General
Adventures in Finding Cardholder Data
May 21, 2014 Added by:PCI Guru
In the past, organizations would rely on their database and file schemas along with their data flow diagrams and the project was done. However, the Council has come back and clarified that the search for cardholder data (CHD), primarily the primary account number (PAN).
Comments (0)
Insider Threat: Does It Matter Now? And How Much?
May 08, 2014 Added by:Anton Chuvakin
While everybody is reading the DBIR 2014, I wanted to re-read it with a particular lens – that on the insider threat.
Comments (0)
Verizon 2014 DBIR: Hide Your Servers and Call the Cops
April 23, 2014 Added by:Tripwire Inc
Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.
Comments (0)
BYOD For Government?
March 23, 2014 Added by:Cam Roberson
BYOD is fast becoming the norm for many enterprises, despite the security risks. Government agencies have been slower to adopt, but will need to start implementing policies that address BYOD.
Comments (1)
Zero Trust and the Age of Global Connectivity
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
Comments (0)
Stopping Remote Access Breaches with “Honey”
February 07, 2014 Added by:Patrick Oliver Graf
A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.
Comments (6)
What the Snowden Leaks Can Teach Us About Data Security
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
Comments (0)
Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
Comments (1)
Gaining a Data Security Edge with Social Threat Detection
August 16, 2013 Added by:Vince Schiavone
From weak data protection practices to sophisticated organized attacks, enterprises are facing a multi-front war when it comes to protecting and preserving their information and intellectual property.
Comments (0)
Cyber Security and Terrorism – See Something, Say Something
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
Comments (0)
Cyber Security – Is Offensive Cyber Security Necessary?
July 31, 2013 Added by:Jon Stout
The country is at war and it is a cyber security war. The enemies are many, diverse and competent and fighting a defensive war is not the best way to win. Cyber security war is like any other war- taking the offensive will improve your chances of success. Like any other war, the cyber security war requires proper planning for success and a total winning strategy. Half hearted measures will not ...
Comments (0)
Top Secret SCI Jobs - The Value of Smaller Contractors
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
Comments (0)
2-Factor Is Great, But Passwords Still Weak Spot
July 17, 2013 Added by:Simon Moffatt
Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.
Comments (0)
Cyber Attacks the Reality, the Reason and the Resolution Part 3
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
Comments (0)
Identity & Access Management: Give Me a REST
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
Comments (0)
Google: Black Hat or White Hat?
April 23, 2013 Added by:Larry Karisny
Google has a perfect opportunity to be a leader in cybersecurity. Google’s recent network -- and acquisitions and hires -- in Austin, Texas, is an opportunity to do security right the first time.
Comments (1)
- Phishing Campaign Abuses Compromised LinkedIn Accounts
- BankBot Spreads via Utility Apps in Google Play
- How to Fail Safe Your Data in the Cloud or When It’s Shared with 3rd Parties
- No Such Thing as Too Small to Hack
- How Secure Are Your Company’s Social Accounts?
- Enterprise Security in the Age of Advanced Threats
- Security Awareness: Watch-Out for Hurricane Harvey Online Scams
- Why the GDPR is Important to Your Organization
- NIST Offering Much Needed Guidance for Neglected SMBs
- What Is Hypervisor-based Security and Why Is It Important in Stopping Zero-Day Exploits?