Blog Posts Tagged with "Security Awareness"
The 4 Cs of Automated Incident Response
December 06, 2016 Added by:Nathan Burke
We’re currently in a phase in security where there are an ever-expanding number of automated incident response solutions, and no standard method for judging quality or value.
Comments (0)
Security vs. Privacy: Securing Your Critical Information Assets
November 17, 2016 Added by:Steve Durbin
Organizations that sow and fertilize a deeply rooted culture of security are most likely to be resilient and competitive in the face of ongoing threats and challenges.
Comments (0)
Five Rules to Conduct a Successful Cybersecurity RFP
February 16, 2016 Added by:Ilia Kolochenko
It becomes more and more difficult to distinguish genuine security companies, with solid in-house technologies, and experts with flashy marketing and FUD (Fear, Uncertainty, Doubt) tactics. This makes the process of cybersecurity RFP (Request For Proposal) more complicated and challenging for organizations of all sizes.
Comments (0)
5 Solid Ways to Build Security Culture in Your Organization (That You Probably Never Heard Of)
January 22, 2014 Added by:Pete Herzog
Teach employees not to say no. This and 4 other unconventional tricks will build or enhance your organization's security culture.
Comments (2)
How Do I Measure the Success of a Training Program?
November 19, 2013 Added by:Rohit Sethi
An information security training program is crucial for ensuring and maintaining a good security posture; in order to effectively manage this program you have to be able to measure it. This article introduces a concept recommended by NIST in their Special Publication 800-16, for evaluating training effectiveness.
Comments (0)
Bore Them With Death-by-Awareness: That’ll Teach em!
May 08, 2013 Added by:Lee Mangold
As security professionals, we have to understand that not everyone has a passion for security. In fact, most people don’t. Given that we know “they” don’t share our passion, and we know they are the most vulnerable attack vector, why do we continue to bore them with homogenous and irrelevant training?
Comments (0)
Security Awareness: To Train or Not to Train?
April 08, 2013 Added by:Le Grecs
It's up for each organization to monitor their threats and weaknesses and use the appropriate set of controls to minimize their risk to an acceptable level. Perhaps security awareness is part of that ... perhaps it is not.
Comments (0)
Security Resolutions for the New Year
December 28, 2012 Added by:Allan Pratt, MBA
As the New Year approaches, have you thought about your New Year’s resolutions? As a member of the information security industry, I would like to share five resolutions that you should definitely add to your list...
Comments (0)
Closing the Vault Door
December 18, 2012 Added by:Suzanne Widup
For those of you who have appreciated The Leaking Vault series of data breach reports, I have some sad news. As I was days away from releasing the third installment, I received an email from Brian Martin with the Open Security Foundation stating that I do not have permission to use their data without a license...
Comments (4)
The INFOSEC Naughty List 2012: “The Twelve Charlatans of Christmas” Edition
December 12, 2012 Added by:Infosec Island Admin
But seriously folks, this post may be cathartic for me and a chuckle for you, but in reality it will change nothing. The douches will be douchey and the charlatans will sell their cyber snake oils. Enjoy the charlatanism and douchery...
Comments (0)
Reflected Glory: Revealing one of my self-created social engineering tricks
December 11, 2012 Added by:Will Tarkington
What is reflected glory? To do this trick you need someone with a high social status that you can be associated with. It doesn’t have to be a close association just one that is known. You then simply state with authority your own opinion once the relationship has been recently established...
Comments (0)
Lack of Security in Android Apps? That Could Be
December 02, 2012 Added by:Keith Mendoza
Have you ever installed an app in your Android phone and when you got to the permission screen you just couldn't justify to yourself why an app would require the permissions it's asking for?
Comments (0)
Convenience vs. Security - Why convenience keeps winning
November 26, 2012 Added by:Rafal Los
Convenience wins in the consumer mind, easily. Even in the mind of someone who's security-minded convenience may win out over a little added risk. This is especially true if the card issuers are willing to take on the risk at the anticipation of higher revenue or profit...
Comments (0)
What Makes My Passwords Vulnerable?
November 25, 2012 Added by:Robert Siciliano
Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...
Comments (0)
You Believe It Because "I" Wrote It
November 14, 2012 Added by:Jim Palazzolo
Besides sheer entertainment, my objective is to practice my ability to create deception. It has been my observation that security personnel must be able to spot deception. Whether it’s covert channels or fake ID’s, deception is a very powerful tool that can be used both offensively and defensive...
Comments (0)
Privacy in Ubuntu 12.10: Full Disk Encryption
November 12, 2012 Added by:Electronic Frontier Foundation
Full Disk Encryption (FDE) is one of the best ways you can ensure all of the private information on your laptop stays private in case it's lost, seized, stolen, or if you choose to sell or give away your computer in the future. This feature has been built-in to many GNU/Linux distributions, including Ubuntu...
Comments (1)
- The Cyber Car: The Intimate Tango of the 21st Century
- Adylkuzz: WannaCry’s Older and More Devious Cousin
- Cloud Control: Key Points to Consider When Going to the Cloud
- WannaCry Shows World the Need for Endpoint Security
- The Administrative Credentials Security Hole
- Reducing Identity-related Risks: The Complete Package or a One-Man Show?
- Live Webinar: Combining Pen Testing & Incident Detection
- SAP Cyber Threat Intelligence Report – May 2017
- Convenience vs. Control: Achieving the Right Security Balance
- The Enterprise IoT Security Checklist for Today - and Tomorrow