Items Tagged with "Training"
August 05, 2012 Added by:Stacey Holleran
If your organization were to experience a serious disruption in network connectivity due to a weather event, a fire or a cyber attack, how quickly could it resume business operations? Which people, processes and technologies would be involved in the recovery? How can you be sure nothing has been overlooked?
August 05, 2012 Added by:PCI Guru
Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...
August 03, 2012 Added by:Tripwire Inc
The sessions felt somewhat lack-luster – a lot of what I was hearing had been said before. Many of the conversations were consistent with other events and the topics felt replayed. The horrifically long coffee queue at Starbucks provided me with time to people watch, so here are my Black Hat 2012 observations...
August 02, 2012 Added by:Dave Shackleford
Most security awareness programs SUCK. I bet the majority of the awareness proselytizers are doing the same old crap with some stupid Web-based Flash thingie that people click through as fast as they can, and a little printout goes in their HR folder. UGH. That doesn’t work, never has, and never will...
August 02, 2012
Javvad takes us on a whirlwind video tour of Vegas, BlackHat, BSidesLV and DefCon. You will see a lot of familiar faces in characteristically compromising situations. Remember, if you can't keep it in Vegas, try to only share the small details...
August 01, 2012 Added by:Boris Sverdlik
The upside for being in Vegas for BlackHat is that BSidesLV runs concurrently. BSides always tend to be much better events. The attendees are rarely the vendor mouthpiece types and this alone makes the conference enjoyable. I had attended more talks at BSides than I have at other conferences combined this year....
July 31, 2012 Added by:Dan Klinedinst
I just got home from the "Vegas week" of Black Hat, BSidesLV, and DefCon. I love many things about each, and each has things I wish they'd do better. This is true of all the conferences I've attended. However, a few questions are lingering in my mind after Vegas, possibly due to the effects of sleep deprivation...
July 30, 2012 Added by:alan shimel
There was a time that Black Hat was where the edge met the establishment, but Black Hat has gone totally corporate and seems to have lost the edge. All of the edge seems to have gone to BSides. I love both Black Hat and BSides and think each needs a little bit of what the other has to be whole, viable and successful...
July 30, 2012 Added by:Tripwire Inc
The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...
July 24, 2012 Added by:Hani Banayoti
We cannot relax our technical security deep-dive efforts just because we think we deliver good corporate security awareness. Did high profile technology and security companies like RSA, GlobalSign, DigiNotar, Sony, Yahoo, Linkedin etc, not have good security awareness when they got compromised? I'm sure they did...
July 23, 2012 Added by:Boris Sverdlik
I tried to keep my comments limited to Twitter, but with this pile up on Security Awareness, I felt an obligation to put my opinion out there once again. @Krypt3ia and @iiamit have both posted their rebuttals respectively calling each other wrong of course, but where's the excitement without debate?
July 23, 2012
The National Counterintelligence Executive states that counterintelligence plays a critical role in reversing the benefits that cyber operations afford our adversaries. Cyber intelligence collection and analysis increases our understanding of the adversary and how to defend against them...
July 23, 2012 Added by:Infosec Island Admin
The NATO Cooperative Cyber Defence Centre of Excellence has developed an online Cyber Defence Awareness course that aims to enhance the general user’s awareness of cyber security risks and measures to mitigate those risks. The course may be accessed through the NATO Joint Advanced Distributed Learning portal...
July 20, 2012 Added by:Infosec Island Admin
You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...
July 18, 2012 Added by:InfoSec Institute
While no two jobs are alike, there are some specific skills that will help network security engineers face the various challenges they will face day to day. What follows are just a handful of specific skills and duties required of network security engineers...
July 12, 2012 Added by:Infosec Island Admin
ICS and the smart grids are two of these priority areas identified by the EU-US WG. In the last decade, these systems have been facing a notable number of incidents, including the manifestation of Stuxnet which raised a lot of concerns and discussions among all the actors involved in the field...