Budgets

E595c1d49bf4a26f8e14ce59812af80e

The Three Human Failures Behind Remote Access Shortcomings

November 26, 2014 Added by:Patrick Oliver Graf

Whenever news of a network security breach reaches the public airwaves, observers are quick to assign blame to some combination of technological shortcomings and human error that allowed an attacker to slip through the victim’s cyber defenses.

Comments  (1)

Fb2ec53c17a3a96651244839dabd6ec8

Data Classification for a Stronger Security Outlook

November 26, 2014 Added by:Steve Martino

While data must be protected, not all data is of equal importance and therefore not in need of the same level of protection. Security teams should consider the types of data that exist within their organizations and what security measures will work best for each.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Security or Checking a Box?

November 20, 2014 Added by:PCI Guru

What is your organization interested in? Security or checking a box? Not surprisingly, most people answer “security” and then go on to prove with their actions and words that they are only interested in checking a box.

Comments  (1)

B689dd1362bef7eb372a540d3b6e6287

Access Governance 101: Job Changes and Elevated Permissions

November 20, 2014 Added by:Identropy

Depending on the functionality and importance of your applications, databases and document folders, access should be reviewed periodically to ensure your organization is secure.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

MSSP Client Onboarding – A Critical Process!

November 17, 2014 Added by:Anton Chuvakin

Many MSSP relationships are doomed at the on-boarding stage when the organization first becomes a customer.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Tips for Writing Good Security Policies

November 13, 2014 Added by:Brent Huston

Almost all organizations dread writing security policies. When I ask people why this process is so intimidating, the answer I get most often is that the task just seems overwhelming and they don’t know where to start.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Three Danger Signs I Look for when Scoping Risk Assessments

November 12, 2014 Added by:Brent Huston

Scoping an enterprise-level risk assessment can be a real guessing game.

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Preventing and Recovering From Cybercrime

November 10, 2014 Added by:Pierluigi Paganini

Prevention means to secure every single resource involved in the business processes, including personnel and IT infrastructure.

Comments  (2)

7ddc1f3000a13e4dfec28074e9e7b658

What Makes a Good Security Audit?

November 10, 2014 Added by:Electronic Frontier Foundation

In order to have confidence in any software that has security implications, we need to know that it is has been reviewed for structural design problems and is being continuously audited for bugs and vulnerabilities in the code.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

MSSP: Integrate, NOT Outsource!

November 06, 2014 Added by:Anton Chuvakin

My early research conversations with both MSSP customers and providers themselves reveal the theme: those who think “integrate, NOT outsource” usually get much more value out of the MSSP relationship.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Remote Access No More: Reddit Requires Worker Relocation Before End of Year

November 05, 2014 Added by:Patrick Oliver Graf

To make sure remote workers are able to safely access their corporate network, administrators need to make sure that all endpoints – the company-owned devices employees use for remote work – are secure.

Comments  (1)

D36d0936f0c839be7bf2b20d59eaa76d

Can Hackers Get Past Your Password?

November 05, 2014 Added by:Steve Durbin

Password-based authentication is easy and familiar for customers, and is initially inexpensive for organizations to deploy at scale. But, while password-based authentication may be appropriate in some instances, it is no longer suitable for the wide range of services where it is currently being used.

Comments  (2)

65be44ae7088566069cc3bef454174a7

Risk Management is more than a Risk Assessment

November 04, 2014 Added by:Rebecca Herold

Every business, no matter how small, needs to have a risk management process in place to be able to effectively mitigate information security risks.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Is There a Business Case in Planning for Data Breaches?

October 30, 2014 Added by:Neohapsis

Sadly, even with sophisticated layers of defense, many organizations are facing similar thought processes of what to do “when” a data breach takes place rather than “if”.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On MSSP Personnel

October 30, 2014 Added by:Anton Chuvakin

A wise CSO once told me that in order to outsource a security process (such as security monitoring or device management) and achieve a great result, you have to know precisely how a great process of that kind looks like.

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Compliance-Based Infosec Vs Threat-Based Infosec

October 29, 2014 Added by:Brent Huston

Compliance-based infosec, when implemented correctly, is really the best kind of defense there is. The problem is, the only place I’ve ever seen it really done right is in the military.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »