Database Security
Insider Threat: Does It Matter Now? And How Much?
May 08, 2014 Added by:Anton Chuvakin
While everybody is reading the DBIR 2014, I wanted to re-read it with a particular lens – that on the insider threat.
Comments (0)
Verizon 2014 DBIR: Hide Your Servers and Call the Cops
April 23, 2014 Added by:Tripwire Inc
Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.
Comments (0)
BYOD For Government?
March 23, 2014 Added by:Cam Roberson
BYOD is fast becoming the norm for many enterprises, despite the security risks. Government agencies have been slower to adopt, but will need to start implementing policies that address BYOD.
Comments (1)
Zero Trust and the Age of Global Connectivity
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
Comments (0)
Stopping Remote Access Breaches with “Honey”
February 07, 2014 Added by:Patrick Oliver Graf
A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.
Comments (6)
What the Snowden Leaks Can Teach Us About Data Security
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
Comments (0)
Security Advisor Alliance, A Nonprofit of Elite CISOs giving back to the community.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
Comments (1)
Gaining a Data Security Edge with Social Threat Detection
August 16, 2013 Added by:Vince Schiavone
From weak data protection practices to sophisticated organized attacks, enterprises are facing a multi-front war when it comes to protecting and preserving their information and intellectual property.
Comments (0)
Cyber Security and Terrorism – See Something, Say Something
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
Comments (0)
Top Secret SCI Jobs - The Value of Smaller Contractors
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
Comments (0)
2-Factor Is Great, But Passwords Still Weak Spot
July 17, 2013 Added by:Simon Moffatt
Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.
Comments (0)
Cyber Attacks the Reality, the Reason and the Resolution Part 3
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
Comments (0)
Identity & Access Management: Give Me a REST
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
Comments (0)
Google: Black Hat or White Hat?
April 23, 2013 Added by:Larry Karisny
Google has a perfect opportunity to be a leader in cybersecurity. Google’s recent network -- and acquisitions and hires -- in Austin, Texas, is an opportunity to do security right the first time.
Comments (1)
Attack Vector Undefined: Dismantling ‘Defense in Depth’ through Power Grid.
April 12, 2013 Added by:Mikko Jakonen
Well, before COTS (Commercial Off The Shelve) came popular in military and other organizations thinking their security, this could have been avoided. Nowadays, very difficult. Even in trailers. You still need only one computer making possible to interact with others – in many different NETs existing :)
Comments (0)
Protect Data Not Devices?
April 05, 2013 Added by:Simon Moffatt
As the devices becomes smarter, greater emphasis is placed on the data and services those devices access. Smartphones today come with a healthy array of encryption features, remote backup, remote data syncing for things like contacts, pictures and music, as well device syncing software like Dropbox. How much data is actually specifically related to the device?
Comments (0)
- Can Hackers Use FraudFox VM to Defeat Your Fraud Prevention?
- Battlefield Mobile: Threats Targeting In-Motion Endpoints Climbed in 2014
- New Adobe Flash Zero-Day found in the Wild
- Generation (Nuclear and Fossil) Cyber Incidents Continue to Occur and Nobody is Connecting the Dots
- Security Spending Wasted When Software Goes Unimplemented
- Dark Technology: Are You (Unknowingly) Putting Your Organization At Risk?
- Cyber-Civic Responsibility
- State of the Union Advice to President Obama
- The NERC CIP's Are Not Making the Grid More Secure or Reliable
- Microsoft SysInternals is Prone to False Negatives When Testing for Escalation of Privileges