Enterprise Security


One-in-Six Advocate Prison for CEOs and Board Members After Breaches

April 06, 2015 Added by:Anthony M. Freed

In a recent survey of security professionals conducted at the e-Crime Congress, 16% of respondents said they support laws that would result prison sentences for executives and Boards of Directors for any negligence on their part following a major data breach.

Comments  (0)


Cybercrime Is Now More Profitable Than The Drug Trade

April 06, 2015 Added by:Tripwire Inc

As reported by the 2013 Europol Serious & Organized Threat Assessment, the “Total Global Impact of CyberCrime [has risen to] US $3 Trillion, making it more profitable than the global trade in marijuana, cocaine and heroin combined.”

Comments  (0)


PCI Issues Penetration Testing Information Supplement

April 06, 2015 Added by:PCI Guru

Not surprisingly, I have a number of comments based on what I have read. There are some good things that have come out of this effort. But in my opinion, the committee missed the boat in a few areas and those will lead to even more confusion between penetration testers, QSAs and clients.

Comments  (0)


Rethinking the Cyber Kill Chain

April 02, 2015 Added by:Invincea

While the underlying framework and conclusions are excellent, there are few entities capable of fully implementing defenses against all aspects of the cyber kill chain for multiple reasons

Comments  (0)


30 Percent of Companies Would Negotiate Data Ransom With Cybercriminals

April 01, 2015 Added by:Brian Prince

Negotiating with criminals is risky, but it is apparently a risk some people are willing to take if it is going to get them their data back.

Comments  (0)


Enterprise Security Pros Embracing Threat Intelligence, But Question Reliability: Survey

March 31, 2015 Added by:Brian Prince

While 53 percent said threat intelligence was critical to having a strong security posture, 47 percent did not agree.

Comments  (0)


NIST: Internet of Things Hampered by Lack of Effective Timing Signals

March 31, 2015 Added by:Anthony M. Freed

As the rapid expansion of connected devices continues unabated, one small issue may may prove to be a major challenge the Internet of Things (IoT) – the lack of effective methods to integrate accurate timing systems with devices and networks.

Comments  (0)


Are You Prepared for Runaway Deprovisioning in Your IAM Environment? A True-Life Story…

March 31, 2015 Added by:Identropy

Here are a few tips that you may want to include in your planning if you have not developed a response plan for your IAM environment

Comments  (0)


Should Infosec Professionals Hack To Understand the Mind of the Attacker?

March 31, 2015 Added by:Tripwire Inc

To anticipate where and how an attacker might strike next, security professionals are realizing the importance of being able to understand the mind of the attacker and what they value in a target.

Comments  (0)


3 Things I Learned Talking to InfoSec People About Crime

March 30, 2015 Added by:Brent Huston

There is a complete disconnect between the way most bad guys think and operate and the way many infosec folks think and operate.

Comments  (0)


How to Manage Mac and Mobile Devices in Your Existing Infrastructure

March 30, 2015 Added by:InfosecIsland News

Please join us on Tuesday, March 31 at 1PM ET for a special webcast: How to Manage Mac and mobile devices leveraging your existing infrastructure, presented by Centrify.

Comments  (0)


The Government Says It Has a Policy on Disclosing Zero-Days, But Where Are the Documents to Prove It?

March 30, 2015 Added by:Electronic Frontier Foundation

Despite the White House’s claim that it had “reinvigorated” its policies in spring 2014 and “established a disciplined, rigorous and high-level decision-making process for vulnerability disclosure,” none of the documents released in response to our lawsuit appear to be newer than 2010.

Comments  (0)


Threat Intelligence: A Force Multiplier for Security Pros

March 26, 2015 Added by:Joseph Pizzo

With all of the threats and exploits that are discovered on a daily basis we, as security professionals, are always looking for an advantage.

Comments  (0)


Premera Breach Emphasizes Risk to Holders of Medical Records — and the Importance of Network Security

March 26, 2015 Added by:Kevin Watson

The problem is data security is boring and tedious, making it easy to become the task we push off until tomorrow, and the next day, and the next day.

Comments  (0)


CSIS Issues Recommendations for Threat Intelligence Sharing

March 25, 2015 Added by:Anthony M. Freed

The Center for Strategic and International Studies (CSIS), a non-profit think tank which conducts research and analysis to develop policy initiatives, has issued a set of recommendations for Congress and the Obama Administration regarding the steps that should be taken in order to increase the level if threat information sharing between the government and private sector.

Comments  (0)


Think Like a Hacker

March 24, 2015 Added by:Javvad Malik

This was the sage advice being given out by an industry veteran in response to a question about working up the infosec ladder. I started nodding in agreement but then stopped myself mid-nod.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »