Zero-Day Export Regulation Proposal Released for Public Comment

June 01, 2015 Added by:Anthony M. Freed

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has released the proposal for regulatory control of the export of malware and zero-day exploits for a sixty-day public comment period, and the reaction from the security community and other interested parties is already definitively negative.

Comments  (0)


Take Control of the Unsupervised BYOD Party

May 28, 2015 Added by:Michael Kienzle

Is your company’s BYOD (Bring Your Own Device) policy leaving your IT team feeling a bit uneasy? If so, perhaps it’s time for a CYOD or Choose Your Own Device policy.

Comments  (0)


New Global Initiative Aims at Securing Smart Cities

May 28, 2015 Added by:Eduard Kovacs

Security researchers, companies and organizations have joined forces in a new non-profit global initiative whose goal is to secure smart cities.

Comments  (0)


Threat Intelligence Sharing Valued, But Many Not Doing it: Survey

May 27, 2015 Added by:Brian Prince

Enterprises may largely agree that threat intelligence is important, but few are doing any actual sharing themselves, according to a new survey.

Comments  (0)


Sign of the Times: Verizon Breach Report Tracks New Category

May 27, 2015 Added by:Peter Zavlaris

This year’s Verizon Data Breach Investigations Report (VDBIR) added a new category to its VERIS (Vocabulary for Event Recording and Incident Sharing) to track attacks with “secondary” motives.

Comments  (0)


Why Outsourcing Remote Access Management Isn't The Answer For SMBs

May 27, 2015 Added by:Patrick Oliver Graf

So, should network administrators consider tapping into MSPs for network security in our current environment? The core issue is a common one in network security – convenience vs. security.

Comments  (0)


Threat Intelligence: Knowledge is Power

May 26, 2015 Added by:Lisa Huff

Organizations have made massive investment in a variety of security solutions over the years. It is important to understand what investments that have made in security technologies in order to understand the success and possible challenges that they face.

Comments  (0)


SSL and TLS Update

May 26, 2015 Added by:PCI Guru

The answer to SSL and TLS vulnerabilities are to remediate as soon as possible. If you are unable to remediate, then you need to mitigate the risk until you can remediate.

Comments  (0)


Cloud Security Monitoring … Revisited (aka It Is Not 2012 Anymore!)

May 26, 2015 Added by:Anton Chuvakin

My next project, now that I am done with security analytics for now, is to revisit our cloud security monitoring work.

Comments  (0)


Microsoft and the Software Lifecycle

May 25, 2015 Added by:Tripwire Inc

For some reason, Europe’s ‘The Final Countdown’ was playing in my head as I sat and pondered this write-up. I suppose that’s fitting given that we are about to cross the 60-day mark until Windows Server 2003 goes End-of-Life.

Comments  (0)


Should MAD Make its Way Into the National Cyber-Security Strategy?

May 25, 2015 Added by:Brent Huston

Arguably, Mutually Assured Destruction (MAD) has kept us safe from nuclear holocaust for more than half a century. Although we have been on the brink of nuclear war more than once and the Doomsday clock currently has us at three minutes ‘til midnight, nobody ever seems ready to actually push the button – and there have been some shaky fingers indeed on those buttons!

Comments  (0)


Will Your Contractors Take Down Your Business?

May 25, 2015 Added by:Rebecca Herold

Do you know how well your vendors, business associates, contracted third parties (who I will collectively call “contractors”) are protecting the information with which you’ve entrusted them to perform some sort of business activity? You need to know.

Comments  (0)


Microsoft Patching: Don’t Forget to Read the Fine Print

May 21, 2015 Added by:Tripwire Inc

During my career, I have built and managed hundreds of production-level client and server systems, and nothing can be more worrisome than when it comes time to apply patches and upgrades to software. Why? Because things can, and often times, do go wrong during patch and upgrade cycles.

Comments  (0)


The Top 10 Highest Paying Jobs in Information Security – Part 1

May 13, 2015 Added by:Tripwire Inc

Given the evolving threat landscape, it is no surprise that the field of information security is booming. A report issued by Burning Glass Technologies reveals that job postings across the industry have grown 74 percent between 2007 and 2013—twice the rate of all other IT jobs.

Comments  (0)


Organizations Must Consider Privacy Harms

May 13, 2015 Added by:Rebecca Herold

Addressing privacy requires privacy harms consideration in addition to identifying security and privacy risks.

Comments  (0)


New PCI DSS Changes are Around the Corner

May 12, 2015 Added by:Don Brooks

The latest payment card industry data security standard, a set of requirements designed to help businesses better secure their customers’ payment card information, took effect January 1, 2015, however some of the changes become mandatory at the end of next month.

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »