Security Management


Target Should be Our Target

March 14, 2014 Added by:Wayde York

The press has come out with the fact that Target received a warning about malware and hacking before 40 million credit cards were compromised. While we should not string up the security analysts at Target, we may have to spank their managers.

Comments  (0)


Unbalanced Security is Increasing Your Attack Surface

March 13, 2014 Added by:Pete Herzog

Unbalanced security is when your security increases your attack surface. And it’s normal.

Comments  (0)


Security Slice: World War XP

March 12, 2014 Added by:Tripwire Inc

Are these nine tips enough to protect organizations that need to continue using XP?

Comments  (0)


Attacking the ROI of Advanced Persistent Threats

March 12, 2014 Added by:Tripwire Inc

How do you stop a smart attacker? Simple: reduce their ROI to make exploiting you fiscally irresponsible.

Comments  (0)


Here a box, there a box, everywhere a box … breached

March 11, 2014 Added by:Rafal Los

Let’s face it: The industry has a ‘box problem.’ And everyone will sell you a solution to what ails you.

Comments  (0)


NSA is not the Only One Getting to Your App Data

March 03, 2014 Added by:Rebecca Herold

You need to take actions to help protect yourself, and you also need to demand that app developers build security and privacy protections and controls into their apps.

Comments  (2)


A “Tale of Two Cities” – where are the insurance companies?

March 03, 2014 Added by:Joe Weiss

There has been no mad rush for cyber insurance as the focus has been NERC CIP and compliance not security.

Comments  (0)


Zero Trust and the Age of Global Connectivity

February 27, 2014 Added by:Simon Moffatt

The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.

Comments  (0)


RSA's Art Coviello Calls for Increased International Cooperation and Governance Among Nations and Security Industry

February 25, 2014 Added by:InfosecIsland News

Art Coviello delivered his opening keynote to a record crowd at RSA Conference 2014, calling for international government and industry cooperation on major issues including cyber war, surveillance, privacy and trust on the Internet.

Comments  (0)


How to Make Better Threat Intelligence Out of Threat Intelligence Data?

February 19, 2014 Added by:Anton Chuvakin

One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.

Comments  (0)


Stopping Remote Access Breaches with “Honey”

February 07, 2014 Added by:Patrick Oliver Graf

A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.

Comments  (5)


CFO’s Don’t Want to Get it When it Comes to Risk and Security…Until it’s Too Late.

February 06, 2014 Added by:Stephen Marchewitz

According to Ponemon estimates (PDF), the breach will cost Target over $2 Billion dollars. Will Target's CFO get fired? He probably couldn’t spell security before the incident, but had to testify before congress about what they’re going to do…talk about your crash courses.

Comments  (1)


Numbers Never Lie, But You May Be Asking the Wrong Questions

February 04, 2014 Added by:Rafal Los

Demonstrating the effectiveness of a security program isn't about cherry-picking the right data sets, in the right time-frames to show how fantastic we are doing and patting ourselves on the back.

Comments  (0)


Incident Response: Are You Ready?

February 03, 2014 Added by:Brent Huston

When serious problems strike the complacent and unprepared, the result is inevitably shock followed by panic. And hindsight teaches us that decisions made during such agitated states are almost always the wrong ones. This is true on the institutional level as well.

Comments  (0)


The Workplace of the Future and What It Means for Network Security

January 28, 2014 Added by:Patrick Oliver Graf

The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible.

Comments  (0)


The Perils of Combining Security and Compliance

January 27, 2014 Added by:Robb Reck

There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »