Blog Posts Tagged with "Enterprise Security"

Ffc4103a877b409fd8d6da8f854f617e

HP Urges Customers to Rethink Security Strategy

September 17, 2013 Added by:InfosecIsland News

HP today announced new products and services that enable enterprises to disrupt the adversary marketplace, manage risk and extend their security capabilities to better protect themselves against a growing threat landscape.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Deconstructing Defensible - Defensible is not the Same as Secure

April 02, 2013 Added by:Rafal Los

This post and the few that follow will go through the five basic ideas behind defensibility and why defensible is a state we should be striving for as enterprise security professionals.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Defending the Corporate Domain: Strategy and Tactics

March 27, 2013 Added by:Rafal Los

Strategy without accompanying tactics is a lost cause. Tactics without a solid footing in strategy is an expensive lost cause. The maturity of an organization's security team is directly proportional to their ability to have a foundational strategy and be able to implement tactical measures and feedback to adjust to changing conditions in order to defend adequately.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Castle Has No Walls - Introducing Defensibility as an Enterprise Security Goal

March 19, 2013 Added by:Rafal Los

It's time to retire the "castle" analogy when it comes to talking about how real Information Security should behave. I still hear it used a lot, and if you walked around the show floor at RSA 2013 you noticed there is still a tremendous amount of focus and vendor push around 'keeping the bad guys out.'

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Enterprise Software Security - The 2 Major Viable Models

March 16, 2013 Added by:Rafal Los

I can't even express how good it is to be back in the field, solving problems and working with the enterprises again. It's interesting how little the landscape changes in software security and how many of the same challenges that existed during my GE days (2003-2008) are still around today.

Comments  (0)

E973b16363b3de77b360563237df7e32

Ensuring Continuity of Services During Change Incidents

January 25, 2013 Added by:Bozidar Spirovski

Services are most vulnerable during change. Continuity of service needs to be ensured during change, and large portions of several ISO and BSI standards are focused on proper management of change. However well controlled, an incident can occur during the change, thus causing failure of service...

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

Are you meeting your perceived security obligations?

January 19, 2013 Added by:Tripwire Inc

Security professionals today identify lack of qualified talent and lack of organizational funding as a key problem to their daily job; which probably implies that they are doing what they can with what they have; which likely may not meet expectations...

Comments  (0)

369dec31d888693bba6b6e0f39c14ce3

The Importance of Sample Size in Social Engineering Tests

January 16, 2013 Added by:Matt Neely

Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information security professionals use what I call Gut 1.0 to make decisions based on gut feel...

Comments  (0)

1de705dde1cf97450678321cd77853d9

What's Next For BYOD - 2013 And Beyond

December 30, 2012 Added by:Ian Tibble

The business case is inconclusive, with plenty in the "say no to BYOD" camp. The security picture is without foundation - we have a security nightmare with user devices, regardless of who owns the things...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

ESB Security Spotlighted At ZeroNights 2012

December 25, 2012 Added by:Alexander Polyakov

ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...

Comments  (0)

942a200514c2a9d79858ce6355c40614

Prediction: BYOD May Go Away in 2013

December 25, 2012 Added by:Paul Kenyon

Considering this speed of change, taking a moment to reflect on the security risks ahead is not only prudent, but could save your organization from being blindsided. From my view, here's what I'd recommend organizations, from SMBs to the enterprise, prepare for in 2013...

Comments  (3)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Ultra-Legacy Problem - Systems so old...

December 19, 2012 Added by:Rafal Los

Say you're a sizeable institution here and that over the last two decades you've amassed lots of platforms that run your business, in a time before the Information Security organization did much more than install anti-virus on your desktop... and now that technical debt has come back to haunt you...

Comments  (3)

942a200514c2a9d79858ce6355c40614

Managing the Social Impact of Least Privilege

December 10, 2012 Added by:Paul Kenyon

In organizations where IT policy hasn’t been enforced or where users expect to have full autonomy over PCs, the transition to least privilege desktops must be carefully planned, so the IT department doesn’t face a user revolt. Make sure to set users’ expectations accordingly...

Comments  (0)

296634767383f056e82787fcb3b94864

Flipping Malware: A Profit Opportunity for Corporate IT Departments

December 09, 2012 Added by:Jeffrey Carr

Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...

Comments  (1)

65c1700fde3e9a94cc060a7e3777287c

Information Security: Why Bother?

December 09, 2012 Added by:Simon Moffatt

The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

How I Learned to Love Incident Management

December 08, 2012 Added by:Tripwire Inc

Incident Management is particularly interesting in the light of the recent attacks on Vmware, Symantec and a host of other companies and internet properties. It all boils down to a fairly straight forward question…when an incident occurs, how does your security team respond?

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »