Blog Posts Tagged with "Enterprise Security"
Risky Business
December 03, 2012 Added by:Randall Frietzsche
In the broad spectrum of activities which might be called Information Security, we must always first and foremost implement, execute and follow through with risk management. Risk management is the backbone or foundation of any good information security program...
Comments (0)
Fifteen Tips to Improve Your Infosec Risk Management Practice
November 29, 2012 Added by:Tripwire Inc
For years security vendors have been able to play off the general fears of malware and cyber attacks. As the scope of protecting data has become more complex, we’ve slowly learned that deploying more security controls alone is not a risk management solution...
Comments (0)
Pen Test vs. Vulnerability Scan: You know the difference, but do they?
November 28, 2012 Added by:Stacey Holleran
Small business owners often don't have someone who is versed in network security. So when they are told they need a “network penetration test” to comply with PCI DSS, many will contact the growing number of companies offering inexpensive testing services...
Comments (5)
Beacon Events Compliance Conference in Beijing – I Wish I Could Be There
November 27, 2012 Added by:Thomas Fox
If you have not had the opportunity to attend a compliance-related conference tailored to the challenges of working in the Far East this would be the one for you. Even if you have attended such an event, this conference focuses on China and will give you insight into how to do business...
Comments (0)
On Terms of Service, and a Global Code
November 25, 2012 Added by:Ben Kepes
TOS;DR aims to help with what is possibly the biggest lie on the internet, that which users make when they click that they have read, understood and accepted the terms of service of their provider. The fact is that no one reads them but rather vaguely hopes for the best...
Comments (0)
Why You Should Care About Mobile Security: An Infographic
November 24, 2012 Added by:Fergal Glynn
No matter what you believe, you need to understand the security threats that come along with BYOD and how to best protect yourself and your business against them. Join Joe Worker and Joe IT as we walk you through the basics of BYOD and mobile security...
Comments (1)
Resource Scarcity in Information Security - Part 2
November 19, 2012 Added by:Robb Reck
In our last post we discussed how to deal with resource scarcity and why the only effective strategy involves reducing the team’s scope. In this post I will dive into how we can reduce the information security team’s scope of work while preserving the value delivered to the business to the greatest extent possible...
Comments (0)
The Security ROI "Death Spiral"
November 18, 2012 Added by:Rafal Los
The worst thing that can happen to a CISO is to get trapped in the ROI Death Spiral. I know, I know, we’ve all been told that we need to justify cost, manage expense, use the tools our companies provide us, etc. CISOs that don’t play by the rules won’t get anywhere...
Comments (0)
You Believe It Because "I" Wrote It
November 14, 2012 Added by:Jim Palazzolo
Besides sheer entertainment, my objective is to practice my ability to create deception. It has been my observation that security personnel must be able to spot deception. Whether it’s covert channels or fake ID’s, deception is a very powerful tool that can be used both offensively and defensive...
Comments (0)
I lost my theory of mind… or Where my mind at?
November 13, 2012 Added by:Will Tarkington
Without the theory of mind everything that social engineers do or attempt to do would fail. The theory of mind is basically one’s ability to differentiate perspectives. From perspective comes intention, from intention comes reaction, and from reaction comes reward (or failure)...
Comments (1)
BYOD savings may be lost by security and admin costs
November 12, 2012 Added by:Rainer Enders
Companies need to mobilize, that is without question -- but for too long BYOD has become nearly synonymous with this effort. In reality, BYOD is just one of the ways enterprises can mobilize, and in many cases, it is not the most secure, or necessarily the most cost-efficient way to do so...
Comments (0)
Security and Privacy Concerns for Mobile Devices
November 11, 2012 Added by:Dan Dieterle
BYOD (Bring your own Device) is one of the latest tech fads. Bring in that tablet or smart phone from home and we will hook it right up to our corporate network for you! What a great thing, and the IT staff just loves it too. But there are some serious concerns about mobile devices...
Comments (0)
BYOD Costs are Rising
November 11, 2012 Added by:Bill Gerneglia
Recent research demonstrates some of the quantifiable benefits and complexities associated with allowing employees to use their own mobile devices on their employers' networks. Most organizations are now enabling BYOD in the enterprise...
Comments (0)
Buzzword Compliance Not Enough: Must Haves for Meaningful Use
November 08, 2012 Added by:Danny Lieberman
Many technology vendors tout the idea of self management, and the advantages of mobile healthcare apps, virtual visits, tablets and e-detailing but in fact, a face-to-face relationship with a doctor is more powerful than a digital relationship alone. We don’t need Sherry Turkle to tell us that...
Comments (0)
Infosec’s Most Dangerous Game: Groupthink
November 07, 2012 Added by:Dave Shackleford
These days, I am very, very afraid for the future of CISOs. Over the past few years, and specifically the past 12 months, I have become increasingly alarmed at the level of “groupthink” and “synchronized nodding” going on with security executives. Here are some of the things I am seeing...
Comments (0)
CloudSigma and the Perils of Choice
November 06, 2012 Added by:Ben Kepes
As we move to broader scale cloud adoption, one would be excused for assuming that we’d reached a point where the definition of what constitutes IaaS is set in stone – true different vendors package up their virtual servers with different specs, but IaaS is, to a greater or lesser extent, a fixed concept...
Comments (0)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox