Menu

Blogs

  • Securosis Guide: P.Compliance.90X

    by Securosis Team on March 27, 2015

    Leading image

    This is the fourth post in a multi-part series about the Securosis Guide to the RSA Conference (RSAC-G). Please scroll to the bottom for links to other posts in the series. Compliance. It's a principle driver for security spending, and vendors know this. That's why each year compliance plays a major role in vendor messaging on the RSAC show floor. A plethora of companies claiming to be "the leader in enterprise compliance products" all market the same basic message: "We protect you at all levels…

  • Loose Lips Sink Ships, Part 2

    by Dale "Woody" Wooden on March 26, 2015

    If you read my last post, you already know our four travelers from Company X. They all used social media to discuss the trip to London they went on for the company. A hacking organization called Taking your Intellectual Property for fun (TIP4F) has been watching the information these employees shared on social media. They now plan on sending people to London to exploit Company X’s employees for…

  • Securosis Guide: Go Pro or Go Home

    by Securosis Team on March 25, 2015

    This is the third post in a multi-part series about the Securosis Guide to the RSA Conference (RSAC-G). Please scroll to the bottom for links to other posts in the series. In the United States there's a clearly defined line between amateur and professional athletes. And in our wacky world of American sports, we have drafts, statistics, hefty contracts, trophies, and rings to demonstrate an…

  • Security Innovation is Live and Well, With Plenty of Room for More

    by Fahmida Y. Rashid on March 24, 2015

    Is innovation in information security dead? It's easy to think so when each day there is a new headline about yet another massive organization's data breach, or a new report points out that enterprises aren't taking care of the security basics. All while cyber-attackers are gleefully scooping up our private data and looting our bank accounts. These breaches aren't happening because organizations…

  • Securosis Guide: IoWTF

    by Securosis Team on March 23, 2015

    This is the second post in a multi-part series about the Securosis Guide to the RSA Conference (RSAC-G). Please scroll to the bottom for links to other posts in the series. Have you heard a vendor tell you about their old product, which now protects the Internet of Things? No, it isn't a pull-up bar, it's an Iron Bar Crossfit (TM) Dominator! You should be mentally prepared for the Official RSA…

  • Securosis Guide: Change—Déjà Vu, All Over Again

    by Securosis Team on March 20, 2015

    This is the first post in a multi-part series about the Securosis Guide to the RSA Conference (RSAC-G). Please scroll to the bottom for links to other posts in the series. Every year we like to start the RSAC-G with a review of the major themes you will most likely see woven throughout presentations and marketing materials on the RSA Conference show floor. These themes are like channel surfing…

  • Welcome to the Securosis Guide to the RSA Conference

    by Securosis Team on March 19, 2015

    WAY back in 2010, we here at Securosis decided to put together a little guide to the RSA Conference. Sure, there’s the official conference schedule, session descriptions, show floor map, and heck, even an entire website, but we thought people would appreciate an actual hands-on guide with a little analysis. You know, things like key themes we expect to see, analysis of major security segments, …

  • Measures and Metrics in Corporate Security

    by Ben Rothke on March 18, 2015

    Two of the most famous quotes from Lord Kelvin are “to measure is to know” and “if you can not measure it, you can not improve it”. With that, in Measures and Metrics in Corporate Security, author George Campbell provides a quick and high-level introduction to the topic of metrics and measurement. Campbell is the former Chief Security Officer at Fidelity Investments, where metrics are used…

  • If You’re Not With Us, You’re Against Us

    by Eric Cowperthwaite on March 17, 2015

    It’s time that we all came to an important and necessary conclusion: There is no silver bullet in security. There is no one product, solution, vendor or technology that is going to make you 100 percent secure. And if you’re relying on one product, you deserve a blog post all your own. Now that we’ve all agreed on this point, let’s start talking about how we can all be working together to solve a…

  • Smashing the Binary

    by Wendy Nather on March 16, 2015

    One big problem in security is the tendency to think in binary terms. Either you’re breached or you’re not; either you’re secure or you’re not. But this black-and-white worldview can be the cause of both technology and people problems. Is it possible to be a “little bit pwned”? Most would say no, although if you’re used to dealing with a wide spectrum of incidents within an organization, you know…

  • Is Defense In Depth Dead?

    by Danelle Au on March 12, 2015

    When Great Britain’s Royal Engineer, Maurice built Dover Castle in the late 1100s, he focused not just on the grandeur but on the security of its architecture. In Medieval times, castles were the backbone of power, meaning that it had to withstand assaults from enemies. When building Dover Castle, Maurice The Engineer, who served King Henry II, designed a castle with multiple layers of defense…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 28 Mar 2015 07:02:45 -0400.
© 2015 EMC Corporation. All rights reserved.