Blog Posts Tagged with "Information Security"
BYOD too Big for Twitter...
July 29, 2012 Added by:Boris Sverdlik
It's not a question of technology, it really isn't. The one problem that we keep running into is that user's don't want us installing things on their personal devices. It's the whole entitlement mentality that our users have somehow attained through all of our babying. That's the cost of using their resources...
Comments (1)
Companies That Give Back with Free Tools
July 25, 2012 Added by:Rob Fuller
Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...
Comments (2)
NSA Seeks Solutions for Secure Mobile Capabilities
July 23, 2012 Added by:Headlines
“First and foremost, our whole strategy from a classified mobility perspective is very much focused on commercial solutions for classified [communications]... It’s our intent that we would deliver, end-to-end, a solution that is reliant on all commercial components and we believe we can do that...”
Comments (0)
Another Angle on Big Data
July 22, 2012 Added by:Tripwire Inc
Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?
Comments (0)
About Antivirus, Security Awareness, Security Usability...
July 21, 2012 Added by:Ali-Reza Anghaie
No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...
Comments (0)
Throwing the Baby Out with the Bath Water
July 20, 2012 Added by:Scot Terban
You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...
Comments (3)
On Infosec Thought Followers
July 20, 2012 Added by:Dave Shackleford
The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...
Comments (2)
Coders Rights at Risk in the European Parliament
July 18, 2012 Added by:Electronic Frontier Foundation
By identifying and disclosing vulnerabilities, coders are able to improve security for every user who depends on information systems for their daily life and work. Yet recently, European Parliament debated legislation that threatens to create legal woes for researchers who expose security flaws...
Comments (0)
How to Become a Network Security Engineer
July 18, 2012 Added by:InfoSec Institute
While no two jobs are alike, there are some specific skills that will help network security engineers face the various challenges they will face day to day. What follows are just a handful of specific skills and duties required of network security engineers...
Comments (1)
Blame the Silver Heads?
July 17, 2012 Added by:Ian Tibble
The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...
Comments (4)
Infosec: Is it Really OK to Say No?
July 16, 2012 Added by:Scott Thomas
Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...
Comments (3)
Security: It’s All About (Human) Networking...
July 15, 2012 Added by:Tripwire Inc
Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...
Comments (0)
Advanced Persistent Threats: Separating the Unicorns from Reality
July 14, 2012 Added by:Rafal Los
APT - Advanced Persistent Threat has been the nervous topic for a long time now in Information Security. While there is a metric ton of misinformation and confusion about what constitutes an Advanced Persistent Threat, the thrust seems to be that once you're a target, you're a victim...
Comments (0)
Yahoo Voices Accounts Exposed and Available to the General Public
July 13, 2012 Added by:Marc Quibell
If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...
Comments (0)
What Actions Do Your Security Metrics Promote?
July 12, 2012 Added by:Tripwire Inc
“It is possible to focus on a single metric and drive it up or down, but wreak havoc on the organization through unintended side effects. Some organizations have to deal with some people “gaming the metrics”, which again can lead to unintended side effects. Other organizations use metrics as a way to begin a conversation..."
Comments (0)
Join Infosec Island and Tripwire at Black Hat USA 2012
July 10, 2012 Added by:Infosec Island Admin
Black Hat remains the biggest and the most important technical security conference series in the world by delivering timely, actionable security information in a vendor-neutral environment. Infosec Island would like to extend a special thanks to Tripwire for making possible our presence at the event...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)