Enterprise Security


NAIC Cyber Security Principles – Not for Industrial Control Systems

March 17, 2015 Added by:Joe Weiss

There is still a significant gap in understanding of industrial control system (ICS) cyber security by many in the insurance industry.

Comments  (3)


CISOs: Threat Intelligence, Big Data Analytics and Encryption are Key Technologies

March 16, 2015 Added by:Anthony M. Freed

The 2015 Global Megatrends in Cybersecurity (PDF) report – which surveyed 1,006 chief information officers, chief information security officers (CISOs) and senior IT leaders – reveals that threat intelligence-based solution will be among the key technologies employed in enterprise networks in the next three years.

Comments  (3)


The 2015 Verizon PCI Report

March 16, 2015 Added by:PCI Guru

The Verizon report is a great read and provides a lot of insights. Everyone should get a copy and read it, take it to heart and address your organization’s security shortcomings.

Comments  (3)


How Businesses Can Reduce Wearables Security & Privacy Risks

March 16, 2015 Added by:Rebecca Herold

Have you established information security and privacy policies for the use of wearable computing devices within your organization? No? Well, what are you waiting for?

Comments  (4)


Lessons From Hillary Clinton's Email Security Oversight

March 16, 2015 Added by:Peter Zavlaris

Hillary Clinton is in hot water for her decision to use a private email domain instead of her government-issued one when she was Secretary of State.

Comments  (4)


How To Take Charge of Your Infosec Career

March 12, 2015 Added by:Tripwire Inc

Technologies are advancing rapidly, and there is good reason to always be learning new tech skills but if you strip away the revolving technologies from what you do, there you are. Infosec skills are essential, but so are YOU!

Comments  (1)


Now That We Have All That Data What Do We Do, Revisited

March 11, 2015 Added by:Anton Chuvakin

We have SO much security data, how do we make sense of it?

Comments  (0)


Software Stockholm Syndrome

March 10, 2015 Added by:Jack Daniel

I don’t have a cure for Software Stockholm Syndrome, but as with many problems awareness is the first step to recovery.

Comments  (4)


GoDaddy is Just One of the Dominoes That Doesn't Have to Fall

March 10, 2015 Added by:Yair Grindlinger

Cloud security is the responsibility of the enterprise.

Comments  (0)


Cyber Insurance: Managing the Risk

March 09, 2015 Added by:Tripwire Inc

Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations – but what actually is it?

Comments  (5)


Observations From Advisen Cyber Risk Conference March 3rd in San Francisco

March 09, 2015 Added by:Joe Weiss

The Conference was focused on data breach with heavy emphasis on recent large data breaches such as Anthem, Sony, Target, etc.

Comments  (4)


Resource Scarcity Plaguing Security Programs

March 05, 2015 Added by:Anthony M. Freed

A new study reveals that two-thirds of IT leaders across a broad range of industry verticals believe they lack the resources required to support a robust security program in the face of escalating security threats.

Comments  (10)


The ‘ABC’ of the ‘APT’

March 05, 2015 Added by:Tripwire Inc

The term APT (Advanced Persistent Threat), like many other acronyms in the world of IT/Information/Cyber Security entered our vocabulary some years ago, along with other partnering phrases, such as Advanced Evasion Techniques (AET), which at the time took the headlines as something new.

Comments  (5)


EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation

March 05, 2015 Added by:Electronic Frontier Foundation

EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).

Comments  (6)


Is Compliance Bad for Security?

March 04, 2015 Added by:Tripwire Inc

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true.

Comments  (3)


The Malicious Insider

March 03, 2015 Added by:Tripwire Inc

Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.

Comments  (2)

Page « < 3 - 4 - 5 - 6 - 7 > »