Information Security

0a8cae998f9c51e3b3c0ccbaddf521aa

Another Reason Hacking Back is Probably a Bad Idea

June 20, 2013 Added by:Rafal Los

Private industry and corporations alike are talking about “hack-back.” It’s no secret I believe that “hack-back” is a bad idea, for many reasons.

Comments  (3)

1488d8c03dfd3125db25b6aec94dcf92

Brand Damage Through Information Access

June 20, 2013 Added by:Eric Chiu

In a competitive business environment, reputation is a critical differentiator. Any company that suffers from a major data breach, instigated by an employee with a small grudge and big access, could face devastating consequences to the corporate brand, and to the bottom line.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

20 Critical Security Controls: Control 13 – Boundary Defense

June 18, 2013 Added by:Tripwire Inc

This post is all about Control 13 of the CSIS 20 Critical Security Controls – Boundary Defense. Here we explore the (29) requirements I’ve parsed out of the control.

Comments  (0)

890b3a52d134186c048e1d845daae070

From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget

June 14, 2013 Added by:Vinod Mohan

Given the expanding threat landscape for the SMB and the increased demand for affordable IT security tools, here are five valuable tips for IT pros that help shed light on managing enterprise security on a budget.

Comments  (0)

1de705dde1cf97450678321cd77853d9

Scangate Re-visited: Vulnerability Scanners Uncovered

June 12, 2013 Added by:Ian Tibble

The notion that VA tools really can be used to give a decent picture of vulnerability is still heavily embedded, and that notion in itself presents a serious vulnerability for businesses.

Comments  (0)

5c549756b3c0b3d5c743158a72ce3809

Identity Management: The First Step in Protecting from the Inside Out

June 07, 2013 Added by:Michael Fornal

Identity Management applications are slowly gaining speed in the security realm as an important tool in managing provisions of an applications or to aid in gaining a handle on compliance and identity governance.

Comments  (0)

69fd9498e442aafd4eb04dfdfdf245c6

Managing My Company’s Security is a Nightmare

May 17, 2013 Added by:Luis Corrons

IT Departments are very often one step behind users, and unfortunately in most cases there is no real control over all devices on the corporate network. Despite perimeter solutions still being a necessity, the corporate perimeter must now expand to include new devices (mainly smartphones and tablets) that also handle confidential corporate information.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Complimentary IT Security Resources [May 13, 2013]

May 13, 2013 Added by:InfosecIsland News

As an Infosec Island reader, we are pleased to offer you the following complimentary IT security resources for the week of May 13, 2013.

Comments  (0)

5c549756b3c0b3d5c743158a72ce3809

Do You Have a Vendor Security Check List? You Should!

May 09, 2013 Added by:Michael Fornal

A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Deconstructing 'Defensible' - Too Many Assets, not Enough Resources

April 19, 2013 Added by:Rafal Los

In just about every organization (with little exception) there are more things to defend than there are resources to defend with. Remember playing the game of Risk, when you were a kid? Maybe you still have the game now... amazing how close to that board game your life in InfoSec is now, isn't it?

Comments  (0)

8e6e3972318ff74b194801340248199e

DLP and Business Needs

April 16, 2013 Added by:Scott Thomas

Most non-IT people know about DLP only when the IT organization contacts them to let them know they did something they shouldn't have. For those of us that have to deal with the policies, the alerts, and sending those notices, it can be more complicated.

Comments  (0)

36317a78f97d1d6d7a02333ad01186fa

New Approaches for Blocking Zero-Day Exploits to Prevent APTs

April 16, 2013 Added by:George Tubin

Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. An endpoint protection approach that provides both effectiveness and manageability must begin with an understanding of the attack vectors that require mitigation.

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

Are We Ready to be Consumers of Security Intelligence?

April 15, 2013 Added by:Tripwire Inc

Security teams need the right skills in order to ‘ready’ themselves for action, and before we get to engage in some some really advanced security intelligence, big data analysis, haddop, threat intelligence and a myriad of other buzz words, we will need to be able to accomplish the basics first.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Enter the CISO: Torchbearer of Security and Risk Management

April 06, 2013 Added by:Anthony M. Freed

In a convergence culture, accountability for risk is accepted across the organization, and when that happens, risk management becomes a priority to the business, informing strategy and objectives. By helping identify and mitigate risk across finance, operations and IT, the CISO puts security in context of what could affect profit.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Defending the Corporate Domain: Strategy and Tactics

March 27, 2013 Added by:Rafal Los

Strategy without accompanying tactics is a lost cause. Tactics without a solid footing in strategy is an expensive lost cause. The maturity of an organization's security team is directly proportional to their ability to have a foundational strategy and be able to implement tactical measures and feedback to adjust to changing conditions in order to defend adequately.

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Congress is Hurting the U.S. Regarding Cybersecurity

March 19, 2013 Added by:Joel Harding

If Congress doesn’t wake up and begin asking serious questions around cybersecurity, their inattention is going to cause us great harm in the coming years.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »