Items Tagged with "Information Security"
August 02, 2012 Added by:Bill Mathews
General Alexander says that private sector, hackers, exploit developers, etc. need to share information and tools in order to help protect the US. Is the NSA being nefarious and wanting to spy on hackers, or are they legitimately seeking help for a problem that will only continue to grow in the future?
August 01, 2012 Added by:Robert Siciliano
By hacking your device, you can potentially open security holes that may have not been readily apparent, or undermine the device’s built-in security measures. Jailbroken and rooted phones are much more susceptible to viruses and malware...
August 01, 2012 Added by:Boris Sverdlik
The upside for being in Vegas for BlackHat is that BSidesLV runs concurrently. BSides always tend to be much better events. The attendees are rarely the vendor mouthpiece types and this alone makes the conference enjoyable. I had attended more talks at BSides than I have at other conferences combined this year....
July 31, 2012 Added by:Dan Klinedinst
I just got home from the "Vegas week" of Black Hat, BSidesLV, and DefCon. I love many things about each, and each has things I wish they'd do better. This is true of all the conferences I've attended. However, a few questions are lingering in my mind after Vegas, possibly due to the effects of sleep deprivation...
July 31, 2012 Added by:Brent Huston
Disregard tales of drunken hackers menacing Vegas hotels, changing signs and doing social engineering attacks. They are good for amusement and awareness, but they are NOT really useful as a lens for viewing your organization’s risk or the steps you should be taking to protect your data. Instead, stick to the basics...
July 31, 2012 Added by:Don Eijndhoven
What is neutral behavior in the context of cyber warfare? Are you, as a neutral country obliged to drop all traffic between these two waring nations that crosses your networks? And if you’re not, are you obliged to make sure none of the cyber attacks are originating from compromised systems within your borders?
July 30, 2012 Added by:Tripwire Inc
The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...
July 29, 2012 Added by:Boris Sverdlik
It's not a question of technology, it really isn't. The one problem that we keep running into is that user's don't want us installing things on their personal devices. It's the whole entitlement mentality that our users have somehow attained through all of our babying. That's the cost of using their resources...
July 25, 2012 Added by:Rob Fuller
Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...
July 23, 2012 Added by:Headlines
“First and foremost, our whole strategy from a classified mobility perspective is very much focused on commercial solutions for classified [communications]... It’s our intent that we would deliver, end-to-end, a solution that is reliant on all commercial components and we believe we can do that...”
July 22, 2012 Added by:Tripwire Inc
Today, we don’t have the concept of “knowledge security,” but should we begin considering that moving forward? Given that we are moving, quite quickly, into a knowledge-based orientation, what are the implications for “information security?” Are there any? Does this perspective even matter?
July 21, 2012 Added by:Ali-Reza Anghaie
No matter how many times it's warned against, most Security professionals use themselves and their contemporaries as the basis for what's "right". And as security becomes higher profile with more incidents it really starts looking like instead of having cynical contempt for the users, it's more like plain excuses...
July 20, 2012 Added by:Infosec Island Admin
You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...
July 20, 2012 Added by:Dave Shackleford
The CISO who backs her team politically and fights for key projects, the analyst who writes a sweet Python script to automate some rote pen testing task, the incident handler or forensicator who digs for hours to find the root cause of an event, and so on. That’s leadership, and it happens all the time...
July 18, 2012 Added by:Electronic Frontier Foundation
By identifying and disclosing vulnerabilities, coders are able to improve security for every user who depends on information systems for their daily life and work. Yet recently, European Parliament debated legislation that threatens to create legal woes for researchers who expose security flaws...
July 18, 2012 Added by:InfoSec Institute
While no two jobs are alike, there are some specific skills that will help network security engineers face the various challenges they will face day to day. What follows are just a handful of specific skills and duties required of network security engineers...