July 23, 2014 Added by:Gilad Parann-Nissany
Full disk encryption is becoming more and more popular in cloud settings, and some of the smaller clouds like Google Compute Engine have supported it for a while. Amazon is a bit late to this game, and should lead the way in enabling customer control of encryption keys.
June 23, 2014 Added by:CipherCloud
The cloud is great, and the cloud is here to stay. But to enable a successful, secure cloud deployment, you'll need to rethink your existing security strategy.
April 12, 2014 Added by:Gilad Parann-Nissany
The NSA is powerful: they watch, they listen, they collect data. In cases of national security, perhaps this is a good method to catch terrorists. In cases of private business data, there is a way to block the NSA from getting to your sensitive information: strong data encryption.
March 31, 2014 Added by:Gilad Parann-Nissany
Any company or individual using cloud services today should encrypt data in addition to their firewall, anti-virus and other security measures. Incidentally, it is also encouraged by regulation in several sensitive sectors, notably businesses in the health industry under HIPAA patient and data privacy laws and the payment card industry under PCI DSS standards.
March 29, 2014 Added by:Jarno Limnéll
We are losing the battle for cyberspace. Not because malicious actors are taking over the digital world, but because we are forgetting what is the element that makes us feel safe and secure in any world: the ability to trust.
March 10, 2014 Added by:Kevin L. Jackson
After polling 130 security professionals on the show floor of the RSA Conference, PerspecSys found that "an overwhelming 74 percent believe security for cloud-based data in 2014 will be a bigger concern than securing data on-premise."
March 05, 2014 Added by:Kevin L. Jackson
Known as the NCOIC Rapid Response Capability (NRRC™), the process defines how to build a federated cloud infrastructure that provides a foundation for information sharing within a secure environment
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
February 19, 2014 Added by:Electronic Frontier Foundation
Surveillance and legal tactics by the NSA and GCHQ add to the growing list of examples of the government responding to investigative journalism that exposes corruption by attacking the media rather than the corruption.
February 10, 2014 Added by:Kevin L. Jackson
Cloud computing transitions IT from being "systems of physically integrated hardware and software" to "systems of virtually integrated services." This transition makes interoperability the difference between the success and failure of IT deployments, especially in the Federal government.
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015