Security Management

Bd07d58f0d31d48d3764821d109bf165

The ‘ABC’ of the ‘APT’

March 05, 2015 Added by:Tripwire Inc

The term APT (Advanced Persistent Threat), like many other acronyms in the world of IT/Information/Cyber Security entered our vocabulary some years ago, along with other partnering phrases, such as Advanced Evasion Techniques (AET), which at the time took the headlines as something new.

Comments  (5)

7ddc1f3000a13e4dfec28074e9e7b658

EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation

March 05, 2015 Added by:Electronic Frontier Foundation

EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).

Comments  (6)

Bd07d58f0d31d48d3764821d109bf165

Is Compliance Bad for Security?

March 04, 2015 Added by:Tripwire Inc

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true.

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

The Malicious Insider

March 03, 2015 Added by:Tripwire Inc

Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

What is a Level 3 Merchant?

March 02, 2015 Added by:PCI Guru

This consistently keeps coming up as an issue because of the confusing definitions on the Visa, MasterCard and Discover Web sites.

Comments  (3)

Ebb72d4bfba370aecb29bc7519c9dac2

SIEM/DLP Add-on Brain?

March 02, 2015 Added by:Anton Chuvakin

The good news is that we now a decent number of vendors that offer, essentially, an add-on brain for your SIEM. Some can also add a brain to your DLP, since it turned out that DLP is pretty brainless as well…

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

Control System Cyber Security and the Insurance Industry

February 26, 2015 Added by:Joe Weiss

I have felt that the insurance companies can be a major player in driving the need to adequately secure control systems.

Comments  (7)

6d117b57d55f63febe392e40a478011f

FFIEC Adds Cyber-Resilience to Business Continuity Guidelines

February 25, 2015 Added by:Anthony M. Freed

The Federal Financial Institutions Examination Council (FFIEC) has issued revised Business Continuity Planning (BCP) guidelines for the financial services sector

Comments  (8)

Fc152e73692bc3c934d248f639d9e963

Incidental Contact

February 23, 2015 Added by:PCI Guru

I have had a number of questions recently regarding how to deal with the occasional customer that sends cardholder data (CHD) or sensitive authentication data (SAD) to the merchant via email or instant messaging in blatant disregard to security.

Comments  (4)

65be44ae7088566069cc3bef454174a7

Perceptive Privacy Protectors Push for IoT Privacy Protections

February 23, 2015 Added by:Rebecca Herold

The costs of implementing security safeguards and privacy controls are significantly less than the costs, and damage to individuals’ lives, of cleaning up and paying all the associated money and time for security incidents and privacy breaches.

Comments  (3)

8c6609017eb196817ebf7bb4af7e52b0

5 Key Security Capabilities Enterprises Need to Survive the Era of the Hack

February 23, 2015 Added by:Alan Cohen

If enterprises want to counter cyberthreats, they need to both invest in APT and anti-malware technologies and improve their overall security posture.

Comments  (7)

979f414890697f63dd65387a37a77977

Why Harmonizing Cloud Security Standards will Accelerate Cloud Adoption

February 20, 2015 Added by:Evelyn De Souza

As the public cloud becomes mission-critical, business and government applications, many standards bodies and government entities worldwide are issuing stronger security guidance and new standards.

Comments  (8)

Fb8b25d02a3d508548a993c59946c1e6

SIGINT and Cyber Intelligence

February 19, 2015 Added by:Scott Fitzpatrick

It’s fascinating to watch the political climate being held sway with what are identified as “cyber terrorism” and “cyber war.” But it’s not the first time the Department of Defense has had to come to grips with a polemic decision that would require reengineering their entire fiscal architecture.

Comments  (5)

201d6e4b7cd0350a1a9ef6e856e28341

Another ICS Cyber Incident With a Fatality

February 18, 2015 Added by:Joe Weiss

Just like the SCADA system affected during the 2003 Northeast Outage had known software issues, DC Metro was aware its computers and fan ventilation systems for dealing with smoke in tunnels needed to be modernized.

Comments  (4)

8c9639c5e1594aa583549790333cd451

The Year of Threat Intelligence Sharing: Bringing Structure to the Chaos of Big Security Data

February 18, 2015 Added by:Robert McNutt

While no one has a crystal ball to peer in and see what 2015’s landscape will look like, one thing is for sure: hackers are becoming more sophisticated and in order to stave off data breaches, we need to be aggregating and sharing information.

Comments  (3)

0ead717779244d9aab5c1699308850d2

Many IT Pros Ignore Security Policy in Order to Do Their Jobs: Survey

February 17, 2015 Added by:Brian Prince

According to a survey of 1,000 consumers by ResearchNow, a third of the IT professionals and administrators said they had downloaded an application they were not authorized to use on a corporate device in order to do their job.

Comments  (11)

Page « < 2 - 3 - 4 - 5 - 6 > »