June 23, 2014 Added by:CipherCloud
The cloud is great, and the cloud is here to stay. But to enable a successful, secure cloud deployment, you'll need to rethink your existing security strategy.
April 12, 2014 Added by:Gilad Parann-Nissany
The NSA is powerful: they watch, they listen, they collect data. In cases of national security, perhaps this is a good method to catch terrorists. In cases of private business data, there is a way to block the NSA from getting to your sensitive information: strong data encryption.
March 31, 2014 Added by:Gilad Parann-Nissany
Any company or individual using cloud services today should encrypt data in addition to their firewall, anti-virus and other security measures. Incidentally, it is also encouraged by regulation in several sensitive sectors, notably businesses in the health industry under HIPAA patient and data privacy laws and the payment card industry under PCI DSS standards.
March 29, 2014 Added by:Jarno Limnéll
We are losing the battle for cyberspace. Not because malicious actors are taking over the digital world, but because we are forgetting what is the element that makes us feel safe and secure in any world: the ability to trust.
March 10, 2014 Added by:Kevin L. Jackson
After polling 130 security professionals on the show floor of the RSA Conference, PerspecSys found that "an overwhelming 74 percent believe security for cloud-based data in 2014 will be a bigger concern than securing data on-premise."
March 05, 2014 Added by:Kevin L. Jackson
Known as the NCOIC Rapid Response Capability (NRRC™), the process defines how to build a federated cloud infrastructure that provides a foundation for information sharing within a secure environment
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
February 19, 2014 Added by:Electronic Frontier Foundation
Surveillance and legal tactics by the NSA and GCHQ add to the growing list of examples of the government responding to investigative journalism that exposes corruption by attacking the media rather than the corruption.
February 10, 2014 Added by:Kevin L. Jackson
Cloud computing transitions IT from being "systems of physically integrated hardware and software" to "systems of virtually integrated services." This transition makes interoperability the difference between the success and failure of IT deployments, especially in the Federal government.
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
November 04, 2013 Added by:Simon Moffatt
The modern enterprise workforce, will contain contractors, freelancer and even consumers themselves. Bloggers, reviewers, supporters, promoters, content sharers and affiliates, whilst not on the company payroll, help drive revenue through messaging and interaction. If a platform exists where their identity can be harnessed, a new more agile go to market approach can be developed.
October 16, 2013 Added by:Hani Banayoti
Consider encryption at rest but make informed decisions about its value and protection afforded.
September 25, 2013 Added by:Matt Neely
Unlike traditional third-party solutions where the vendor is responsible for all or most of the security controls in the cloud, there are often cases where security professionals are responsible for managing and maintaining key security controls.
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015
PCI Security Standards Council Statement on ... on 03-17-2015