Blog Posts Tagged with "Information Security"
Five Things Your InfoSec Team Should Do in the Next 30 Days
May 23, 2013 Added by:Steven Fox, CISSP, QSA
An interesting blog post outlined five actions that Apple CEO Tim Cook should take following his appearance before Congress. The article outlines five actionable steps to achieving something to which Tim Cook, and many information security teams, aspire – connection with their customers.
Comments (0)
Deconstructing 'Defensible' - Too Many Assets, not Enough Resources
April 19, 2013 Added by:Rafal Los
In just about every organization (with little exception) there are more things to defend than there are resources to defend with. Remember playing the game of Risk, when you were a kid? Maybe you still have the game now... amazing how close to that board game your life in InfoSec is now, isn't it?
Comments (0)
Identity in the Modern Enterprise
March 12, 2013 Added by:Simon Moffatt
The view of IAM 1.0 (enterprise provisioning) and IAM 2.0 (federated identity, 'cloud' services and so) is continually evolving and it's pretty clear that identity management now has a greater role to play for many organisations, as they look to embrace things like increased mobility and out sourced service driven applications.
Comments (0)
The Blurring of the Business Identity
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
Comments (0)
What Security Challenges to Focus on in the New Year
February 15, 2013 Added by:Robert Siciliano
In 2012, security challenges we faced were often the ribbon cuttings and business plans that startup criminal organizations launched. In 2013, those criminal enterprise business plans will come together—and we need to be ready.
Comments (0)
What We Learned About Digital Security In 2012
February 12, 2013 Added by:Robert Siciliano
Sometimes it’s the worst things that can happen that become the eye-opening best things that effect positive change. The year 2012 saw numerous high-profile data breaches, epic hacks, full-on hacktivism and lots of major identity theft ring busts.
Comments (0)
Security Analytics: Hype or Huge?
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
Comments (0)
Information Security Management Handbook
January 28, 2013 Added by:Ben Rothke
While the book is organized under the CISSP CBK domains, it should not readily be used as a primary reference for those studying for the CISSP exam, given its unmanageable length as a primary reference...
Comments (0)
ESB Security Spotlighted At ZeroNights 2012
December 25, 2012 Added by:Alexander Polyakov
ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...
Comments (0)
Security is Inconvenient, Deal With It!
December 17, 2012 Added by:Keith Mendoza
ZD Net had an article entitled "Kernel vulnerability places Samsung devices at risk" and I thought "so, what's new" until I followed the link to the forum post on xda-developers. Then I just lost it because I'm certain that this is a result of plain and simple laziness...
Comments (2)
Organizational Influence via Security Team Branding
December 09, 2012 Added by:Steven Fox, CISSP, QSA
Hacker Halted 2012 was full of personalities; executives, technologists, students and security enthusiasts – each one with stories that fueled conversations and debate. Technical and business erudition dominated the speaker sessions and the hacking competitions...
Comments (0)
Information Security: Why Bother?
December 09, 2012 Added by:Simon Moffatt
The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...
Comments (3)
How Best to Discuss a Whole of Nation Approach to Information Activities
November 12, 2012 Added by:Joel Harding
Now that IO has a new definition, there is no longer a clear cut way to divide up the parts. My friend and mentor, Dr. Dan Kuehl, invented a model I like to use, called the Three C model. ‘What we do’ can be divided into Connectivity, Content and Cognitive...
Comments (0)
Industrial Control System Security: A Reliability Issue?
November 06, 2012 Added by:Larry Karisny
Cyber Security Expert Joe Weiss has spearheaded the ICS Cyber Security Conference for 12 years and when he calls in the troops, the best come to serve. Last month’s conference held at Old Dominion University's Virginia Modeling Analysis and Simulation Center -- VMASC in Suffolk, Va. -- was no different...
Comments (1)
Rethinking the consumer/enterprise operating system
October 28, 2012 Added by:Rafal Los
When Microsoft converged their kernel and made a single version of Windows most people were relieved, especially Microsoft developers and security types. It was now going to be easier to maintain the code base - but was that the right call? I think the jury may still be out...
Comments (3)
Impressive Speaker Lineup Announced for TECHEXPO Cyber Security Event
October 23, 2012 Added by:Infosec Island Admin
"Our team is extremely pleased with the high caliber, diversity and expertise of the confirmed speakers we have secured for this event. Having such a dynamic lineup of highly respected industry professionals to share their knowledge and inspire those seeking employment..."
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)