HIPAA

201d6e4b7cd0350a1a9ef6e856e28341

The Unisys Ponemon study – Is It Actually Relevant to ICSs

July 22, 2014 Added by:Joe Weiss

It is important to understand the validity of the observations and conclusions as this report is being widely quoted.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Keeping it Simple - Part 1

July 21, 2014 Added by:PCI Guru

Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Compliance and Security Seals from a Different Perspective

July 16, 2014 Added by:Rafal Los

Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Why Should We Close the Threat Detection Gap?

July 09, 2014 Added by:Tripwire Inc

By closing off the threat detection gap, we can decrease the value to the criminal of the effort to commit the crime, making it a less worthwhile undertaking in the first place.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Google Aurora vs ICS Aurora – An industry and DHS Debacle

July 08, 2014 Added by:Joe Weiss

This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The Flaw in Requirement 8.5.1

July 03, 2014 Added by:PCI Guru

All of you service providers out there that have remote access to your customers managed by some enterprise credential management solution, please implement a strong two-factor authentication solution on your customer credential management solution before you too become a newspaper headline.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

It’s the end of June 2014 and ICS Cyber Security is Still an Enigma to Many

July 02, 2014 Added by:Joe Weiss

The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.

Comments  (1)

65be44ae7088566069cc3bef454174a7

10 Big Data Analytics Privacy Problems

June 30, 2014 Added by:Rebecca Herold

The power of big data analytics is so great that in addition to all the positive business possibilities, there are just as many new privacy concerns being created. Here are ten of the most significant privacy risks.

Comments  (0)

Dea535178c7cc66cd64a57946b006ef2

Key Management in the Public Cloud

June 27, 2014 Added by:HyTrust

Key management is the most important component in any enterprise-grade encryption system. Yet what is the right key management model if you are looking to the cloud?

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Keep it Simple

June 24, 2014 Added by:PCI Guru

Let us refocus our priorities and help the vast majority of the world get secure.

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Medical Device Madness - Security Suffering

June 19, 2014 Added by:Mike Meikle

If the healthcare organization deploys an operating system patch or places their standard endpoint protection on the device, they run the risk of the vendor halting support during a device issue until the offending patch or software is removed.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

On SIEM Tool and Operation Metrics

June 19, 2014 Added by:Anton Chuvakin

Measuring SIEM health and operations is still an emerging art, and there is no set of accepted SIEM metrics.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Physical Security is Still a Problem

June 17, 2014 Added by:Joe Weiss

I did not think we would be able to film directly in front of large electric substations and other critical infrastructures. I was wrong.

Comments  (0)

65be44ae7088566069cc3bef454174a7

Using “Compliant” Stuff Doesn’t Result in Full Compliance

June 16, 2014 Added by:Rebecca Herold

Organizations that access, in any way, some type of personal information will likely have data protection compliance requirements with which they must comply.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

ICSs and the Internet – What is Actually Happening

June 11, 2014 Added by:Joe Weiss

The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them.

Comments  (0)

93c815429fc1ab15a9295a4f55989ae0

Signatures of PINS? EMV is Coming

June 09, 2014 Added by:Neohapsis

Ultimately, whether cards are authenticated via PIN or signature, the chip-based credit cards being rolled out in the U.S. will rely upon EMV security measures to protect the security of credit card data.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »