Blog Posts Tagged with "Security Strategies"

03b2ceb73723f8b53cd533e4fba898ee

New Opportunities for Cyber Espionage and Cyber Crime

March 08, 2012 Added by:Pierluigi Paganini

Computer fraud, phishing, and malware development designed to steal sensitive information from users, the use of advanced persistent threats, ramsonware, and cyber espionage are all activities united by the intent to profit from the improper use of technology...

Comments  (0)

39728eff8ac87a48cfb050f0df29ceaa

A Situational Problem Requires a Situational Solution

March 07, 2012 Added by:John Linkous

There is no one type of cyber or insider attack, each is deliberately designed by the perpetrator to use an infrastructure against its owner and to enable the attacker to get as quickly as possible to the intended target and get out again undetected...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

The Cyber Arms Race: Casting Shadows on the Future

March 01, 2012 Added by:Pierluigi Paganini

We are confronted with a new arms race for cyber weapons, and as governments around the world compete for innovation, a cultural revolution is occurring in nations which have been considered minor, and which are now nearly on par superpowers like the U.S. and China...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

RSA Conference 2012: Day One Highlights

February 28, 2012 Added by:Robb Reck

The biggest key to the success of any security program is achieving goal congruence with the organization. Every security objective should directly support the overall objectives of the company. Security must figure out how our projects contribute to the organization’s success...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Continuous Patching: Is it Viable in the Enterprise?

February 28, 2012 Added by:Rafal Los

The way patching works right now on all different levels I'm surprised anything works because we have operating system patches going in with application patches - and we're all just a heartbeat away from catastrophe. Maybe more continuous patching can be our savior...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Abandon FUD, Scare Tactics and Marketing Hype

February 25, 2012 Added by:Rafal Los

Perhaps it is security professionals' diminished tolerance for FUD, or perhaps there is a collective awakening to the bigger picture, or it was just time for the chickens to come to roost. No matter, this drastic anti-FUD backlash is strong and I for one say it's about time...

Comments  (2)

959779642e6e758563e80b5d83150a9f

Encryption: A Buzzword, Not a Silver Bullet

February 16, 2012 Added by:Danny Lieberman

Encryption, buzzword, not a silver bullet for protecting data on your servers. In order to determine how encryption fits into server data protection, consider four encryption components on the server side: passwords, tables, partitions and inter-tier socket communications...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Dangers of Non-Contextual Pattern Matching

February 15, 2012 Added by:Rafal Los

Even a system inconsistency such as an abnormal page transition velocity on your flagship web application can be overlooked - until you put all those together and realize you're being SQL Injected and someone is stealing your multi-terabyte database out from under you...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Build Your Security Portfolio Around Attack Scenarios

February 14, 2012 Added by:Danny Lieberman

In the current environment of rapidly evolving types of attacks - hacktivisim, nation-state attacks, credit card attacks mounted by organized crime, script kiddies, competitors and malicious insiders and more - it is essential that IT and security communicate effectively...

Comments  (1)

9f19bdb2d175ba86949c352b0cb85572

Incident Response and Risk Management Go Hand in Hand

February 12, 2012 Added by:Neira Jones

Residual risk is inevitable, so incident response becomes a crucial part of managing it. As the risk assessment identifies the assets critical to a business - threats, vulnerabilities and controls - so should the incident response plan concentrate on critical assets...

Comments  (2)

A88973e7d0943d295c99820ab9aeed27

Data at Rest: Dormant But Dangerous

February 10, 2012 Added by:Simon Heron

Data is considered to be either ‘at rest’, ‘in transit’ or ‘in use.’ When putting security measures in place, it is important to consider all three states and address risks associated with each. This article examines data at rest and proposes strategies to minimize dangers...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

Insecure At Any Speed

February 09, 2012 Added by:Wendy Nather

Security is an afterthought, and a bad one at that. As long as it remains separate from the systems it's supposed to protect, instead of an attribute, and requires users to maintain an abnormal level of awareness, security is going to continue to be as bad as it is today...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Straight Talk about Compliance from a Security Viewpoint

February 09, 2012 Added by:Rafal Los

Odds are, you can usually close out multiple compliance requirements across multiple requirements regulations by doing something singular in a security program. Performing software security audits during various phases of your SDLC solves many compliance requirements...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Difference Between Recovery Time and Recovery Point Objectives

February 08, 2012 Added by:Dejan Kosutic

What do RTO and RPO have in common? They are both crucial for business impact analysis and for business continuity management. Without determining them properly, you would be just guessing – and guessing is the best way to ensure you never recover from a disaster...

Comments  (0)

Ebbcdce0dfc85abf519d8b44a017f687

Data Privacy: Oxymoron, Wishful Thinking, or Strategic Goal?

February 03, 2012 Added by:Brian Dean

Consumers are desensitized to breaches, as evidenced by the meager rate of consumers applying for free credit monitoring services after a company breach. If you analyze the data that was breached, sometimes you have to ask, “Why are they even collecting all of that data?”

Comments  (0)

69dafe8b58066478aea48f3d0f384820

US Air Force Solicits Cutting Edge Cyber Technologies

January 18, 2012 Added by:Headlines

"The Air Force is seeking information on revolutionary hardware and software cyber technology and systems as well as innovative Tactics, Techniques, and Procedures (TTP) that will support, augment and in some cases extend mission range and scope..."

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »