August 30, 2012 Added by:InfoSec Institute
"Penetration testers, the guys that come onto the sites—they’re highly in demand... In terms of technology, I think these guys see security in a different light than other people. They sort of can see it as a whole picture. Penetration testers are looking at it in a completely different light...."
August 26, 2012 Added by:Scot Terban
Vote for the horsemen. If not me, then the others for a bigger point here. Those of you who take the ISC and CISSP seriously need to look at your org. Do you think that any with this certification are good at what we do because we took a test and adhere to some ethics rules the board ignores when they see fit?
August 23, 2012 Added by:Dave Shackleford
OK, so it’s not really worthless. So what do I propose? I say scrap the whole thing. Start over. Build a cert and program that tests fundamental skills and means something to employers who really need things done. Offer existing cert holders one year and a free test to get the new one. Otherwise, they’re out...
August 22, 2012 Added by:Randall Frietzsche
So what is an Infosec professional? Like the Samurai we're really warriors, we're soldiers in a battle of good vs. not-so-good. We craft our skills, we increase our knowledge, we strive to be better than those who might do our Enterprises harm, breach our castle walls and loot our treasures of data and services...
August 22, 2012 Added by:Security BSides
The goal of Security BSides is to expand the conversation beyond the traditional confines. BSides creates opportunities to both present and participate in an atmosphere that encourages collaboration. It is where conversations for the next-big-thing are happening. You don’t want to miss it...
August 16, 2012 Added by:Security BSides
It’s time to revive this tradition and bring it to the modern day security conference. From an open call to the world, twelve teams representing hackerspaces and maker groups will be selected to come to Las Vegas to compete in four categories in front of a panel of judges to demonstrate what they have accomplished...
August 16, 2012 Added by:Michael Gregg
For almost 20 years, the only way to obtain the CISSP certification was by completing a six-hour, 250 question, paper-based exam. That is being replaced with an electronic version. This change in test delivery should have candidates thinking about how to successfully deal with the new electronic format...
August 14, 2012 Added by:Pete Herzog
We need to get teenagers to realize how small they are in a big field. Hacking is a huge field and the one who knows the most about how things work is going to be the most powerful. That teaches students to respect that small bit of power they get from the lessons and to keep teaching things to themselves...
August 09, 2012 Added by:Michelle Drolet
There’s no one-size-fits-all solution. In creating a policy you have to consider what devices to support, how much access to give them, and what kind of budget to allocate. Do you have specific compliance issues? Are you willing to subsidize data plans or device purchases? How do you ensure company data is secure?
August 05, 2012 Added by:Stacey Holleran
If your organization were to experience a serious disruption in network connectivity due to a weather event, a fire or a cyber attack, how quickly could it resume business operations? Which people, processes and technologies would be involved in the recovery? How can you be sure nothing has been overlooked?
August 03, 2012 Added by:Tripwire Inc
The sessions felt somewhat lack-luster – a lot of what I was hearing had been said before. Many of the conversations were consistent with other events and the topics felt replayed. The horrifically long coffee queue at Starbucks provided me with time to people watch, so here are my Black Hat 2012 observations...
August 01, 2012 Added by:Boris Sverdlik
The upside for being in Vegas for BlackHat is that BSidesLV runs concurrently. BSides always tend to be much better events. The attendees are rarely the vendor mouthpiece types and this alone makes the conference enjoyable. I had attended more talks at BSides than I have at other conferences combined this year....
July 31, 2012 Added by:Dan Klinedinst
I just got home from the "Vegas week" of Black Hat, BSidesLV, and DefCon. I love many things about each, and each has things I wish they'd do better. This is true of all the conferences I've attended. However, a few questions are lingering in my mind after Vegas, possibly due to the effects of sleep deprivation...
July 31, 2012 Added by:Brent Huston
Disregard tales of drunken hackers menacing Vegas hotels, changing signs and doing social engineering attacks. They are good for amusement and awareness, but they are NOT really useful as a lens for viewing your organization’s risk or the steps you should be taking to protect your data. Instead, stick to the basics...
July 31, 2012 Added by:Scot Terban
With the advent of Anonymous and Stuxnet and the nascent idea of the internet becoming a “digital nation state” we all have to be mindful that while the technologies out there are a commodity, so too are we in the great game of cold war intelligence and cyber war. We are the commodity that makes the new exploit...
July 23, 2012 Added by:Infosec Island Admin
The NATO Cooperative Cyber Defence Centre of Excellence has developed an online Cyber Defence Awareness course that aims to enhance the general user’s awareness of cyber security risks and measures to mitigate those risks. The course may be accessed through the NATO Joint Advanced Distributed Learning portal...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013