Database Security
Hacks of Houston Astros, Butler University Put Network Security on Center Stage
July 14, 2014 Added by:Patrick Oliver Graf
Together, the high-profile hacking of the Houston Astros and Butler University show why it’s important for every organization to think like an enterprise in constructing a network security plan.
Comments (0)
Big Data's Big Promise Isn't Here Yet
June 24, 2014 Added by:Tripwire Inc
What is interesting to me is how much hope people have for big data being the savior of the security world. I don’t believe that’s going to happen anytime soon.
Comments (0)
Adventures in Finding Cardholder Data
May 21, 2014 Added by:PCI Guru
In the past, organizations would rely on their database and file schemas along with their data flow diagrams and the project was done. However, the Council has come back and clarified that the search for cardholder data (CHD), primarily the primary account number (PAN).
Comments (0)
Insider Threat: Does It Matter Now? And How Much?
May 08, 2014 Added by:Anton Chuvakin
While everybody is reading the DBIR 2014, I wanted to re-read it with a particular lens – that on the insider threat.
Comments (0)
Verizon 2014 DBIR: Hide Your Servers and Call the Cops
April 23, 2014 Added by:Tripwire Inc
Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.
Comments (0)
BYOD For Government?
March 23, 2014 Added by:Cam Roberson
BYOD is fast becoming the norm for many enterprises, despite the security risks. Government agencies have been slower to adopt, but will need to start implementing policies that address BYOD.
Comments (1)
Zero Trust and the Age of Global Connectivity
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
Comments (0)
Stopping Remote Access Breaches with “Honey”
February 07, 2014 Added by:Patrick Oliver Graf
A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.
Comments (6)
What the Snowden Leaks Can Teach Us About Data Security
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
Comments (0)
Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
Comments (1)
Gaining a Data Security Edge with Social Threat Detection
August 16, 2013 Added by:Vince Schiavone
From weak data protection practices to sophisticated organized attacks, enterprises are facing a multi-front war when it comes to protecting and preserving their information and intellectual property.
Comments (0)
Cyber Security and Terrorism – See Something, Say Something
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
Comments (0)
Top Secret SCI Jobs - The Value of Smaller Contractors
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
Comments (0)
2-Factor Is Great, But Passwords Still Weak Spot
July 17, 2013 Added by:Simon Moffatt
Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.
Comments (0)
Cyber Attacks the Reality, the Reason and the Resolution Part 3
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
Comments (0)
Identity & Access Management: Give Me a REST
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
Comments (0)
- Financial Malware Fell in 2014 As Takedown Operations Have Impact
- Resource Scarcity Plaguing Security Programs
- The ‘ABC’ of the ‘APT’
- EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation
- Suits and Spooks London: Register Now for Early Bird Rate
- Angler Exploit Kit Uses Domain Shadowing to Evade Detection
- Is Compliance Bad for Security?
- Malware Can Hide in a LOT of Places
- Weaknesses in Air Traffic Control Systems are a Serious Issue for FAA
- PlugX Malware Adopts New Tactic in India Attack Campaign