Blog Posts Tagged with "Information Security"
August 14, 2013 Added by:Bill Wheeler
Recent reports have found that cyberattacks against U.S. corporations are on the rise, along with an increase in international threats, especially from China, and emerging threats to small businesses. Today, it’s not a matter of if an organization will be the victim of a cyberattack, but when.
July 08, 2013 Added by:Jim Palazzolo
Before you protect the data, find the data. Before you create security controls, find the assets. Before you think about the future, find the blueprints for today. Before you attempt to know others, know yourself first.
June 20, 2013 Added by:Eric Chiu
In a competitive business environment, reputation is a critical differentiator. Any company that suffers from a major data breach, instigated by an employee with a small grudge and big access, could face devastating consequences to the corporate brand, and to the bottom line.
April 19, 2013 Added by:Rafal Los
In just about every organization (with little exception) there are more things to defend than there are resources to defend with. Remember playing the game of Risk, when you were a kid? Maybe you still have the game now... amazing how close to that board game your life in InfoSec is now, isn't it?
March 12, 2013 Added by:Simon Moffatt
The view of IAM 1.0 (enterprise provisioning) and IAM 2.0 (federated identity, 'cloud' services and so) is continually evolving and it's pretty clear that identity management now has a greater role to play for many organisations, as they look to embrace things like increased mobility and out sourced service driven applications.
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
February 15, 2013 Added by:Robert Siciliano
In 2012, security challenges we faced were often the ribbon cuttings and business plans that startup criminal organizations launched. In 2013, those criminal enterprise business plans will come together—and we need to be ready.
February 12, 2013 Added by:Robert Siciliano
Sometimes it’s the worst things that can happen that become the eye-opening best things that effect positive change. The year 2012 saw numerous high-profile data breaches, epic hacks, full-on hacktivism and lots of major identity theft ring busts.
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
December 25, 2012 Added by:Alexander Polyakov
ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...
December 17, 2012 Added by:Keith Mendoza
ZD Net had an article entitled "Kernel vulnerability places Samsung devices at risk" and I thought "so, what's new" until I followed the link to the forum post on xda-developers. Then I just lost it because I'm certain that this is a result of plain and simple laziness...
December 09, 2012 Added by:Steven Fox, CISSP, QSA
Hacker Halted 2012 was full of personalities; executives, technologists, students and security enthusiasts – each one with stories that fueled conversations and debate. Technical and business erudition dominated the speaker sessions and the hacking competitions...
December 09, 2012 Added by:Simon Moffatt
The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...
November 12, 2012 Added by:Joel Harding
Now that IO has a new definition, there is no longer a clear cut way to divide up the parts. My friend and mentor, Dr. Dan Kuehl, invented a model I like to use, called the Three C model. ‘What we do’ can be divided into Connectivity, Content and Cognitive...
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013
Projectile Dysfunction... ryan mccarthy on 12-01-2013
Mobile Security: Tips for Using Personal Dev... Shah Alam on 11-30-2013