Blog Posts Tagged with "Enterprise Security"
Three Key Take-Aways from Black Hat Europe 2012
March 18, 2012 Added by:Rafal Los
Every year we see tons of new development frameworks from IP telephony to something else the business wants - mobility, cloud, consumerization - that information security professionals only start to address and understand just as they're starting to go out of style...
Comments (0)
Enterprise Security's Achilles Heel
March 16, 2012 Added by:Rafal Los
Have you ever wondered why enterprise security people are so downtrodden? Baffled by the impossible arrogance of penetration testers when they laugh at corporate security postures? The bottom line: people have always been and will always be the Achilles heel...
Comments (0)
Malware Development Exceeding IT Security Capabilities
March 16, 2012 Added by:Headlines
"Organizations that do plan to beef up their security capabilities will have a difficult time this year. Just under half believe it will be harder this year than in the past to find malware analysts and a similar number state they will have less time to train analysts this year..."
Comments (0)
Commerce Secretary Bryson Doesn't Understand Cyber Espionage
March 15, 2012 Added by:Jeffrey Carr
The U.S. will only begin to save its intellectual property from cyber thieves when corporate boards of directors force CEOs to inventory, segregate and monitor their critical data in real time which usually means re-architecting their entire network...
Comments (0)
Going Back to the Stack
March 15, 2012 Added by:Wendy Nather
If you have parts of your infrastructure outsourced, go over your contracts with your providers. You want them to be able to give you logs within a few minutes of the request and have the right technical support without fighting your way through first-level script-readers...
Comments (0)
Understanding Cloud Security Part Two
March 14, 2012 Added by:Neira Jones
Organisations need to ask cloud providers to disclose security controls and how they are implemented, and consuming organisations need to know which controls are needed to maintain the security of their information. Lack of thoroughness can lead to detrimental outcomes...
Comments (0)
The Patchwork Cloud - What's the Deal with Cloud Security?
March 14, 2012 Added by:Rafal Los
Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...
Comments (0)
CyLab Report: Corporate Boards Neglecting Cyber Security
March 13, 2012 Added by:Headlines
"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."
Comments (0)
Is it Time to Reinvent the CISO?
March 13, 2012 Added by:Rafal Los
Is the CISO willing to take on more business-focused responsibilities, and look at information security from a less technical solution-oriented perspective - and if so is that sustainable? If you're looking for advice I have a little bit here for you...
Comments (1)
It’s Back: March Madness Higher Education Data Breach Brackets
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
Comments (0)
The Emperor's Advanced Persistent Clothing
March 12, 2012 Added by:J. Oquendo
When "experts" start believing their own hodge-podge of "truths", it spreads like a cancer and ends up in the ears of decision makers. When will security pros stop focusing on marketing in hopes of selling shares of the Brooklyn Bridge and focus on actually securing something?
Comments (3)
Don't Get Lulzed - Three Tips for Avoiding Headline Hysteria
March 12, 2012 Added by:Rafal Los
What does the reported capture of the LulzSec hacking team leadership mean to the Internet? It means there will be a frenzy of jokes, outrage and sensationalism around this hacking group again. What does this reported capture mean to you in corporate security? Not a thing...
Comments (1)
Understanding Cloud Security Part One
March 11, 2012 Added by:Neira Jones
The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...
Comments (0)
To the Cloud: Cloud Powering an Enterprise
March 10, 2012 Added by:Ben Rothke
Moving services to a public cloud means increasing your exposure to malicious attacks. This is not a potential increase, rather a definite increase. It is important to determine how well a cloud provider handles both technical and security requirements...
Comments (0)
New Opportunities for Cyber Espionage and Cyber Crime
March 08, 2012 Added by:Pierluigi Paganini
Computer fraud, phishing, and malware development designed to steal sensitive information from users, the use of advanced persistent threats, ramsonware, and cyber espionage are all activities united by the intent to profit from the improper use of technology...
Comments (0)
Quantifying Risk Reduction with an Unknown Denominator
March 07, 2012 Added by:Rafal Los
The problem that exists with all these risk reduction measurements is that they're impossible to quantify. There is simply no way to say that by doing X you've reduced risk by Y% - at least not when you don't know the total number of issues that exist. And therein lies the problem...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)