Security Management

65be44ae7088566069cc3bef454174a7

NSA is not the Only One Getting to Your App Data

March 03, 2014 Added by:Rebecca Herold

You need to take actions to help protect yourself, and you also need to demand that app developers build security and privacy protections and controls into their apps.

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

A “Tale of Two Cities” – where are the insurance companies?

March 03, 2014 Added by:Joe Weiss

There has been no mad rush for cyber insurance as the focus has been NERC CIP and compliance not security.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Zero Trust and the Age of Global Connectivity

February 27, 2014 Added by:Simon Moffatt

The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

RSA's Art Coviello Calls for Increased International Cooperation and Governance Among Nations and Security Industry

February 25, 2014 Added by:InfosecIsland News

Art Coviello delivered his opening keynote to a record crowd at RSA Conference 2014, calling for international government and industry cooperation on major issues including cyber war, surveillance, privacy and trust on the Internet.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

How to Make Better Threat Intelligence Out of Threat Intelligence Data?

February 19, 2014 Added by:Anton Chuvakin

One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Stopping Remote Access Breaches with “Honey”

February 07, 2014 Added by:Patrick Oliver Graf

A new approach, called “Honey Encryption”, could potentially offer more effective digital security by making fake data appear to be legitimate and valuable information to hackers.

Comments  (4)

0356a83ecb15c8e33b00560d7bebe47f

CFO’s Don’t Want to Get it When it Comes to Risk and Security…Until it’s Too Late.

February 06, 2014 Added by:Stephen Marchewitz

According to Ponemon estimates (PDF), the breach will cost Target over $2 Billion dollars. Will Target's CFO get fired? He probably couldn’t spell security before the incident, but had to testify before congress about what they’re going to do…talk about your crash courses.

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Numbers Never Lie, But You May Be Asking the Wrong Questions

February 04, 2014 Added by:Rafal Los

Demonstrating the effectiveness of a security program isn't about cherry-picking the right data sets, in the right time-frames to show how fantastic we are doing and patting ourselves on the back.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Incident Response: Are You Ready?

February 03, 2014 Added by:Brent Huston

When serious problems strike the complacent and unprepared, the result is inevitably shock followed by panic. And hindsight teaches us that decisions made during such agitated states are almost always the wrong ones. This is true on the institutional level as well.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

The Workplace of the Future and What It Means for Network Security

January 28, 2014 Added by:Patrick Oliver Graf

The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible.

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

The Perils of Combining Security and Compliance

January 27, 2014 Added by:Robb Reck

There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

The First Five Quick Wins

January 23, 2014 Added by:Brent Huston

The First Five Quick Wins controls are those that have been shown to be the most effective means yet to stop the targeted intrusions that are doing the greatest damage to many organizations.

Comments  (0)

1789975b05c7c71e14278df690cabf26

5 Solid Ways to Build Security Culture in Your Organization (That You Probably Never Heard Of)

January 22, 2014 Added by:Pete Herzog

Teach employees not to say no. This and 4 other unconventional tricks will build or enhance your organization's security culture.

Comments  (2)

9fb165a9b7dfef2a9f8ac7d69b22a42c

Vertical Password Guessing Attacks Part I

January 20, 2014 Added by:Vince Kornacki

In this article we'll test our web application with vertical password guessing attacks. Whereas horizontal password guessing attacks entail trying only a few common passwords against a long list of usernames, vertical password guessing attacks entail trying a long list of passwords against a single username.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Dealing With Unrealistic Security Expectations from the Executive Office

January 18, 2014 Added by:Tripwire Inc

So, your CEO keeps hassling you about a “real” plan for securing the company’s technology. You have a plan, telling him “we have done a, b, c and we are going to do d,e,f next month – if you don’t cut our budget.” But he keeps asking for a “real” plan, otherwise he will cut the budget...

Comments  (0)

A7bef9a8e31d3aa29e48f1a06ac84da1

Are the New gTLDs a Threat to Your Network?

January 13, 2014 Added by:Allan Liska

On October 23rd the Internet Corporation for Assigned Names and Numbers (ICANN) announced the roll out of the first 4 gTLDS under its New gTLD Program. The new domains could pose a potential security threat to your organization.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »