Blog Posts Tagged with "Enterprise Security"
March 18, 2012 Added by:Rafal Los
Every year we see tons of new development frameworks from IP telephony to something else the business wants - mobility, cloud, consumerization - that information security professionals only start to address and understand just as they're starting to go out of style...
March 16, 2012 Added by:Rafal Los
Have you ever wondered why enterprise security people are so downtrodden? Baffled by the impossible arrogance of penetration testers when they laugh at corporate security postures? The bottom line: people have always been and will always be the Achilles heel...
March 16, 2012 Added by:Headlines
"Organizations that do plan to beef up their security capabilities will have a difficult time this year. Just under half believe it will be harder this year than in the past to find malware analysts and a similar number state they will have less time to train analysts this year..."
March 15, 2012 Added by:Jeffrey Carr
The U.S. will only begin to save its intellectual property from cyber thieves when corporate boards of directors force CEOs to inventory, segregate and monitor their critical data in real time which usually means re-architecting their entire network...
March 15, 2012 Added by:Wendy Nather
If you have parts of your infrastructure outsourced, go over your contracts with your providers. You want them to be able to give you logs within a few minutes of the request and have the right technical support without fighting your way through first-level script-readers...
March 14, 2012 Added by:Neira Jones
Organisations need to ask cloud providers to disclose security controls and how they are implemented, and consuming organisations need to know which controls are needed to maintain the security of their information. Lack of thoroughness can lead to detrimental outcomes...
March 14, 2012 Added by:Rafal Los
Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...
March 13, 2012 Added by:Headlines
"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."
March 13, 2012 Added by:Rafal Los
Is the CISO willing to take on more business-focused responsibilities, and look at information security from a less technical solution-oriented perspective - and if so is that sustainable? If you're looking for advice I have a little bit here for you...
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
March 12, 2012 Added by:J. Oquendo
When "experts" start believing their own hodge-podge of "truths", it spreads like a cancer and ends up in the ears of decision makers. When will security pros stop focusing on marketing in hopes of selling shares of the Brooklyn Bridge and focus on actually securing something?
March 12, 2012 Added by:Rafal Los
What does the reported capture of the LulzSec hacking team leadership mean to the Internet? It means there will be a frenzy of jokes, outrage and sensationalism around this hacking group again. What does this reported capture mean to you in corporate security? Not a thing...
March 11, 2012 Added by:Neira Jones
The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...
March 10, 2012 Added by:Ben Rothke
Moving services to a public cloud means increasing your exposure to malicious attacks. This is not a potential increase, rather a definite increase. It is important to determine how well a cloud provider handles both technical and security requirements...
March 08, 2012 Added by:Pierluigi Paganini
Computer fraud, phishing, and malware development designed to steal sensitive information from users, the use of advanced persistent threats, ramsonware, and cyber espionage are all activities united by the intent to profit from the improper use of technology...
March 07, 2012 Added by:Rafal Los
The problem that exists with all these risk reduction measurements is that they're impossible to quantify. There is simply no way to say that by doing X you've reduced risk by Y% - at least not when you don't know the total number of issues that exist. And therein lies the problem...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013