July 31, 2013 Added by:InfosecIsland News
Austin-based Wisegate has released a report that provides top 10 tips from leading CISOs to help IT professionals manage security vendors.
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
July 24, 2013 Added by:Anthony M. Freed
In this panel discussion industry experts investigate the possible sources and application of the knowledge needed to secure critical infrastructure
July 11, 2013 Added by:Jan Valcke
Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.
July 10, 2013 Added by:InfosecIsland News
With APTs leveraging these weaknesses, it’s critical to have visibility and control of enterprise key and certificate inventories. Cyber criminals understand that the easy targets are those organizations that have little visibility into their threat surface and cannot respond quickly. We need to gain control over trust; we need to plug the gap related to key & certificate-based exploits. (Re...
NSS Labs' Defense In Depth Testing Reveals Weaknesses In Traditional Layered IT Security Strategies; No Clear And Present Winners
July 10, 2013 Added by:Joe Franscella
At the end of May, NSS Labs released its Correlation of Detection Failures report. In an accompanying news release, Are Security Professionals Overconfident in “Defense in Depth?”, the company said it was the culmination of a comprehensive in-lab test revealing that popular layered technology combinations are failing to protect organizations against exploits.
July 05, 2013 Added by:Chris Blask
As we consider the construction of national and global situational awareness systems to secure our manifestly complex infrastructure we run into a range of hurdles. How do we get huge amounts of data from millions of facilities? How do we keep these vast pools of knowledge from becoming an Achilles' Heel that attackers leverage to bring down everything at once?
June 28, 2013 Added by:Edwin Covert
Organizations face a new threat to their information systems and intellectual property: advanced persistent threats, or APT. In order to detect and mitigate these attacks, organizations must develop a cyber-security capability that allows them to defend themselves.
June 26, 2013 Added by:Rafal Los
Imagine if you woke up tomorrow morning and it was conclusively proven that the layered onion model was proven to fail in several circumstances commonly deployed and used in today’s enterprise. That would sure explain much of the failure we’ve seen across enterprise breaches, wouldn’t it?
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
June 19, 2013 Added by:Simon Moffatt
RESTful architectures have been the general buzz of websites for the last few years. The simplicity, scalability and statelessness of this approach to client-server communications has been adopted by many of the top social sites such as Twitter and Facebook. Why? Well, in their specific cases, developer adoption is a huge priority.
June 14, 2013 Added by:Vinod Mohan
Given the expanding threat landscape for the SMB and the increased demand for affordable IT security tools, here are five valuable tips for IT pros that help shed light on managing enterprise security on a budget.
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
May 16, 2013 Added by:Anthony M. Freed
The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.
May 09, 2013 Added by:Michael Fornal
A security check list is a list of security controls that a vendor or application must meet. These controls can range from how storage back up is to be done, to password complexity requirements. Having a checklist can help you in deciding if the application or vendor conforms to your company’s security requirements.
May 07, 2013 Added by:Jarno Limnéll
In reality, a well-prepared cyber attack does not need to last for 15 minutes to succeed. After preparations it takes only seconds to conduct the attack which may hit targets next door as well as those on the other side of the world.
Stopping Remote Access Breaches with “Hone... Pakhi Chopra on 04-24-2014
Interoperability: A Much Needed Cloud Comput... ryan mccarthy on 04-23-2014
Update 3: Hackers May Leak Norton Antivirus ... john flynn on 04-23-2014