Blogs

  • Registration is Now OPEN for RSA Conference 2015!

    by Linda Gray on November 20, 2014

    Leading image

    The holidays are fast approaching and that means another year has flown by. For everyone here at RSA Conference, that also means it’s crunch time as we prepare for the 2015 event. With that, we’re excited to announce registration for RSA Conference 2015 is now open! Be sure to mark your calendars – this year’s event is April 20-24 at our usual location in San Francisco’s Moscone Center. Each year, RSAC offers attendees countless opportunities to network and learn. It’s a must-attend event packed…

  • Guidelines For Retailers This Holiday Shopping Season

    by Fahmida Y. Rashid on November 19, 2014

    The holiday shopping season is looming, and retailers are gearing up for Black Friday and other sales. It's been a year since criminals infiltrated Target's networks with malware and made off with millions of credit card details. Retailers are scrambling to get everything ready for the shoppers and deals; we hope their networks are secure and ready, as well. Or will cyber-criminals have another…

  • Security Storage: To HSM or Not To HSM?

    by Joshua Marpet on November 18, 2014

    Information security storage is necessary; without it, how would Amazon know what it is selling or what product recommendations to make? How could it store the shopper’s credit card information to make purchases with a single click? While consumers would like to think their credit card information, purchase history, and other personalized data is stored securely, that is not always the case. …

  • The Human Element in the Data Breach

    by Christopher Burgess on November 17, 2014

    We are all familiar with the adage, "to err is human; to really foul things up requires a computer," which implies that the computer may be to blame for many data breach calamities. Alas, it appears the erring human is also culpable. Take, for example, the recent kerfuffle surrounding Apple's iCloud and the compromise of celebrity accounts containing salacious photos. After much slinging of…

  • Social Engineering 2.0: Old-Fashioned Targets, Cutting-Edge Techniques

    by John Linkous on November 14, 2014

    Back in 2006, a large company in Chicago contracted my company to conduct an advanced information security controls assessment. In addition to looking for technical vulnerabilities—unpatched servers, web app vulnerabilities, open ports that should be closed, and the like—we were also contracted to conduct a social engineering assessment. On the first day of our technical assessment, our team…

  • Source Code: The Last Frontier of Security Threats

    by John Linkous on November 13, 2014

    My consulting firm is increasingly receiving requests from customers to help them address what seems to be the last frontier of security analysis: source code. As an analyst, I have a lot of tools at my disposal for identifying problems in both compiled code and p-code. Security, after all, started out as a black box-oriented approach to figuring out answers to problems; we know what the specs of…

  • Are Security Teams Ready to Handle the End of Year Challenges?

    by Fahmida Y. Rashid on November 12, 2014

    While we continue with the budget discussion, it's important to think about some of the unique challenges present as we approach the end of the calendar year. There are various things security professionals need to do at this time of the year, and David Matthews discusses some of them on Nov. 20 in Incident Response: Are You Ready for the End of the Year? As the former director of incident…

  • Preventing Another Holiday Season Data Breach

    by Fahmida Y. Rashid on November 11, 2014

    Businesses—not just retailers—spend months developing plans for the holiday shopping season. Unfortunately, many of them haven't thought about security during those strategy sessions. "People have different mentalities when they look at the end of the year," says Chris Strand, senior director of compliance at Bit9. We've already listed some of the challenges associated with the end-of-the-year…

  • Critical Infrastructure Security Is Key to Homeland Security

    by Christopher Burgess on November 10, 2014

    The US Department of Homeland Security (DHS) is the model that most often comes to mind when broaching the subject of national security. The DHS takes critical role in the protection of its infrastructure—electric, water, gas, transport, etc. The DHS, via the US-CERT (Cyber Emergency Response Team), produces alerts, advisories, and reports that not only keep government clientele well informed, but…

  • Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

    by Ben Rothke on November 10, 2014

    A word to describe Takedown: The Pursuit and Capture of America's Most Wanted Computer Outlaw was hyperbole. While the general storyline from the 1996 book was accurate, filler was written that created the legend of Kevin Mitnick. This in turn makes the book a near work of historical fiction. Much has changed in nearly 20 years and Countdown to Zero Day: Stuxnet and the Launch of the World's First…

  • The Bright Future of Mobile Payments

    by John Linkous on November 7, 2014

    Cashless payment for goods and services continues to evolve, and mobile payments are quickly becoming the battleground for new products and technologies that drive consumer and merchant convenience. Such payments ensure rapid payment for credit issuers and other constituents in the transaction chain. Some of these technologies are still evolving and represent truly revolutionary approaches, while…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 21 Nov 2014 03:21:02 -0500.
© 2014 EMC Corporation. All rights reserved.