December 04, 2013 Added by:Rohit Sethi
My colleague, Andre Harricharran, security consultant with Security Compass, offers a closer look at the mobile application assessment process and requirements, and what organizations should consider when procuring this type of service
December 02, 2013 Added by:Rohit Sethi
Ponemon Institute and Security Innovation recently made public the results of a research study they did to get an idea of the state of application security across organizations.
November 19, 2013 Added by:Rohit Sethi
An information security training program is crucial for ensuring and maintaining a good security posture; in order to effectively manage this program you have to be able to measure it. This article introduces a concept recommended by NIST in their Special Publication 800-16, for evaluating training effectiveness.
November 18, 2013 Added by:Vince Schiavone
To achieve advance warning of risks and threats, corporations now require social intelligence as the backbone of their crisis management strategy. This is no different than the way military or intelligence organizations operate – knowledge is power and propagates effective response.
November 14, 2013 Added by:Cam Roberson
One of the major issues discussed in the wake of the National Security Agency leak involving Edward Snowden was how the government can prevent a similar leak from happening in the future. This article looks at several specific measures that can strengthen data security, making it more difficult for bad actors to break into the system, and tougher for them to make off with sensitive information onc...
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
November 12, 2013 Added by:Rohit Sethi
Businesses often ask for guidance on whether they need to do a manual penetration test for a specific application or if automated testing suffices. Here I try to briefly describe some of the advantages and disadvantages of each method and explain our preferred approach.
November 11, 2013 Added by:Jason Clark
I’m extremely excited to announce that I’ve embarked on the next phase of my professional journey. I’ve joined Accuvant in the newly created position of Chief Security and Strategy Officer, working alongside some of the most talented security professionals in the world to innovate and develop strategic solutions that solve the specific security problems organizations of all sizes face today.
November 04, 2013 Added by:Jochem Binst
The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.
October 28, 2013 Added by:Patrick Oliver Graf
Remember, anything that is connected to the Internet is a potential target for hackers and cyber criminals. If they’ll hack your smartphone, tablet or laptop computer, who is to say they won’t try to do the same to your car?
October 24, 2013 Added by:Rafal Los
After what appears to be decades of systematically ignoring security challenges, the recent climate of breaches seems to have shaken something loose. Purse strings have loosened. Boards have begun to ask security questions when they have never done so before. And most of all, I'm seeing several organizations formally hiring CISOs and giving them both accountability and control over the security fu...
October 22, 2013 Added by:Vince Schiavone
As the “social age,” “mobile age” and “consumer age” converge, enterprise risk is experiencing a evolutionary shift due to the array of complex emerging threats that are challenging corporations on various levels. With billions upon billions of daily social discussions from consumers, influencers, competitors, activists, journalists and regulators, an entirely new social dimension of r...
October 16, 2013 Added by:Hani Banayoti
Consider encryption at rest but make informed decisions about its value and protection afforded.
October 10, 2013 Added by:Michelle Drolet
Cybercriminals are employing more sophisticated techniques all the time and far too many companies and organizations still don’t have the protection they really need to safeguard their systems. The prevalence of targeted attacks and advanced persistent threats (APTs) is disturbing.
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013
Projectile Dysfunction... ryan mccarthy on 12-01-2013
Mobile Security: Tips for Using Personal Dev... Shah Alam on 11-30-2013