Security Management

Bd07d58f0d31d48d3764821d109bf165

The 60/40 Security Rule

February 05, 2015 Added by:Tripwire Inc

On any journey we take as we progress though life, occasions will arise when we arrive at a juncture where we recognize that somewhere way-back, we may have taken a wrong turn, which has brought us to a less than ideal place – an imposition which I believe we find ourselves in today with mitigating cyber crime and its associated threats.

Comments  (3)

E313765e3bec84b2852c1c758f7244b6

Social Media Targeting: A Cautionary Tale

February 05, 2015 Added by:Brent Huston

The mission was simple, obtain either a file that listed more than 100 of their key suppliers, or obtain credentials and successfully logon to their internal supply system from an account that could obtain such a file.

Comments  (5)

Bd07d58f0d31d48d3764821d109bf165

Fighting Cyber Threats While Taking Human Behavior Into Consideration

February 04, 2015 Added by:Tripwire Inc

Security managers often find that what they put on paper is only half of the story. Getting the corporation to “cooperate” and follow the policy all the time can be far more challenging than it seems. So why do employees seem to be so reluctant?

Comments  (6)

Ebb72d4bfba370aecb29bc7519c9dac2

Security Analytics: Projects vs Boxes (Build vs Buy)?

February 04, 2015 Added by:Anton Chuvakin

So, it may seem that there is now a BUILD vs BUY choice…but is there?!

Comments  (4)

Af7244bb99debb4a1152fa49a993a05c

Security Seen as Top Obstacle to Success in Application Economy: Report

February 03, 2015 Added by:Eduard Kovacs

A survey conducted by Vanson Bourne on behalf of CA Technologies shows that senior IT and business leaders from across the world consider security a top obstacle to becoming more effective in the application economy.

Comments  (4)

0ead717779244d9aab5c1699308850d2

Getting Employee Security Awareness Training Right

February 03, 2015 Added by:Brian Prince

Training employees right, experts said, takes a mix of clearly-defined goals, executive support and an understanding of employees' roles and the target audience.

Comments  (3)

A70a600d7c593ca50cc6639cd64ed71a

Attackers, Distraction, Deception and Misdirection

February 03, 2015 Added by:Joseph Pizzo

When it comes to security, be it data in motion, data in execution or data at rest, the bad guys often lurk in plain sight. They have the time and patience to wait for a distraction that allows their malicious activity to go by unseen.

Comments  (3)

E313765e3bec84b2852c1c758f7244b6

The Need for an Incident Recovery Policy (IRP)

February 02, 2015 Added by:Brent Huston

Given the recent spate of breaches and compromises that we have analyzed and been involved in over the last year, we have seen an emerging need for organizations to now embrace a new kind of policy – a security incident RECOVERY policy.

Comments  (1)

3caea4d9bcdd5cde2b1a1f338a06a086

Digital Reputation: Can’t Buy it, Gotta Earn It

January 29, 2015 Added by:Jonathan Curtis

Can’t buy it, gotta earn it, as the old saying goes. With a few short searches, it is easy to find tweets that have had a significant impact on the reputation of institutions, police departments, online ecommerce properties, and corporations in 2014.

Comments  (6)

E595c1d49bf4a26f8e14ce59812af80e

Two-Factor Authentication Transforms Even ‘123456’ Into a Secure Password

January 29, 2015 Added by:Patrick Oliver Graf

Since 2011, the same two passwords have ranked as the most common (and worst) among users. Care to take a guess as to what they are?

Comments  (6)

306708aaf995cf6a77d3083885b60907

Suits and Spooks DC 2015: The Agenda - Last Chance to Register

January 29, 2015 Added by:Mike Lennon

Suits and Spooks DC is less than one week away! The event will be held at the Ritz-Carlton, Pentagon City on February 4-5. Due to multiple sell-out events, we have expanded our attendee capacity to 200, but the event is again close to being sold out.

Comments  (2)

Ebb72d4bfba370aecb29bc7519c9dac2

Do You Want “Security Analytics” Or Do You Just Hate Your SIEM?

January 27, 2015 Added by:Anton Chuvakin

Now that I’ve taken a fair number of “security analytics” client inquiries (with wildly different meanings of the phase), I can share one emerging pattern: a lot of this newly-found “analytics love” is really old “SIEM hatred” in disguise.

Comments  (3)

Ebe141392ea3ebf96ba918c780ea1ebe

Looking Logically at Legislation

January 27, 2015 Added by:Wendy Nather

There's a lot of fuss around the recent White House proposal to amend the Computer Fraud and Abuse Act, and some level-headed analysis of it. There's also a lot of defensive and emotional reaction to it ("ZOMG we're going to be illegal!").

Comments  (3)

Fc152e73692bc3c934d248f639d9e963

End of Life

January 27, 2015 Added by:PCI Guru

This topic has started to come up again as we go through PA-DSS research on applications and find that the listings contain operating systems that are at or past end of life (EOL).

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

The State of Obama Cybercare

January 26, 2015 Added by:Tripwire Inc

Over the past few years, we have seen cybersecurity move from the realm of IT into the boardroom and now onto the political stage. The reason for this is clear—the resiliency, security and safety of the Internet is critical to our economy and the progress of our society as a whole. It is our future.

Comments  (2)

B64e021126c832bb29ec9fa988155eaf

Bringing Metasploit Exploits to Life with PowerShell

January 26, 2015 Added by:Dan Dieterle

You have a remote shell to a Windows box in Metasploit, very cool, but what can you do?

Comments  (2)

Page « < 1 - 2 - 3 - 4 - 5 > »