Blog Posts Tagged with "Information Security"


Don’t Freak Out, It was Only DefCon

July 31, 2012 Added by:Brent Huston

Disregard tales of drunken hackers menacing Vegas hotels, changing signs and doing social engineering attacks. They are good for amusement and awareness, but they are NOT really useful as a lens for viewing your organization’s risk or the steps you should be taking to protect your data. Instead, stick to the basics...

Comments  (1)


Cyber: Boundless Nonsense

July 31, 2012 Added by:Don Eijndhoven

What is neutral behavior in the context of cyber warfare? Are you, as a neutral country obliged to drop all traffic between these two waring nations that crosses your networks? And if you’re not, are you obliged to make sure none of the cyber attacks are originating from compromised systems within your borders?

Comments  (8)


Information Security, Hackers, and Vigilance

July 30, 2012 Added by:Tripwire Inc

The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...

Comments  (0)


BYOD too Big for Twitter...

July 29, 2012 Added by:Boris Sverdlik

It's not a question of technology, it really isn't. The one problem that we keep running into is that user's don't want us installing things on their personal devices. It's the whole entitlement mentality that our users have somehow attained through all of our babying. That's the cost of using their resources...

Comments  (1)


Companies That Give Back with Free Tools

July 25, 2012 Added by:Rob Fuller

Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...

Comments  (2)


NSA Seeks Solutions for Secure Mobile Capabilities

July 23, 2012 Added by:Headlines

“First and foremost, our whole strategy from a classified mobility perspective is very much focused on commercial solutions for classified [communications]... It’s our intent that we would deliver, end-to-end, a solution that is reliant on all commercial components and we believe we can do that...”

Comments  (0)


Another Angle on Big Data

July 22, 2012 Added by:Tripwire Inc

Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?

Comments  (0)


About Antivirus, Security Awareness, Security Usability...

July 21, 2012 Added by:Ali-Reza Anghaie

No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...

Comments  (0)


Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)


On Infosec Thought Followers

July 20, 2012 Added by:Dave Shackleford

The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...

Comments  (2)


Coders Rights at Risk in the European Parliament

July 18, 2012 Added by:Electronic Frontier Foundation

By identifying and disclosing vulnerabilities, coders are able to improve security for every user who depends on information systems for their daily life and work. Yet recently, European Parliament debated legislation that threatens to create legal woes for researchers who expose security flaws...

Comments  (0)


How to Become a Network Security Engineer

July 18, 2012 Added by:InfoSec Institute

While no two jobs are alike, there are some specific skills that will help network security engineers face the various challenges they will face day to day. What follows are just a handful of specific skills and duties required of network security engineers...

Comments  (2)


Blame the Silver Heads?

July 17, 2012 Added by:Ian Tibble

The idea that CEOs are responsible for all our problems is one of the sacred holy cows of the security industry. Security analysts, managers, self-proclaimed "Evangelists", "Subject Matter Experts", ad infinitum are responsible for the problems. Lets look at ourselves before blaming others...

Comments  (4)


Infosec: Is it Really OK to Say No?

July 16, 2012 Added by:Scott Thomas

Our job isn't to run the business or set direction, our job is to tell the ones at the helm that building a boat out of tin foil is a bad idea. We need to change the sign on the door from "Department of No" to "How does this affect our risk-posture?" and realize even then sometimes you need to say "No"...

Comments  (3)


Security: It’s All About (Human) Networking...

July 15, 2012 Added by:Tripwire Inc

Want to add layers, or change your defense in depth approach? Your Information Systems team is just the beginning. What business unit will you impact? How will they be impacted, and when is the optimum time to do this? Depending on scope, this could even ripple through your business continuity program...

Comments  (0)


Advanced Persistent Threats: Separating the Unicorns from Reality

July 14, 2012 Added by:Rafal Los

APT - Advanced Persistent Threat has been the nervous topic for a long time now in Information Security. While there is a metric ton of misinformation and confusion about what constitutes an Advanced Persistent Threat, the thrust seems to be that once you're a target, you're a victim...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »