Blog Posts Tagged with "Enterprise Security"
December 25, 2012 Added by:Alexander Polyakov
ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...
December 25, 2012 Added by:Paul Kenyon
Considering this speed of change, taking a moment to reflect on the security risks ahead is not only prudent, but could save your organization from being blindsided. From my view, here's what I'd recommend organizations, from SMBs to the enterprise, prepare for in 2013...
December 19, 2012 Added by:Rafal Los
Say you're a sizeable institution here and that over the last two decades you've amassed lots of platforms that run your business, in a time before the Information Security organization did much more than install anti-virus on your desktop... and now that technical debt has come back to haunt you...
December 10, 2012 Added by:Paul Kenyon
In organizations where IT policy hasn’t been enforced or where users expect to have full autonomy over PCs, the transition to least privilege desktops must be carefully planned, so the IT department doesn’t face a user revolt. Make sure to set users’ expectations accordingly...
December 09, 2012 Added by:Jeffrey Carr
Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...
December 09, 2012 Added by:Simon Moffatt
The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...
December 08, 2012 Added by:Tripwire Inc
Incident Management is particularly interesting in the light of the recent attacks on Vmware, Symantec and a host of other companies and internet properties. It all boils down to a fairly straight forward question…when an incident occurs, how does your security team respond?
December 06, 2012 Added by:Matthew McWhirt
The traditional concept of enterprise security monitoring typically encompasses observing and mitigating threats at the perimeter of the organization. While there is still a necessity for this model of security monitoring, the true notion of enterprise continuous monitoring practices must include a focus on the host...
December 03, 2012 Added by:Randall Frietzsche
In the broad spectrum of activities which might be called Information Security, we must always first and foremost implement, execute and follow through with risk management. Risk management is the backbone or foundation of any good information security program...
November 29, 2012 Added by:Tripwire Inc
For years security vendors have been able to play off the general fears of malware and cyber attacks. As the scope of protecting data has become more complex, we’ve slowly learned that deploying more security controls alone is not a risk management solution...
November 28, 2012 Added by:Stacey Holleran
Small business owners often don't have someone who is versed in network security. So when they are told they need a “network penetration test” to comply with PCI DSS, many will contact the growing number of companies offering inexpensive testing services...
November 27, 2012 Added by:Thomas Fox
If you have not had the opportunity to attend a compliance-related conference tailored to the challenges of working in the Far East this would be the one for you. Even if you have attended such an event, this conference focuses on China and will give you insight into how to do business...
November 25, 2012 Added by:Ben Kepes
TOS;DR aims to help with what is possibly the biggest lie on the internet, that which users make when they click that they have read, understood and accepted the terms of service of their provider. The fact is that no one reads them but rather vaguely hopes for the best...
November 24, 2012 Added by:Fergal Glynn
No matter what you believe, you need to understand the security threats that come along with BYOD and how to best protect yourself and your business against them. Join Joe Worker and Joe IT as we walk you through the basics of BYOD and mobile security...
November 19, 2012 Added by:Robb Reck
In our last post we discussed how to deal with resource scarcity and why the only effective strategy involves reducing the team’s scope. In this post I will dive into how we can reduce the information security team’s scope of work while preserving the value delivered to the business to the greatest extent possible...
November 18, 2012 Added by:Rafal Los
The worst thing that can happen to a CISO is to get trapped in the ROI Death Spiral. I know, I know, we’ve all been told that we need to justify cost, manage expense, use the tools our companies provide us, etc. CISOs that don’t play by the rules won’t get anywhere...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015