Blogs

  • Mobile Health Information: Secure or a Joke?

    by Joshua Marpet on October 23, 2014

    Leading image

    Android and iOS offer medical apps that can collect a user's health information and store it on his mobile device. But between the threat of malware and sharing user data across apps, is that information secure? Health Information Direct to Your Phone There are mobile health apps that can take your heartbeat, just like a single-lead ECG. These apps can interface with exercise gear, such as chest-strap heart monitors that joggers frequently wear and even insulin pumps and glucose meters that…

  • Risk Assessments Critical for Budget Planning

    by Fahmida Y. Rashid on October 22, 2014

    Planning for next year's budget is stressful for everyone involved, but information security professionals have the added challenge of translating their requests into business risks to get senior management buy-in. Understanding how the threats and gaps in protection map to business risks will help streamline the first round of budget planning. It is critical that you perform a full risk…

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Cyber Security Awareness Month: Engage Your Users

    by Fahmida Y. Rashid on October 21, 2014

    Security professionals should take advantage of Cyber Security Awareness Month to spotlight security initiatives within their organization. Use this month to get the board and C-suite to think about security. This is also a good time to demystify security for your end users. The Department of Homeland Security has conducted a series of events every year in October since 2004 to improve security…

  • And Then There Were None: Europe, the Internet, and the Right to Be Forgotten

    by John Linkous on October 20, 2014

    The European Court of Justice's ruling in May said that individuals have the "right to be forgotten" could fundamentally change Internet privacy and security. The case involved a Spanish attorney, Mario Costeja González, who was troubled that public notices were being posted in his local newspaper regarding the repossession and auction of his home. He appealed to the Court, which ruled that, …

  • Security in the Cloud? Your Questions and Cloud Resources

    by Christopher Burgess on October 16, 2014

    The "cloud" is a nebulous concept. The "private cloud" is not as clearly defined as the "public cloud," but it is still confusing. Of course, we have a long list of questions regarding the cloud, but it's important to ask questions specifically about how cloud data is stored and kept secure. Resources to secure the cloud are plentiful. Here are some of the most important questions organizations…

  • How Savvy Security Leaders Get the Budgets They Need

    by John Dickson on October 15, 2014

    I have been a student of security for nearly twenty years and have paid close attention to how certain security managers were able to secure scarce company resources to build their security programs while others were not. These are security managers in organization that had not yet encountered a major security breach or a similar "near death" experience. To state the obvious, marshaling resources…

  • Effective Strategies for Information Protection

    by Robert Moskowitz on October 14, 2014

    The fact that more than one user in different locations may require simultaneous access to the confidential information used in different applications makes it difficult to protect the information from a wide variety of threats. Identifying Threats Protection is more than controlling access. It's also about preventing unauthorized release, unauthorized modification, and unauthorized denial of…

  • Hate Crimes in Cyberspace

    by Ben Rothke on October 14, 2014

    It’s said that criminal lawyers see bad people at their best, and divorce lawyers see good people at their worst. At times, the Internet seems to bring out the bad in all types of people. In Hate Crimes in Cyberspace, a fascinating book just out, author Danielle Keats Citron details many incidents where unsuspecting and ordinary people suddenly found themselves under direct attack in the form of…

  • Making Room for Security Training in Your Budget

    by Fahmida Y. Rashid on October 13, 2014

    When there are so many security threats demanding our attention and initiatives needing funding, it can be difficult to decide how to allocate the security budget. Security awareness training goes beyond preventing some attacks to improving an organization's overall security posture. Over the past few months, we've seen attackers increasingly relying on phishing and other social engineering…

  • No ROI Means No Priority: The Fallacy of Why Cybersecurity Doesn’t Get the Attention It Deserves

    by Gib Sorebo on October 13, 2014

    For years, cybersecurity professionals and many IT specialties have lamented that our concerns don’t get enough attention and (more importantly) funding from senior management. We complain that we’re relegated to one of many back office functions like procurement, human resources, or facilities, functions that we, ironically, treat with the same level of boredom and disdain that we feel are…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 25 Oct 2014 13:30:20 -0400.
© 2014 EMC Corporation. All rights reserved.