Menu

Blogs

  • Using Peer Collaboration to Manage Supply Chain Risk

    by RSAC Contributor on May 29, 2015

    Leading image

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Robin Slade, of Shared Assessments, facilitated a P2P discussion on peer collaboration for risk management at RSA Conference 2015 in San Francisco. In this post, Slade continues the discussion from that session. Professionals in finance/banking, healthcare, insurance, and retail discussed an innovative approach at RSA Conference 2015: Can Peer Collaboration Be Our…

  • Hijacking Made Easy: Ransomware, Bitcoin, the Dark Web, and Intellectual Property Theft

    by John Linkous on May 27, 2015

    The FBI may have shut down CryptoLocker last year, but researchers report new variants of Cryptolocker have already started infecting users. Other ransomware families continue to make its way into corporate networks. Unlike other, stealthier malware focused on committing intellectual property theft without being seen, CryptoWall and its malware brethren flaunt their presence right in your face. …

  • The Human Element of Computer Security

    by Robert Moskowitz on May 25, 2015

    Most organizations spend significant sums on high-tech defenses such as firewalls, anti-virus software, intrusion detection systems, and biometric locking devices as part of their computer security efforts. But even the strongest hardware and software defenses cannot withstand the human element. The damage can be inflicted intentionally by demotivated employees or unintentionally by…

  • Effective Database Cloud Security: The Holy Grail of Every Company

    by Christopher Burgess on May 22, 2015

    Enterprises rely on metrics to track where they are and where they're heading. Databases have three: availability, accessibility, security. The latter—securing data at rest and in motion while users engage with the data—is still a challenge for many organizations. Database cloud security is still a relatively new concept, and isn't always easy to grasp. It was already complex for many C-suite…

  • Security By Any Other Name

    by Wendy Nather on May 21, 2015

    If you went up to a pharmacist and said, “Hi, I need something to cure a case of the APTs,” what do you think she would recommend? A big issue with the security industry has to deal with the way we market and describe security technology. It used to be that products were described by functionality, with point features that were well understood: firewall, anti-virus, anti-spam, web filter, log…

  • Intellectual Property Theft: The Insider

    by Christopher Burgess on May 20, 2015

    If you are responsible for protecting your company from the risk of a trusted insider stealing intellectual property, consider packing a lunch because it's going to be a bit of a journey. Intellectual property (IP) means different things to different people. And far too many believe they don’t have access to the company's IP, and therefore are not responsible for protecting it. First, …

  • What's Next in Our Security Conversation

    by Fahmida Y. Rashid on May 18, 2015

    There were a lot of interesting conversations at RSA Conference last month. With everyone back home and back to the pressures of the daily job, what happens next? Where does all that energy and excitement go? Hopefully, it is being channeled into informal conversations and new initiatives. One of the key themes was that security is broken and it needs to change. Every company needs a holistic…

  • The Terrorists of Iraq: Inside the Strategy and Tactics of the Iraq Insurgency 2003-2014

    by Ben Rothke on May 18, 2015

    The infinite monkey theorem states that a monkey hitting random typewriter keys for an infinite amount of time will eventually be able to create the complete works of Shakespeare. Various scientists such as Nobel laureate Arno Penzias have shown how the theorem is mathematically impossible. Using that metaphor, if you took every member of United States Congress and House of Representatives and…

  • CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security

    by Ben Rothke on May 16, 2015

    Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors. Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy. The challenge is how to…

  • SANS NetWars at RSAC 2015

    by Fahmida Y. Rashid on May 15, 2015

    SANS Institute brought its NetWars competition to RSA Conference 2015 in San Francisco. A hands-on, interactive learning environment, SANS NetWars lets information security professionals develop and master skills they need in their jobs. The program focuses on developing skills in vulnerability assessment, system hardening, malware analysis, digital forensics, incident response, packet analysis, …

  • Mining Your Banking Data Gold Mine

    by Dale "Woody" Wooden on May 14, 2015

    Dale "Woody" Wooden illustrates security concepts through stories. His past posts discussed how attackers mine employees' social media accounts for information and how social media can be used against you. This story is about companies asking for way too much information about your business. Would you give up all your itemized bank statements to a third party? Hand over information about…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 30 May 2015 08:23:53 -0400.
© 2015 EMC Corporation. All rights reserved.