March 14, 2014 Added by:Wayde York
The press has come out with the fact that Target received a warning about malware and hacking before 40 million credit cards were compromised. While we should not string up the security analysts at Target, we may have to spank their managers.
March 13, 2014 Added by:Pete Herzog
Unbalanced security is when your security increases your attack surface. And it’s normal.
March 11, 2014 Added by:Rafal Los
Let’s face it: The industry has a ‘box problem.’ And everyone will sell you a solution to what ails you.
March 03, 2014 Added by:Joe Weiss
There has been no mad rush for cyber insurance as the focus has been NERC CIP and compliance not security.
February 27, 2014 Added by:Simon Moffatt
The internal 'trusted' network no longer exists. Employees often pose the biggest threat to information assets, even though they are trusted with legitimate accounts on protected internal machines. Zero Trust is a recent security approach that looks to move away from network segmentation and focus more on data and resources and who can access them, when and from where.
RSA's Art Coviello Calls for Increased International Cooperation and Governance Among Nations and Security Industry
February 25, 2014 Added by:InfosecIsland News
Art Coviello delivered his opening keynote to a record crowd at RSA Conference 2014, calling for international government and industry cooperation on major issues including cyber war, surveillance, privacy and trust on the Internet.
February 19, 2014 Added by:Anton Chuvakin
One of the key uses for threat intelligence (TI) data is making better threat intelligence data out of it.
February 06, 2014 Added by:Stephen Marchewitz
According to Ponemon estimates (PDF), the breach will cost Target over $2 Billion dollars. Will Target's CFO get fired? He probably couldn’t spell security before the incident, but had to testify before congress about what they’re going to do…talk about your crash courses.
February 04, 2014 Added by:Rafal Los
Demonstrating the effectiveness of a security program isn't about cherry-picking the right data sets, in the right time-frames to show how fantastic we are doing and patting ourselves on the back.
February 03, 2014 Added by:Brent Huston
When serious problems strike the complacent and unprepared, the result is inevitably shock followed by panic. And hindsight teaches us that decisions made during such agitated states are almost always the wrong ones. This is true on the institutional level as well.
January 28, 2014 Added by:Patrick Oliver Graf
The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible.
January 27, 2014 Added by:Robb Reck
There is a natural tendency to lump security and compliance together. Intuitively it just makes sense right? The biggest compliance frameworks like PCI, GLBA, SOX and HIPAA are all looking to ensure that our security is up to snuff. In fact, if we do security right, compliance should come naturally, with very little additional technical work.
Stopping Remote Access Breaches with “Hone... Pakhi Chopra on 04-24-2014
Interoperability: A Much Needed Cloud Comput... ryan mccarthy on 04-23-2014
Update 3: Hackers May Leak Norton Antivirus ... john flynn on 04-23-2014