Blog Posts Tagged with "Information Security"
NIST Offering Much Needed Guidance for Neglected SMBs
August 11, 2017 Added by:Avi Bartov
The NIST framework provides the much-needed guidance that organizations of any size can use to identify their major risks in cyberspace.
Comments (0)
Top 10 Cloud and Security Predictions for 2017
December 14, 2016 Added by:Shehzad Merchant
In the coming year, we might see a number of significant changes with respect to both the public cloud and information security.
Comments (0)
If you Knew you Were Going to be Attacked, What Would you do Differently?
August 14, 2013 Added by:Bill Wheeler
Recent reports have found that cyberattacks against U.S. corporations are on the rise, along with an increase in international threats, especially from China, and emerging threats to small businesses. Today, it’s not a matter of if an organization will be the victim of a cyberattack, but when.
Comments (3)
Another Paradigm Shift - I'm Getting Motion Sickness
July 08, 2013 Added by:Jim Palazzolo
Before you protect the data, find the data. Before you create security controls, find the assets. Before you think about the future, find the blueprints for today. Before you attempt to know others, know yourself first.
Comments (0)
Brand Damage Through Information Access
June 20, 2013 Added by:Eric Chiu
In a competitive business environment, reputation is a critical differentiator. Any company that suffers from a major data breach, instigated by an employee with a small grudge and big access, could face devastating consequences to the corporate brand, and to the bottom line.
Comments (0)
Digital Usage Policies and the ‘New’ Desktop
May 31, 2013 Added by:Mark Austin
The PC desktop is changing, so fast that what used to confidently be called the “desktop” is undergoing the sort of rapid evolution bound to throw up new and unfamiliar security challenges.
Comments (0)
Deconstructing 'Defensible' - Too Many Assets, not Enough Resources
April 19, 2013 Added by:Rafal Los
In just about every organization (with little exception) there are more things to defend than there are resources to defend with. Remember playing the game of Risk, when you were a kid? Maybe you still have the game now... amazing how close to that board game your life in InfoSec is now, isn't it?
Comments (0)
Identity in the Modern Enterprise
March 12, 2013 Added by:Simon Moffatt
The view of IAM 1.0 (enterprise provisioning) and IAM 2.0 (federated identity, 'cloud' services and so) is continually evolving and it's pretty clear that identity management now has a greater role to play for many organisations, as they look to embrace things like increased mobility and out sourced service driven applications.
Comments (0)
The Blurring of the Business Identity
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
Comments (0)
What Security Challenges to Focus on in the New Year
February 15, 2013 Added by:Robert Siciliano
In 2012, security challenges we faced were often the ribbon cuttings and business plans that startup criminal organizations launched. In 2013, those criminal enterprise business plans will come together—and we need to be ready.
Comments (0)
What We Learned About Digital Security In 2012
February 12, 2013 Added by:Robert Siciliano
Sometimes it’s the worst things that can happen that become the eye-opening best things that effect positive change. The year 2012 saw numerous high-profile data breaches, epic hacks, full-on hacktivism and lots of major identity theft ring busts.
Comments (0)
Security Analytics: Hype or Huge?
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
Comments (0)
Information Security Management Handbook
January 28, 2013 Added by:Ben Rothke
While the book is organized under the CISSP CBK domains, it should not readily be used as a primary reference for those studying for the CISSP exam, given its unmanageable length as a primary reference...
Comments (0)
ESB Security Spotlighted At ZeroNights 2012
December 25, 2012 Added by:Alexander Polyakov
ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...
Comments (0)
Security is Inconvenient, Deal With It!
December 17, 2012 Added by:Keith Mendoza
ZD Net had an article entitled "Kernel vulnerability places Samsung devices at risk" and I thought "so, what's new" until I followed the link to the forum post on xda-developers. Then I just lost it because I'm certain that this is a result of plain and simple laziness...
Comments (2)
Organizational Influence via Security Team Branding
December 09, 2012 Added by:Steven Fox, CISSP, QSA
Hacker Halted 2012 was full of personalities; executives, technologists, students and security enthusiasts – each one with stories that fueled conversations and debate. Technical and business erudition dominated the speaker sessions and the hacking competitions...
Comments (0)
- SAP Cyber Threat Intelligence Report – April 2018
- Cloud Security Alert – Log Files Are Not the Answer
- Avoiding Holes in Your AWS Buckets
- The Three Great Threats to Modern Civilization
- 2020 Vision: How to Prepare for the Future of Information Security Threats
- Why Data Loss Prevention Will Suffer the Same Fate as Anti-Virus
- Unconventional Thinking — Four Practices to Help Mitigate Risk
- The Night the Lights Went out in Georgia (Almost)
- Is Blockchain Really Disruptive in Terms of Data Security?
- Half-Baked Security Approaches: What Cybersecurity Can Learn from Legal Weed