber Security Necessary?
July 31, 2013 Added by:Jon Stout
The country is at war and it is a cyber security war. The enemies are many, diverse and competent and fighting a defensive war is not the best way to win. Cyber security war is like any other war- taking the offensive will improve your chances of success. Like any other war, the cyber security war requires proper planning for success and a total winning strategy. Half hearted measures will not ...
Comments (0)
Top Secret SCI Jobs - The Value of Smaller Contractors
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
Comments (0)
2-Factor Is Great, But Passwords Still Weak Spot
July 17, 2013 Added by:Simon Moffatt
Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.
Comments (0)
- SAP Cyber Threat Intelligence Report – April 2018
- Cloud Security Alert – Log Files Are Not the Answer
- Avoiding Holes in Your AWS Buckets
- The Three Great Threats to Modern Civilization
- 2020 Vision: How to Prepare for the Future of Information Security Threats
- Why Data Loss Prevention Will Suffer the Same Fate as Anti-Virus
- Unconventional Thinking — Four Practices to Help Mitigate Risk
- The Night the Lights Went out in Georgia (Almost)
- Is Blockchain Really Disruptive in Terms of Data Security?
- Half-Baked Security Approaches: What Cybersecurity Can Learn from Legal Weed