December 20, 2010 Added by:Headlines
The insider threat is particularly troublesome for organizations, as the the perpetrators have access to the most confidential of information, and breach detection usually only occurs after the damage is done...
December 14, 2010 Added by:J. Oquendo
The entire situation could have been avoided by implementing defense in depth. Had the United States military implemented something as simple as Data Loss Protection (DLP) combined with an SIEM, those cables might not have made it to WikiLeaks...
December 14, 2010 Added by:Alexander Rothacker
While this attack is definitely severe by the raw number of passwords compromised, breaches exposing financial information or Social Security Numbers can be much more detrimental to users and can cause even larger headaches and will take a significantly greater amount of time and hassle to remediate...
December 09, 2010 Added by:Robb Reck
DLP can move a company from assuming they know where their data is, and that it's being used appropriately, to a place where they know exactly where their sensitive is, who is using it, and where they are sending it...
December 09, 2010 Added by:shawn merdinger
This will enlighten you about some of the methods attackers will use to perform data exfiltration, and will also provide you with some good questions to beat up vendors with. You can expect your DLP vendor to mention that nobody has asked some of these questions of them before...
December 08, 2010 Added by:Alexander Rothacker
Clearly, there were not enough security controls in place that would have prevented the internal thief from accessing this data, and he shouldn’t have had access to this data to begin with. And if he was allowed access to it, there should have been activity monitoring in place...
December 06, 2010 Added by:Anton Chuvakin
This is a complete and self-contained guidance document that can be provided to people NOT yet skilled in the sublime art of logging and log analysis, in order to enable them to do the job and then grow their skills. This is the first post in the long, long series..
December 05, 2010 Added by:Alexander Rothacker
Most corporations do not have strong security cultures. Who with a budget is going to understand the anatomy of a database attack? Security advancements at many corporations are uphill battles that are largely enabled by compliance projects. Remember, the gold is in the database...
December 02, 2010 Added by:Javvad Malik
Over the last couple of days, many columns have been dedicated to covering the WikiLeaks issue and how embarrassing, not to mention politically damaging it’s been for the U.S. Government. But how can this effect a business? It could happen in any company...
November 29, 2010 Added by:Mark Gardner
What it does highlight though, is the need for pragmatic, effective security controls to be in place, allegedly, these releases were only possibly because the Siprnet database security controls were relaxed to make the system as easy to use as possible...
November 22, 2010 Added by:Alexander Rothacker
There is a false sense of reality that is plaguing organizations based on knowledge of, or a lack of knowledge relating to the costs associated with breaches at the database level. Those responsible for protecting the database don't understand the impact or costs associated with a breach...
November 09, 2010 Added by:Sasha Nunke
Database Assessment is not just a security precaution, but an integral part of database operations management. Databases form the backbone of every major application within the data center, which makes their stability and security both critically important to business operations...
November 05, 2010 Added by:Rahul Neel Mani
EMC completed its first 10 years in India. EMC has come a long way from being a storage box pusher to a preferred information management partner. Manoj Chugh, President EMC India in an exclusive conversation with Rahul Neel Mani talks about how the company grew both in size and stature...
October 27, 2010 Added by:Thomas Fox
According to the 2010 Kroll survey, 88% of companies have been victims of fraud in the past year. Information-based industries reported the highest incidence of theft of data over the past 12 months - these include financial and professional services, technology, media and telecoms...
October 26, 2010 Added by:Simon Heron
Email archiving is compulsory for some businesses, that have to keep old emails for compliance reasons, but all businesses should have an archiving system which makes correspondence quick and easy to find and that keeps business and personal data secure...
September 23, 2010 Added by:Application Security, Inc.
There are a myriad of Database Management System configuration options - many related to performance and enhanced feature sets. Having the correct configuration settings could determine whether your critical business information is secure or whether it could be compromised...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013