Security Management


Vehicle VPNs, Part One: The ‘Connected Car’

October 28, 2013 Added by:Patrick Oliver Graf

Remember, anything that is connected to the Internet is a potential target for hackers and cyber criminals. If they’ll hack your smartphone, tablet or laptop computer, who is to say they won’t try to do the same to your car?

Comments  (1)


A Renaissance in the Manufacturing and Industrial Sectors

October 24, 2013 Added by:Rafal Los

After what appears to be decades of systematically ignoring security challenges, the recent climate of breaches seems to have shaken something loose. Purse strings have loosened. Boards have begun to ask security questions when they have never done so before. And most of all, I'm seeing several organizations formally hiring CISOs and giving them both accountability and control over the security fu...

Comments  (0)


Developing a Comprehensive Remote Access Security Framework: Identities and Roles

October 22, 2013 Added by:Patrick Oliver Graf

Every enterprise should consider implementing a comprehensive remote access security framework in light of increased workplace mobility and the BYOD trend.

Comments  (0)


Social Threats of Greatest Risk Concern for Executives

October 22, 2013 Added by:Vince Schiavone

As the “social age,” “mobile age” and “consumer age” converge, enterprise risk is experiencing a evolutionary shift due to the array of complex emerging threats that are challenging corporations on various levels. With billions upon billions of daily social discussions from consumers, influencers, competitors, activists, journalists and regulators, an entirely new social dimension of r...

Comments  (0)


Can Software Security Requirements Yield Faster Time to Market?

October 17, 2013 Added by:Rohit Sethi

Addressing security requirements while building software is substantially faster than fixing security vulnerabilities later, and since so many organizations end up mandating fixing security defects, preventing those defects up-front yields faster time-to-market.

Comments  (0)


Encrypting Data At Rest Or In The Cloud: Is It Value Adding?

October 16, 2013 Added by:Hani Banayoti

Consider encryption at rest but make informed decisions about its value and protection afforded.

Comments  (2)


Security As Risk Management

October 15, 2013 Added by:Robb Reck

The implementation of a risk management focused information security program not only increases the security of the organization, it increases the collaboration between security and other technical stakeholders, frees up security to do what it does best (instead of making business decisions) and improves the organization’s risk awareness.

Comments  (2)


How Can you Expose Targeted Attacks and Combat APTs?

October 10, 2013 Added by:Michelle Drolet

Cybercriminals are employing more sophisticated techniques all the time and far too many companies and organizations still don’t have the protection they really need to safeguard their systems. The prevalence of targeted attacks and advanced persistent threats (APTs) is disturbing.

Comments  (0)


Industry's First Social Risk Guide Released

October 03, 2013 Added by:Vince Schiavone

To help executives understand and address the growing dangers of social risks threatening their revenue and reputation, I assembled a consortium of academic and commercial experts spanning social intelligence, enterprise risk, digital privacy, communications and security to write the industry’s first comprehensive handbook on the topic.

Comments  (2)


What to Expect When You're NOT Expecting: 7 Steps of a Professional Forensic Investigator

October 02, 2013 Added by:Stephen Marchewitz

A brief understanding of the process, time and overall cost of a Card Holder Data. All information contained in this article is for the purposes of awareness and education. If you have experienced a breach, contact a PFI company immediately.

Comments  (0)


Gone in 60 Months or Less

September 26, 2013 Added by:Gavin Hill

Cyber-attacks continue to advance in complexity and speed and increasingly target the keys and certificates used to establish trust—from the data center to the cloud. With the advances in technology, is a 60-month, or even a 39-month, validity period for certificates short enough to reduce risk?

Comments  (0)


Leaked Data and Credentials: Cracked Web Applications

September 25, 2013 Added by:InfoSec Institute

Changing the code behind existing web applications is a time-intensive but effective way for hackers to harvest authentication credentials and data. However, you can detect and defend against these types of attacks by using the right mix of file integrity check utilities, antivirus software, and change control policy.

Comments  (0)


Enterprise Social Risk Needs a C-Suite Champion

September 19, 2013 Added by:Vince Schiavone

As the threats emerging from social media expand in type, frequency and complexity, the proverbial heads of many corporations are spinning as nearly every office across the C-suite experiences serious repercussions from these growing risks.

Comments  (3)


Why Remediating Assessment Results Might be Harmful to Your Business

September 11, 2013 Added by:Rohit Sethi

Let’s say you’ve just had a pen test or security scan performed on your application. You review the list of findings and get to work on remediation. Apart from obvious shortcomings of any individual single assessment technique, you may also be doing a disservice to meeting your business goals.

Comments  (0)


The Ethics of Monitoring Your Employees

September 03, 2013 Added by:Edwin Covert

As the GAO report makes clear, organizations are well within their legal rights to monitor employee activity online when using organization information technology resources.

Comments  (1)


The Three Patterns of Software Development for SDLC Security

August 30, 2013 Added by:Rohit Sethi

A one-sized fits all approach to Software Development Life Cycle (SDLC) security doesn’t work. Practitioners often find that development teams all have different processes – many seem they are special snowflakes, rejecting a single SDLC security program.

Comments  (4)

Page « < 3 - 4 - 5 - 6 - 7 > »