Security Training
Fear Nothing: The Gamers Approach To Building a SOC
June 16, 2015 Added by:Seth Geftic
While it is not a silver bullet, the security teams that are most successful at defending their organizations have done so by standing up (or at least outsourcing) their own Security Operations Center (SOC).
Comments (0)
Cloud Security: It’s in the Cloud - But Where? (Part I)
June 15, 2015 Added by:Steve Durbin
Organizations are becoming increasingly dependent on their use of cloud services for business benefit both internally and when working with third party suppliers across multiple jurisdictions. However, while these services can be implemented quickly and easily, organizations need to have a clearer understanding of where their information is stored and how reliable these services are.
Comments (0)
Once More on Insta-Fail Security Policies – Rant Alert!
June 15, 2015 Added by:Anton Chuvakin
For a while, I was under impression that my deep disdain for “insta-FAIL security policies” (i.e. those written without any chance of ever being complied with, even during the policy-writing process) knows no equal.
Comments (0)
Security 2020: What Direction is Cyberspace Heading?
June 15, 2015 Added by:Dan Lohrmann
By almost any measure, cyber danger doubled last year and hackers are now breaking into enterprise systems, stealing sensitive data and causing business disruption at an unprecedented pace.
Comments (0)
Online Self-Policing: Check Yourself Before You Wreck Yourself
June 11, 2015 Added by:Lisa Huff
As we post to Facebook and Twitter, and share pictures via Instagram or Pinterest, we don’t stop to think about how our posts or pictures could come back to haunt us later in life.
Comments (0)
Prioritizing Patch Management Critical to Security
June 09, 2015 Added by:Brian Prince
Recent stats from the Verizon Data Breach report showed that many of the most exploited vulnerabilities in 2014 were nearly a decade old, and some were even more ancient than that.
Comments (0)
IT Security: Evolving to a Risk-Based Approach
June 09, 2015 Added by:Tripwire Inc
For those involved with securing privileged information, the news of the latest big breach plastered on every TV, website and newspaper commonly elicits a pair of simultaneous reactions: relief that it’s not your organization and dread that it could be the next time.
Comments (0)
Change Controls Are Still Necessary
June 08, 2015 Added by:Rebecca Herold
Over the years in the security classes I’ve taught, I’ve covered the importance of program change control management, and I wanted to continue the discussion here because as important as it is, it typically does not get the attention it deserves in most organizations.
Comments (0)
Trust-Based Security Models Ineffective: Researchers
June 04, 2015 Added by:Eduard Kovacs
The trust-based foundations of whitelisting make it more difficult for organizations to properly protect their networks against cyber threats, Kaspersky Lab researchers have warned.
Comments (0)
Concerns over Brand Security are Escalating
June 03, 2015 Added by:Peter Zavlaris
The unprecedented technological advancement seen over the last two decades has become a double-edged sword. As a result, information security has gone from being a tertiary IT function to a significant operational risk.
Comments (0)
Two's (Or More) Company: How to Use Two-Factor Authentication the Right Way
June 03, 2015 Added by:Patrick Oliver Graf
These days, you need a password to access every aspect of your digital life, and we all know how problematic that can be.
Comments (0)
Zero-Day Export Regulation Proposal Released for Public Comment
June 01, 2015 Added by:Anthony M. Freed
The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has released the proposal for regulatory control of the export of malware and zero-day exploits for a sixty-day public comment period, and the reaction from the security community and other interested parties is already definitively negative.
Comments (0)
Take Control of the Unsupervised BYOD Party
May 28, 2015 Added by:Michael Kienzle
Is your company’s BYOD (Bring Your Own Device) policy leaving your IT team feeling a bit uneasy? If so, perhaps it’s time for a CYOD or Choose Your Own Device policy.
Comments (0)
New Global Initiative Aims at Securing Smart Cities
May 28, 2015 Added by:Eduard Kovacs
Security researchers, companies and organizations have joined forces in a new non-profit global initiative whose goal is to secure smart cities.
Comments (0)
Threat Intelligence Sharing Valued, But Many Not Doing it: Survey
May 27, 2015 Added by:Brian Prince
Enterprises may largely agree that threat intelligence is important, but few are doing any actual sharing themselves, according to a new survey.
Comments (0)
Sign of the Times: Verizon Breach Report Tracks New Category
May 27, 2015 Added by:Peter Zavlaris
This year’s Verizon Data Breach Investigations Report (VDBIR) added a new category to its VERIS (Vocabulary for Event Recording and Incident Sharing) to track attacks with “secondary” motives.
Comments (0)
- SAP Cyber Threat Intelligence Report – April 2018
- Cloud Security Alert – Log Files Are Not the Answer
- Avoiding Holes in Your AWS Buckets
- The Three Great Threats to Modern Civilization
- 2020 Vision: How to Prepare for the Future of Information Security Threats
- Why Data Loss Prevention Will Suffer the Same Fate as Anti-Virus
- Unconventional Thinking — Four Practices to Help Mitigate Risk
- The Night the Lights Went out in Georgia (Almost)
- Is Blockchain Really Disruptive in Terms of Data Security?
- Half-Baked Security Approaches: What Cybersecurity Can Learn from Legal Weed