Blog Posts Tagged with "Information Security"
Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
May 16, 2012 Added by:Matthijs R. Koot
The Dutch Ministry of Defense's (MoD) annually issues a "Defense Innovation Competition" is a competition that is intended to get input from and foster relations with Dutch industry and SME. This year's theme is "CYBER Operations 2.0"...
Comments (0)
NIST Workshop: The Technical Aspects of Botnets
May 16, 2012 Added by:Infosec Island Admin
NIST seeks to engage all stakeholders to identify the available and needed technologies and tools to recognize, prevent, and remediate botnets; explore current and future efforts to develop botnet metrics and methodologies for measuring and reporting botnet metrics over time...
Comments (0)
Who Are You Preaching to Anyway?
May 16, 2012 Added by:Neira Jones
Hard core security conferences continue to happen and continue to be successful, and long may it continue. We still need the techies to make sure we have the right tech to support the people and processes in our businesses. We also need the techies to try and keep ahead of the bad guys...
Comments (1)
Security BSides Detroit Announces its June Schedule
May 15, 2012 Added by:Steven Fox, CISSP, QSA
The BSides conference is billed as a un-conference where practitioners go for clear unfiltered view of the industry. The conference features two tracks and thirty-two talks of local and national experts on a variety technical and non-technical subjects...
Comments (0)
Infosec is Not a Religion
May 15, 2012 Added by:Scot Terban
Infosec is not a religion. There are no Cardinals, there are no Bishops, there are only a bunch of people who want their opinion to be heard and listened to ad nauseum. It’s as simple as that, and if you start clothing it in the robes of ecclesiastical rhetoric, you FAIL...
Comments (1)
Cybercrime Does(n't?) Pay
May 15, 2012 Added by:Beau Woods
Although many studies fail at basic science, I'm hopeful that the information security industry will get better both at true academic research and at coming up with accurate metrics for the most important data. We'll get there as we mature as an industry, but it will take a while...
Comments (0)
What is the Value of a Good Name?
May 15, 2012 Added by:Jon Long
What is the value of a good name? Do you want a firm that has little to lose, or one who has much to lose. I guarantee you that the firm with the most to lose will be the most thorough in their examination of your internal controls. It's time we take a stand against cheap risk assurance...
Comments (0)
Making Things Worse by Asking all the Wrong Questions
May 14, 2012 Added by:Rafal Los
Blaming OWASP and developers for not adopting secure coding is silly. Uuntil the business cares about security, and developers have an incentive to write more secure code, tools and simple to use transparent technologies like that which OWASP provides won't get utilized...
Comments (2)
Are We Reaching Security Conference Overload?
May 14, 2012 Added by:Tom Eston
We have more security and hacking conferences than ever, but now there is also more overlap. These choices can make it harder for researchers to present new and relevant content and also tough to decide which conferences to attend from a attendee perspective...
Comments (0)
The Importance of Mobile Device Management for Enterprise Security
May 14, 2012 Added by:Drayton Graham
Almost everyone has their own mobile phone these days, nd they are quickly becoming a necessity in business. In order to enable the kind of freedom BYOD brings, the corporate network and data needs to be protected. Mobile Device Management is a solution that will help with this...
Comments (1)
Taming the WWW or Wild Wild West
May 14, 2012 Added by:Jayson Wylie
There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...
Comments (0)
Keeping Security Relevant: From Control to Governance in the Cloud
May 12, 2012 Added by:Rafal Los
When someone mentions public cloud, you quickly see the polarizing effects the topic has, generating a very negative reaction to the idea of putting anything corporate in the public cloud. What does that mean for the future of corporate information security and risk management?
Comments (0)
FedRAMP Releases Updated Security Assessment Templates
May 11, 2012 Added by:Kevin L. Jackson
FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization, and monitoring for Cloud Service Providers. This document has been designed for Third-Party Independent Assessors to use for planning security testing of CSPs...
Comments (0)
Webinar: Keeping Your Open Source Software Secure
May 09, 2012 Added by:Infosec Island Admin
Understand why collaboration is invaluable in keeping proprietary systems secure. Learn how to share private information in public forums without harming your organization. Identify what tools are available to your organization for collaboration, notification, and knowledge-sharing...
Comments (0)
What Infosec Can Learn from Enron
May 09, 2012 Added by:Beau Woods
Auditors aren't the sole authoritative voice, and they can be fooled or coerced like anyone else. Too often internal and external auditors are trusted as the arbiters of right and wrong. This can fail an organization if executives don't understand the role auditors should play...
Comments (0)
CISSP Reloaded Domain 7: Applications and Systems Development
May 09, 2012 Added by:Javvad Malik
Secure applications aren’t the result of evolution or chance conditions coming together. Secure applications are only created with a definite degree of intelligent design. You, as the security person are responsible for providing that intelligent design into the application...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR