Security Management

Ebb72d4bfba370aecb29bc7519c9dac2

Now That We Have All That Data What Do We Do, Revisited

March 11, 2015 Added by:Anton Chuvakin

We have SO much security data, how do we make sense of it?

Comments  (0)

B8db824b8b275afb1f4160f03cd3f733

Software Stockholm Syndrome

March 10, 2015 Added by:Jack Daniel

I don’t have a cure for Software Stockholm Syndrome, but as with many problems awareness is the first step to recovery.

Comments  (4)

00952df30217238f014249cc730f600d

GoDaddy is Just One of the Dominoes That Doesn't Have to Fall

March 10, 2015 Added by:Yair Grindlinger

Cloud security is the responsibility of the enterprise.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Cyber Insurance: Managing the Risk

March 09, 2015 Added by:Tripwire Inc

Cyber insurance is a hot topic of many debates today. It is believed to be the long-awaited cure for high-impact security risks, especially in light of constantly evolving privacy legislation and disclosure obligations – but what actually is it?

Comments  (5)

201d6e4b7cd0350a1a9ef6e856e28341

Observations From Advisen Cyber Risk Conference March 3rd in San Francisco

March 09, 2015 Added by:Joe Weiss

The Conference was focused on data breach with heavy emphasis on recent large data breaches such as Anthem, Sony, Target, etc.

Comments  (4)

6d117b57d55f63febe392e40a478011f

Resource Scarcity Plaguing Security Programs

March 05, 2015 Added by:Anthony M. Freed

A new study reveals that two-thirds of IT leaders across a broad range of industry verticals believe they lack the resources required to support a robust security program in the face of escalating security threats.

Comments  (10)

Bd07d58f0d31d48d3764821d109bf165

The ‘ABC’ of the ‘APT’

March 05, 2015 Added by:Tripwire Inc

The term APT (Advanced Persistent Threat), like many other acronyms in the world of IT/Information/Cyber Security entered our vocabulary some years ago, along with other partnering phrases, such as Advanced Evasion Techniques (AET), which at the time took the headlines as something new.

Comments  (5)

7ddc1f3000a13e4dfec28074e9e7b658

EFF Joins Civil Society and Computer Security Experts to Call for Rejection of Flawed Cybersecurity Legislation

March 05, 2015 Added by:Electronic Frontier Foundation

EFF has joined 26 civil society organizations and 22 computer security experts in a letter that calls on the Senate Select Committee on Intelligence to reject the Cybersecurity Information Sharing Act of 2015 (CISA).

Comments  (6)

Bd07d58f0d31d48d3764821d109bf165

Is Compliance Bad for Security?

March 04, 2015 Added by:Tripwire Inc

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true.

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

The Malicious Insider

March 03, 2015 Added by:Tripwire Inc

Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

What is a Level 3 Merchant?

March 02, 2015 Added by:PCI Guru

This consistently keeps coming up as an issue because of the confusing definitions on the Visa, MasterCard and Discover Web sites.

Comments  (3)

Ebb72d4bfba370aecb29bc7519c9dac2

SIEM/DLP Add-on Brain?

March 02, 2015 Added by:Anton Chuvakin

The good news is that we now a decent number of vendors that offer, essentially, an add-on brain for your SIEM. Some can also add a brain to your DLP, since it turned out that DLP is pretty brainless as well…

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

Control System Cyber Security and the Insurance Industry

February 26, 2015 Added by:Joe Weiss

I have felt that the insurance companies can be a major player in driving the need to adequately secure control systems.

Comments  (7)

6d117b57d55f63febe392e40a478011f

FFIEC Adds Cyber-Resilience to Business Continuity Guidelines

February 25, 2015 Added by:Anthony M. Freed

The Federal Financial Institutions Examination Council (FFIEC) has issued revised Business Continuity Planning (BCP) guidelines for the financial services sector

Comments  (8)

Fc152e73692bc3c934d248f639d9e963

Incidental Contact

February 23, 2015 Added by:PCI Guru

I have had a number of questions recently regarding how to deal with the occasional customer that sends cardholder data (CHD) or sensitive authentication data (SAD) to the merchant via email or instant messaging in blatant disregard to security.

Comments  (4)

65be44ae7088566069cc3bef454174a7

Perceptive Privacy Protectors Push for IoT Privacy Protections

February 23, 2015 Added by:Rebecca Herold

The costs of implementing security safeguards and privacy controls are significantly less than the costs, and damage to individuals’ lives, of cleaning up and paying all the associated money and time for security incidents and privacy breaches.

Comments  (3)

Page « < 3 - 4 - 5 - 6 - 7 > »