Database Security
Pain Comes Immediately – Secure Development Takes Time
April 17, 2012 Added by:Alexander Rothacker
Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...
Comments (0)
Megaupload Goes to Court: A Primer
April 11, 2012 Added by:Electronic Frontier Foundation
Does the government have a responsibility to protect innocent third parties from collateral damage when it seizes their property in the course of prosecuting alleged copyright infringement? That is the question a federal district court will consider...
Comments (0)
Beyond the Firewall – Data Loss Prevention
April 05, 2012 Added by:Danny Lieberman
It doesn’t matter how they break into your network or servers – if attackers can’t take out your data, you’ve mitigated the threat. This paper reviews the taxonomies of advanced content flow monitoring that is used to audit activity and protect data inside the network...
Comments (0)
White House: Big Data is a Big Deal
April 05, 2012 Added by:Headlines
By improving our ability to extract knowledge and insights from large and complex collections of digital data, the initiative promises to help accelerate the pace of discovery in science and engineering, strengthen our national security, and transform teaching and learning...
Comments (0)
Data Classification: Why it is Important for Information Security
April 02, 2012 Added by:Christopher Rodgers
Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...
Comments (0)
It’s Data Breach Report Season: Beware Of Partial Truths
April 01, 2012 Added by:Josh Shaul
At the end of the day, these reports are important. They provide much needed insight into at least some data breaches. But we have to accept that this isn't the U.S. Census. We must learn what we can from them without becoming hypnotized by the hype that can surround them...
Comments (1)
Transborder Data Flows at Risk
March 22, 2012 Added by:David Navetta
The proliferation of comprehensive data privacy laws, more or less on the European model, increasingly requires US-based multinationals and online companies to adapt to strict requirements for dealing with individuals in other countries...
Comments (0)
Examining the Top Ten Database Threats
March 14, 2012 Added by:PCI Guru
Most attacks are perpetrated inside the perimeter, so protection from an inside attack is important. Once an attacker is on the inside, it is easy to use SQL injection or other techniques to obtain data. Organizations are just beginning to understand the insider threat...
Comments (0)
It’s Back: March Madness Higher Education Data Breach Brackets
March 12, 2012 Added by:Alexander Rothacker
The method to our ‘Madness’ is simple – based solely on the number of reported records breached in 2011, we put together brackets. For each U.S.-based institution of higher learning that reported a data breach in 2011, we seeded (ranked) them based on number of records affected...
Comments (0)
Howard Schmidt to Unveil Report on Health Information Security
March 02, 2012 Added by:Marjorie Morgan
Schmidt is slated to announce the third publication in the Internet Security Alliance's financial cyber risk management series, "The Financial Impact of Breached Protected Health Information: A Business Case for enhanced PHI Security"...
Comments (0)
BSidesSF: Josh Shaul on Security and Hacktivism
March 01, 2012
Josh Shaul, CTO for Application Security, Inc., took a few minutes out of his schedule at the BSides San Francisco event to discuss security issues and the mounting threats posed by hacktivist activities...
Comments (0)
Auditor IV: The Card Data Breach
February 17, 2012
When the unthinkable happens to a company, there's only one person they need to get to the bottom of the matter. The Auditor is back, but this time it's different...
Comments (0)
Database Security TLAs Make Me LOL
February 15, 2012 Added by:Josh Shaul
I can only imagine what folks go through when they’re shopping for solutions to improve databases security. Do you want DAM? DAP? DAMP? DSP? DLP? WAF? To improve the security of your databases, you’re probably going to need some or all of the following capabilities...
Comments (0)
Data at Rest: Dormant But Dangerous
February 10, 2012 Added by:Simon Heron
Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...
Comments (0)
Four Keys for Intellectual Property Protection
February 07, 2012 Added by:Jason Clark
Intellectual property includes product designs, secret formulas, and other trade knowledge. It's what organized cybercrime, state governments and hackers are all going after. Why? Mostly because of the value. One stolen manufacturing process can be worth millions...
Comments (1)
Twelve Security Best Practices for USB Drives
February 07, 2012 Added by:Kelly Colgan
Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...
Comments (1)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform