Blog Posts Tagged with "Data Loss Prevention"


Healthcare Data and the (Private) Social Network

May 09, 2012 Added by:Danny Lieberman

Previously, we talked about the roles that trust, security and privacy play in online healthcare interactions. In this post we look at privacy challenges in social networks and describes how you can implement a private healthcare social network for without government regulation...

Comments  (0)


Logging: Opening Pandora's Box - Part 1 - Anxiety

May 09, 2012 Added by:Rafal Los

You're probably worried that log analysis is going to consume all of your time, or you'll find out that your organization has been pwn3d for years and all your data has been exfiltrated in real-time and your latest database is being copied off to China... aren't you?

Comments  (0)


The CERT Guide to Insider Threats

May 07, 2012 Added by:Ben Rothke

While there are many books on important security topics such as firewalls, encryption, identity management and more, The CERT Guide to Insider Threats is the one of the first to formally tackle the devastating problem of trusted insiders who misappropriate data...

Comments  (0)


Healthcare Data: I Trust You to Keep this Private

May 03, 2012 Added by:Danny Lieberman

In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...

Comments  (2)


What Good is PCI-DSS?

May 02, 2012 Added by:david barton

Credit card processors have valuable information that bad guys would love to get their hands on. So processors are the Fort Knox of the modern world. When bad guys are motivated, no amount of security can keep them out. Does that mean PCI-DSS standards are worthless?

Comments  (9)


Protecting Data in Use

April 26, 2012 Added by:Simon Heron

The security of data in use is about risk mitigation. However, with the current targeted attacks and the proliferation of zero day threats, the risk level is high. It is necessary that action is taken to implement the required precautions that reduce the risk to an acceptable level...

Comments  (0)


From Fraud to Infosec and Vice Versa... Part 2

April 23, 2012 Added by:Neira Jones

In my previous post I summarized fraud and how it relates to infosec. Key enablers used to defraud victims of all types cut across the landscape and often overlap, posing further challenges for quantifying their impact, but the classifications are nonetheless helpful...

Comments  (0)


The Fort Knox Approach to Security

April 23, 2012 Added by:PCI Guru

Most of you are protecting everything with equal rigor. Does everything need to be protected with the same thoroughness? Probably not and that is what makes infosec a difficult occupation. We neglect to delineate what needs the most protection and what does not need as much or any...

Comments  (0)


From Fraud to Infosec and Vice Versa... Part 1

April 18, 2012 Added by:Neira Jones

To all of you infosec professionals out there: one way to show you add value is get closer to your fraud colleagues and try to understand what their big ticket items are. You can even ask them the right questions as the big ticket items are more than likely those detailed here...

Comments  (0)


The Security Poverty Line and Junk Food

April 16, 2012 Added by:Wendy Nather

Organizations below the security poverty line tend to be inordinately dependent on third parties and have less direct control over the security of the systems they use. They end up ceding risk decisions to third parties that they ideally should be making themselves...

Comments  (2)


On Data Breach Containment

April 12, 2012 Added by:Rafal Los

You've heard us say for a while now that information security isn't about reaching some mythical state of 'secure' but rather a constant battle on the ever-changing front lines of your organization to minimize any damage that the evil hackers can do once they find an in...

Comments  (0)


Encryption: Myths and Must Knows

April 11, 2012 Added by:Rebecca Herold

Small to medium sized businesses have legal obligations to protect sensitive information, such as personally identifiable information. Here are some of the common long-held myths related to encryption misconceptions...

Comments  (0)


Beyond the Firewall – Data Loss Prevention

April 05, 2012 Added by:Danny Lieberman

It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, you’ve mitigated the threat. This paper reviews the taxonomies of advanced content flow monitoring that is used to audit activity and protect data inside the network...

Comments  (0)


Data Classification: Why it is Important for Information Security

April 02, 2012 Added by:Christopher Rodgers

Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...

Comments  (0)


Cloud Services Strategy: Security First - Growth Second

March 30, 2012 Added by:Richard Stiennon

Cisco, Juniper, Oracle, and Microsoft might have security initiatives and even good sales of security products. But security takes a back seat to functionality too often. Why are there no secure switches? Secure apps for Windows? Or secure databases?

Comments  (0)


Shutting Front and Back Door Access to Your Mobile Devices

March 27, 2012 Added by:Kevin Doel

A lost or stolen phone constitutes a serious security threat to the information on the device because the attacker has unlimited time to gain access to the secrets that are stored therein. Important personal information should not be stored in any unsecured note application...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »