Cloud Computing

0a8cae998f9c51e3b3c0ccbaddf521aa

CISO Challenges: The Build vs. Buy Problem (1:2)

January 21, 2013 Added by:Rafal Los

Change control, application security reviews, incident response, policy review, audit preparation, acquisition due-diligence... all of these require people, money and time - but you've got it all in short supply. Here's one way of looking at making the decision of what to build, and what to outsource...

Comments  (0)

F66c1a87a8db2cb584b4e06e93a84ce3

Dismantling cyber warfare on “3 troubling cyber scenarios worth discussing”

January 17, 2013 Added by:Mikko Jakonen

The set of TTP:s involved with cyber capabilities shall require, for time being, a vast amount of information exploitation, intelligence, development and co-ordination capabilities that enters step-by-step within the theater of operations.

Comments  (1)

8a958994958cdf24f0dc051edfe29462

Common Sense Cybersecurity

January 13, 2013 Added by:Larry Karisny

We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Actual Cloud – The One To Chose

January 07, 2013 Added by:Ben Kepes

I’ve been a part of, or at least a witness to, a huge number of battles about what constitutes the “real cloud.” These battles seem to generally be fought on a Sunday afternoon U.S. time – that kind of suits me fine because it means the Monday mornings in my time zone have enough entertainment value to get me up and going.

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

On Cloud Adoption

January 02, 2013 Added by:Ben Kepes

One of my regular themes when talking about the cloud are the barriers to adoption or, to put it more coarsely, how we can remove the friction and allow more organizations to enjoy the benefits that the cloud can bring. It’s an area that a number of my colleagues talk about also – we pundits have the advantage of time to explore and enjoy the benefits that cloud brings, but we remain aware of ...

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

The Obligatory 2013 Infosec Predictions Post

December 26, 2012 Added by:Simon Moffatt

Technology evolves so quickly that 12 weeks is an age when it comes to new ideas and market changes - and security is no different. However, the main areas I will personally be following with interest though, will be the BYOD/BYOA, personnel, preemptive security and social intelligence...

Comments  (0)

Bd86d2b4bd72ac0ca847696eec3759f3

Mobile Devices get means for Tamper-Evident Forensic Auditing

December 13, 2012 Added by:Michelle Drolet

In order to detect security breaches and guarantee compliance, tamper “proofing” has not been sufficient. When it comes time for a forensic audit, the ability to detect unauthorized changes to digital files becomes invaluable in an investigation...

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

The Dutch, the Yanks, the Cloud and YOU

December 13, 2012 Added by:Don Eijndhoven

Recently a research project by the Amsterdam University [PDF Alert] revealed that US law allows for the US government to access information stored in the Cloud, by (ab)using the PATRIOT act...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

If IaaS is Going to be Heterogeneous, PaaS Will be Even More So

December 13, 2012 Added by:Ben Kepes

It’s something I’m actually quite passionate about – not using management tools that force business units to adopt a particular solution that may or may not really meet their needs. It makes no sense and actually hampers the ability for cloud to deliver the benefits it promises...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

CloudBeat 2012 - "Whose job is cloud security?"

December 11, 2012 Added by:Rafal Los

People are still stuck on authentication, mainly passwords. We as an industry or customer base haven't been very good at figuring out how to manage identities, without sticking our customers with a million different sites which don't share common identities...

Comments  (0)

3071bd3c5c013c8c3defcccad0259c16

If you are not serious enough about your security don’t expect your IT service provider to care

December 10, 2012 Added by:Hani Banayoti

Another year coming to a close and I am full of hope for new thinking on security for the road ahead. One particular aspect in our profession that I would like to see change in the very near future is the typical approach to incorporating security in contracts with IT Service Providers...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Is PaaS the optimal cloud service model option for security? (Part 1 of 2)

December 06, 2012 Added by:Rafal Los

It would seem that in the IaaS cloud service delivery model unless you know what you're getting into it may be quite tough to deploy a solid, risk-averse cloud-based application. Now, PaaS is different than the other two in that it is a compromise between extensibility and built-in security features...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Security and Privacy in a Connected and Cloudy World

November 29, 2012

A few months ago, I was invited to present at a summit organized by the New Zealand Privacy Commission, a government organization that is tasked with setting policies to ensure citizens of New Zealand remain secure when it comes to the use of their private information...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

On Terms of Service, and a Global Code

November 25, 2012 Added by:Ben Kepes

TOS;DR aims to help with what is possibly the biggest lie on the internet, that which users make when they click that they have read, understood and accepted the terms of service of their provider. The fact is that no one reads them but rather vaguely hopes for the best...

Comments  (0)

6462807771e81d9c33eb99307f5f3e77

Modernizing Physical Security and Incorporating Best Practices Into New Assets

November 18, 2012 Added by:Michele Westergaard

Cyber security threats to the utility industry are increasing in number and sophistication. The North American Reliability Corporation (NERC) is increasing the Critical Infrastructure Protection (CIP) regulatory requirements to ensure facilities are meeting basic standards in this area...

Comments  (0)

1789975b05c7c71e14278df690cabf26

Six Sneaky Ways to Bring Down Your Company

November 08, 2012 Added by:Pete Herzog

This article will give you some ideas on how you can quickly put yourself out of a job using the Internet. If you're careful and a little lucky, you won't end up in jail either! At the very least, this article shows how doing things that are good for an office may not necessarily be good for the security of your company...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »