March 19, 2013 Added by:Rafal Los
It's time to retire the "castle" analogy when it comes to talking about how real Information Security should behave. I still hear it used a lot, and if you walked around the show floor at RSA 2013 you noticed there is still a tremendous amount of focus and vendor push around 'keeping the bad guys out.'
February 01, 2013 Added by:Infosec Island
The recent attacks against the New York Times allegedly carried out by the Chinese military highlight the importance of layered security to protect sensitive systems and data.
January 29, 2013 Added by:Fergal Glynn
Technology, if used correctly and done in a collaborative manner can be incredibly powerful. It can help answer questions that otherwise would go unanswered. It has helped solve medical issues, predict an election with a high degree of accuracy, and enabled developers worldwide to identify software flaws...
January 17, 2013 Added by:Steven Fox, CISSP, QSA
Listening to bad brand statements is like sitting through a bad movie or comedy skit. Yes, I am among those who stand politely as a vendor tries to sell me something without bothering to determine what I actually care about. At least I get to learn about bad brand stories...
January 07, 2013 Added by:Ben Kepes
I’ve been a part of, or at least a witness to, a huge number of battles about what constitutes the “real cloud.” These battles seem to generally be fought on a Sunday afternoon U.S. time – that kind of suits me fine because it means the Monday mornings in my time zone have enough entertainment value to get me up and going.
December 13, 2012 Added by:Ben Kepes
It’s something I’m actually quite passionate about – not using management tools that force business units to adopt a particular solution that may or may not really meet their needs. It makes no sense and actually hampers the ability for cloud to deliver the benefits it promises...
November 25, 2012 Added by:Ben Kepes
TOS;DR aims to help with what is possibly the biggest lie on the internet, that which users make when they click that they have read, understood and accepted the terms of service of their provider. The fact is that no one reads them but rather vaguely hopes for the best...
November 06, 2012 Added by:Ben Kepes
As we move to broader scale cloud adoption, one would be excused for assuming that we’d reached a point where the definition of what constitutes IaaS is set in stone – true different vendors package up their virtual servers with different specs, but IaaS is, to a greater or lesser extent, a fixed concept...
October 29, 2012 Added by:Tripwire Inc
Cloud computing has increased productivity and decreased IT costs. However, there is a black lining to this particular cloud, as the benefits come at the price of giving up control, visibility and tracking data provenance...
October 28, 2012 Added by:Bill Gerneglia
If you are the CIO of your organization and you spent the last decade locking down your data center hardware, patching your OSs, developing a disaster recovery plan, and securing your applications are you really in a rush to move the operation and applications to the cloud?
September 26, 2012 Added by:Ben Kepes
The decision was made during the consultation process that universal design and accessibility issues should be outside the scope of the document. That was a necessary decision as the drive was to come up with a readily consumable document that vendors could easily comply with...
September 17, 2012 Added by:Ben Kepes
"The advent of cloud computing has removed infrastructure as a barrier to rapid and massive scaling of applications. [IaaS and Paas have] made it possible for a developer to create an application one day and have it utilized by hundreds of thousands of users the next..."
September 16, 2012 Added by:Bill Gerneglia
The face of corporate IT changes dramatically with a move to the cloud – no longer do people need to spend time racking and stacking servers, patching software and other low level tasks – the fact is that in the long run individual organizations will not have email server administrators, desktop software support personnel or systems administrators...
September 15, 2012 Added by:Rafal Los
Any application that was built to be secured independently of the environment will do as well in a public cloud as it did in your private data center. If you build the application to be low-risk independent of your environmental controls you shouldn't have to worry where it lives...
September 10, 2012 Added by:Bill Gerneglia
BYOD issues continue to cause headaches for IT departments. Security mandates grow exponentially as they struggle to prevent data leaks from private networks onto public clouds. The biggest concerns with public clouds are the loss of data and control of the location of that data...
Hacking Your Way Through Airports and Hotels... Ashley Stewart on 12-21-2013
Target Data Breach: Millions of In-Store Cre... Helen Baker on 12-19-2013
Eroding the Skills That Drive IT... Westley McDuffie on 12-17-2013