Items Tagged with "Enterprise Security"


4c1c5119b03285e3f64bd83a8f9dfeec

CloudSigma and the Perils of Choice

November 06, 2012 Added by:Ben Kepes

As we move to broader scale cloud adoption, one would be excused for assuming that we’d reached a point where the definition of what constitutes IaaS is set in stone – true different vendors package up their virtual servers with different specs, but IaaS is, to a greater or lesser extent, a fixed concept...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Companies Must Consider Travel Providers’ Data Practices or Risk Being Harmed

November 04, 2012 Added by:David Navetta

A company responsible for handling billing and settlement for the International Air Transport Association (IATA) has been selling flight booking information about corporate travelers — on a travel agency level — to airlines, hotels and others...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Third Party Application Analysis: Best Practices and Lessons Learned

November 02, 2012 Added by:Fergal Glynn

Communication and execution are crucial to successful third party analyses. A huge contributing factor for these best practices is project management. Project management activities such as status meetings, enterprise follow-ups, and open discussions will facilitate the analysis process...

Comments  (0)

1de705dde1cf97450678321cd77853d9

The Search for Infosec Minds

November 01, 2012 Added by:Ian Tibble

Since the early 2000s, I have commented in different forms on the state of play, with a large degree of cynicism, which was greeted with cold reservation, smirks, grunts, and various other types of un-voiced displeasure, up to around 2009 or so. But since at least 2010, how things have changed...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

Cloud Confusion is Considerable

October 28, 2012 Added by:Bill Gerneglia

If you are the CIO of your organization and you spent the last decade locking down your data center hardware, patching your OSs, developing a disaster recovery plan, and securing your applications are you really in a rush to move the operation and applications to the cloud?

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

CISO Concerns: Security vs. Usability, Affordability

October 25, 2012 Added by:Rafal Los

Recently in New York city we hosted a CISO-level event where we discussed various issues experienced during the life of an enterprise security program. CISOs brought up various topics from budgeting to being overwhelmed with constantly evolving threats - but one in particular caught my attention...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Your Next Critical Security Project May Not Be What You Think

October 23, 2012 Added by:Rafal Los

If we're honest with ourselves, we can look around the organization and find several projects that even though they are implementation-complete, are hardly "complete" as they sit. Too often after a catastrophic failure, or security incident we're pre-disposed to making hasty purchases to effectively stop the bleeding...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Have You Added Personas to your Incident Response Program?

October 23, 2012 Added by:Tripwire Inc

For any activity you do, it’s important not just to measure how well the organization did in a stress test situation, but to evaluate where your opportunities for improvement are. In my experience, personas are a great way to communicate a rich context very quickly once they are introduced...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

BYOD or Rogue IT?

October 22, 2012 Added by:Bill Gerneglia

Rogue IT is the name given to the informal, ad hoc software and electronic devices brought by employees into their workplace. If IT managers are warming up to and in fact embracing BYOD are they as accepting of Rogue IT in the office? Is Rogue IT simply an extension of BYOD?

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Enterprise Resilience: Healthcare Edition (Part 1: Challenges)

October 21, 2012 Added by:Rafal Los

Organizations that make up the small to medium enterprise market are finding themselves in trouble as they are appearing on a lot of radar screens for attack, yet can't seem to find the resources they need to defend themselves adequately. Lots of challenges present around that point, to start off with...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Employers Must Consider Social Media Risks

October 17, 2012 Added by:David Navetta

One should assume that any information purportedly protected by privacy settings could still be viewed by strangers. And t is difficult to authenticate “friends” on a social network – they may be impersonators looking to scrape sensitive information from the ”private” online posts...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

James Bond at 50 – A Compliance Conversation in English and American

October 15, 2012 Added by:Thomas Fox

Maybe it’s just the difference in the two cultures; in the UK, they are trying figure out how and why compliance failures occurred and change the compliance culture so they can obey the law. In the US, businesses want to change the law so the conduct companies engage in will no longer violate the law...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Popularizing the Lone (Security) Wolf

October 14, 2012 Added by:Tripwire Inc

It’s interesting to me that as a security industry (a subset of the larger computer industry), we talk at our conferences about how stress and burnout come from always being on the front line, feeling isolated, unable to relax; and we draw parallels to how strange our industry is in this way...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Brittle Systems - Unmasking Enterprise Security's Quiet Danger

October 13, 2012 Added by:Rafal Los

Besides all the obvious security vulnerabilities in your enterprise there is an even bigger problem lurking just below the water. At that intersection between critical system and security vulnerability is something many IT professionals acknowledge as the big pink elephant in the room - the "brittle system"...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

CISO Lessons Learned

October 11, 2012 Added by:Tripwire Inc

The lessons they learn are not just from traditional infosec forensics – they also look at other parts of the business who contributed to the issue, were impacted by the incidents, or who were involved in response – and their learnings can include virtually any aspect of the chain of event...

Comments  (0)

1de705dde1cf97450678321cd77853d9

Somewhere Over The Rainbow – A Story About A Global Ubiquitous Record of All Things Incident

October 10, 2012 Added by:Ian Tibble

Most businesses don’t even know they were hacked until a botnet command and control box is owned by some supposed good guys somewhere, but all talk of security is null and void if we acknowledge reality here. So let’s not talk reality...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »