General
White House: Big Data is a Big Deal
April 05, 2012 Added by:Headlines
By improving our ability to extract knowledge and insights from large and complex collections of digital data, the initiative promises to help accelerate the pace of discovery in science and engineering, strengthen our national security, and transform teaching and learning...
Comments (0)
Data Classification: Why it is Important for Information Security
April 02, 2012 Added by:Christopher Rodgers
Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...
Comments (0)
It’s Data Breach Report Season: Beware Of Partial Truths
April 01, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
Comments (1)
Transborder Data Flows at Risk
March 22, 2012 Added by:David Navetta
The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...
Comments (0)
Examining the Top Ten Database Threats
March 14, 2012 Added by:PCI Guru
Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...
Comments (0)
It’s Back: March Madness Higher Education Data Breach Brackets
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
Comments (0)
Howard Schmidt to Unveil Report on Health Information Security
March 02, 2012 Added by:Marjorie Morgan
Schmidt is slated to announce the third publication in the Internet Security Alliance's financial cyber risk management series, "The Financial Impact of Breached Protected Health Information: A Business Case for enhanced PHI Security"...
Comments (0)
Database Security TLAs Make Me LOL
February 15, 2012 Added by:Josh Shaul
I can only imagine what folks go through when they’re shopping for solutions to improve databases security. Do you want DAM? DAP? DAMP? DSP? DLP? WAF? To improve the security of your databases, you’re probably going to need some or all of the following capabilities...
Comments (0)
Data at Rest: Dormant But Dangerous
February 10, 2012 Added by:Simon Heron
Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...
Comments (0)
Four Keys for Intellectual Property Protection
February 07, 2012 Added by:Jason Clark
Intellectual property includes product designs, secret formulas, and other trade knowledge. It's what organized cybercrime, state governments and hackers are all going after. Why? Mostly because of the value. One stolen manufacturing process can be worth millions...
Comments (1)
Twelve Security Best Practices for USB Drives
February 07, 2012 Added by:Kelly Colgan
Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...
Comments (1)
It's Time to Evolve How We Protect Our Data
January 24, 2012 Added by:Josh Shaul
Advanced systems for protecting databases have been available for several years now, and have become mature and reliable technology. Databases can be locked down with secure configurations, strong access controls, and effective patch management strategies...
Comments (0)
TeamSHATTER: Analysis of the January 2012 Oracle CPU
January 18, 2012 Added by:Alexander Rothacker
This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...
Comments (0)
Effective SIEM: Less Turtle - More Awareness
January 12, 2012 Added by:John Linkous
SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...
Comments (0)
Cybersecurity in Today's World
December 31, 2011 Added by:Larry Karisny
Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...
Comments (0)
The State of Solid State
December 21, 2011 Added by:Emmett Jorgensen
Solid state disks are more reliable because SSDs do not contain any moving parts. There are no read heads, actuator arms or spinning platters that can break down in an SSD. SSDs can be moved around freely while in use and have a higher tolerance against shock and vibration than HDDs...
Comments (1)
- Security Monitoring Planning Tool?
- The Enterprise Network: Effective Protection Strategies
- Verizon 2014 DBIR: Hide Your Servers and Call the Cops
- 2014 SecurityWeek Golf Classic to Take Place May 22 at Half Moon Bay
- 6 Minutes That Can Change Your Security Start-up's Life
- NIST Abandons Cryptography Algorithm in Wake of NSA Backdoor Concerns
- Let’s Get Proactive with End User Security
- Verizon Publishes Vastly Expanded Data Breach Investigations Report (DBIR)
- Interview with Chris Petersen, LogRhythm co-founder
- Detecting OpenSSL-Heartbleed with Nmap & Exploiting with Metasploit