Blog Posts Tagged with "Security Strategies"


New Opportunities for Cyber Espionage and Cyber Crime

March 08, 2012 Added by:Pierluigi Paganini

Computer fraud, phishing, and malware development designed to steal sensitive information from users, the use of advanced persistent threats, ramsonware, and cyber espionage are all activities united by the intent to profit from the improper use of technology...

Comments  (0)


A Situational Problem Requires a Situational Solution

March 07, 2012 Added by:John Linkous

There is no one type of cyber or insider attack, each is deliberately designed by the perpetrator to use an infrastructure against its owner and to enable the attacker to get as quickly as possible to the intended target and get out again undetected...

Comments  (0)


The Cyber Arms Race: Casting Shadows on the Future

March 01, 2012 Added by:Pierluigi Paganini

We are confronted with a new arms race for cyber weapons, and as governments around the world compete for innovation, a cultural revolution is occurring in nations which have been considered minor, and which are now nearly on par superpowers like the U.S. and China...

Comments  (0)


RSA Conference 2012: Day One Highlights

February 28, 2012 Added by:Robb Reck

The biggest key to the success of any security program is achieving goal congruence with the organization. Every security objective should directly support the overall objectives of the company. Security must figure out how our projects contribute to the organization’s success...

Comments  (0)


Continuous Patching: Is it Viable in the Enterprise?

February 28, 2012 Added by:Rafal Los

The way patching works right now on all different levels I'm surprised anything works because we have operating system patches going in with application patches - and we're all just a heartbeat away from catastrophe. Maybe more continuous patching can be our savior...

Comments  (2)


Abandon FUD, Scare Tactics and Marketing Hype

February 25, 2012 Added by:Rafal Los

Perhaps it is security professionals' diminished tolerance for FUD, or perhaps there is a collective awakening to the bigger picture, or it was just time for the chickens to come to roost. No matter, this drastic anti-FUD backlash is strong and I for one say it's about time...

Comments  (2)


Encryption: A Buzzword, Not a Silver Bullet

February 16, 2012 Added by:Danny Lieberman

Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...

Comments  (0)


The Dangers of Non-Contextual Pattern Matching

February 15, 2012 Added by:Rafal Los

Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...

Comments  (0)


Build Your Security Portfolio Around Attack Scenarios

February 14, 2012 Added by:Danny Lieberman

In the current environment of rapidly evolving types of attacks - hacktivisim, nation-state attacks, credit card attacks mounted by organized crime, script kiddies, competitors and malicious insiders and more - it is essential that IT and security communicate effectively...

Comments  (1)


Incident Response and Risk Management Go Hand in Hand

February 12, 2012 Added by:Neira Jones

Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...

Comments  (2)


Data at Rest: Dormant But Dangerous

February 10, 2012 Added by:Simon Heron

Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...

Comments  (0)


Insecure At Any Speed

February 09, 2012 Added by:Wendy Nather

Security is an afterthought, and a bad one at that. As long as it remains separate from the systems it's supposed to protect, instead of an attribute, and requires users to maintain an abnormal level of awareness, security is going to continue to be as bad as it is today...

Comments  (0)


Straight Talk about Compliance from a Security Viewpoint

February 09, 2012 Added by:Rafal Los

Odds are, you can usually close out multiple compliance requirements across multiple requirements regulations by doing something singular in a security program. Performing software security audits during various phases of your SDLC solves many compliance requirements...

Comments  (0)


Difference Between Recovery Time and Recovery Point Objectives

February 08, 2012 Added by:Dejan Kosutic

What do RTO and RPO have in common? They are both crucial for business impact analysis and for business continuity management. Without determining them properly, you would be just guessing – and guessing is the best way to ensure you never recover from a disaster...

Comments  (0)


Data Privacy: Oxymoron, Wishful Thinking, or Strategic Goal?

February 03, 2012 Added by:Brian Dean

Consumers are desensitized to breaches, as evidenced by the meager rate of consumers applying for free credit monitoring services after a company breach. If you analyze the data that was breached, sometimes you have to ask, “Why are they even collecting all of that data?”

Comments  (0)


US Air Force Solicits Cutting Edge Cyber Technologies

January 18, 2012 Added by:Headlines

"The Air Force is seeking information on revolutionary hardware and software cyber technology and systems as well as innovative Tactics, Techniques, and Procedures (TTP) that will support, augment and in some cases extend mission range and scope..."

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »
Most Liked