Items Tagged with "Enterprise Security"


7d55c20d433dd60022642d3ab77b8efb

ESB Security Spotlighted At ZeroNights 2012

December 25, 2012 Added by:Alexander Polyakov

ERP systems, which store the information about finances, employees, materials, wages, and so on, are rightfully considered to be the most critical of such systems. Unauthorized access to those systems can lead to espionage, sabotage, or fraud...

Comments  (0)

942a200514c2a9d79858ce6355c40614

Prediction: BYOD May Go Away in 2013

December 25, 2012 Added by:Paul Kenyon

Considering this speed of change, taking a moment to reflect on the security risks ahead is not only prudent, but could save your organization from being blindsided. From my view, here's what I'd recommend organizations, from SMBs to the enterprise, prepare for in 2013...

Comments  (4)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Ultra-Legacy Problem - Systems so old...

December 19, 2012 Added by:Rafal Los

Say you're a sizeable institution here and that over the last two decades you've amassed lots of platforms that run your business, in a time before the Information Security organization did much more than install anti-virus on your desktop... and now that technical debt has come back to haunt you...

Comments  (3)

942a200514c2a9d79858ce6355c40614

Managing the Social Impact of Least Privilege

December 10, 2012 Added by:Paul Kenyon

In organizations where IT policy hasn’t been enforced or where users expect to have full autonomy over PCs, the transition to least privilege desktops must be carefully planned, so the IT department doesn’t face a user revolt. Make sure to set users’ expectations accordingly...

Comments  (0)

296634767383f056e82787fcb3b94864

Flipping Malware: A Profit Opportunity for Corporate IT Departments

December 09, 2012 Added by:Jeffrey Carr

Some of the more forward-looking DOD contractors who have robust internal CERT with engineers who do reverse-engineering could be in the best position to offer free or low-cost network defense to corporations who want to "flip" the malware found on their network for a nice profit...

Comments  (1)

65c1700fde3e9a94cc060a7e3777287c

Information Security: Why Bother?

December 09, 2012 Added by:Simon Moffatt

The question, often raised as a bargaining tool, is often focused on the, ‘well I understand what you propose and I know it will increase the security of scenario X, but why should I do it?’. In honesty, it is a good question...

Comments  (3)

Bd07d58f0d31d48d3764821d109bf165

How I Learned to Love Incident Management

December 08, 2012 Added by:Tripwire Inc

Incident Management is particularly interesting in the light of the recent attacks on Vmware, Symantec and a host of other companies and internet properties. It all boils down to a fairly straight forward question…when an incident occurs, how does your security team respond?

Comments  (0)

E745f78c8d9499cf7e9aea2084be2e0a

Focus on the Host

December 06, 2012 Added by:Matthew McWhirt

The traditional concept of enterprise security monitoring typically encompasses observing and mitigating threats at the perimeter of the organization. While there is still a necessity for this model of security monitoring, the true notion of enterprise continuous monitoring practices must include a focus on the host...

Comments  (0)

Ff632049ba1218ecd55b8122b2112642

Risky Business

December 03, 2012 Added by:Randall Frietzsche

In the broad spectrum of activities which might be called Information Security, we must always first and foremost implement, execute and follow through with risk management. Risk management is the backbone or foundation of any good information security program...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Fifteen Tips to Improve Your Infosec Risk Management Practice

November 29, 2012 Added by:Tripwire Inc

For years security vendors have been able to play off the general fears of malware and cyber attacks. As the scope of protecting data has become more complex, we’ve slowly learned that deploying more security controls alone is not a risk management solution...

Comments  (0)

145dfdfe39f987b240313956a81652d1

Pen Test vs. Vulnerability Scan: You know the difference, but do they?

November 28, 2012 Added by:Stacey Holleran

Small business owners often don't have someone who is versed in network security. So when they are told they need a “network penetration test” to comply with PCI DSS, many will contact the growing number of companies offering inexpensive testing services...

Comments  (5)

59d9b46aa00c70238bb89056cfeb96c0

Beacon Events Compliance Conference in Beijing – I Wish I Could Be There

November 27, 2012 Added by:Thomas Fox

If you have not had the opportunity to attend a compliance-related conference tailored to the challenges of working in the Far East this would be the one for you. Even if you have attended such an event, this conference focuses on China and will give you insight into how to do business...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

On Terms of Service, and a Global Code

November 25, 2012 Added by:Ben Kepes

TOS;DR aims to help with what is possibly the biggest lie on the internet, that which users make when they click that they have read, understood and accepted the terms of service of their provider. The fact is that no one reads them but rather vaguely hopes for the best...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Why You Should Care About Mobile Security: An Infographic

November 24, 2012 Added by:Fergal Glynn

No matter what you believe, you need to understand the security threats that come along with BYOD and how to best protect yourself and your business against them. Join Joe Worker and Joe IT as we walk you through the basics of BYOD and mobile security...

Comments  (2)

C787d4daae33f0e155e00c614f07b0ee

Resource Scarcity in Information Security - Part 2

November 19, 2012 Added by:Robb Reck

In our last post we discussed how to deal with resource scarcity and why the only effective strategy involves reducing the team’s scope. In this post I will dive into how we can reduce the information security team’s scope of work while preserving the value delivered to the business to the greatest extent possible...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Security ROI "Death Spiral"

November 18, 2012 Added by:Rafal Los

The worst thing that can happen to a CISO is to get trapped in the ROI Death Spiral. I know, I know, we’ve all been told that we need to justify cost, manage expense, use the tools our companies provide us, etc. CISOs that don’t play by the rules won’t get anywhere...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »