Blogs

  • Update on charity:water Efforts in Nepal

    by Linda Gray on October 30, 2014

    Leading image

    As many of you know, at RSA Conference in San Francisco this past February, we joined the charity: water mission asking our attendees to participate in a Waterwalk. In exchange for their participation, RSA Conference vowed to make a donation that would help fund two water projects for schools in Nepal. In August we checked in with charity: water Growth Associate, Makena Cunningham, for a Q&A on the project and are now excited to share addtitional updates on our joint efforts! Nepal is known for…

  • Network Security Appliance: Build or Buy?

    by Joshua Marpet on October 29, 2014

    Monitoring your network can be a seriously unpleasant task. It involves everything from maintaining firewall rules, watching traffic, looking for problems, keeping track of the latest issues on the Internet, checking log data on the dashboard, correlating events—oh dear God, it keeps going! So, what do you do? Do you use a myriad of tools, stitch them together with some scripting, document the…

  • A Whole New Way to Spot Malware Before It Spots You

    by Robert Moskowitz on October 28, 2014

    Enterprise networks still rely on antivirus software and blacklists to keep known malware at arm's length. But researchers suggest another approach, one which promises to spot a dangerous piece of code before it shows up on a list somewhere. This form of detection doesn't look for malicious code, but for malicious networks communicating with that code. Internet service providers, and any…

  • Measuring and Managing Information Risk: A FAIR Approach

    by Ben Rothke on October 27, 2014

    If you work in IT, you can’t go a day without some sort of data about information security and risk. Research from firms like Gartner are accepted without question; even though they can get their results from untrusted and unvetted sources. The current irrational panic around Ebola shows how people are clueless about risk. While distressing over Ebola, the media is oblivious to legitimate public…

  • Around the Web: Backoff, Online Payments, Security

    by Fahmida Y. Rashid on October 24, 2014

    Data breaches, point-of-sale malware, and payment card security were among the hottest topics this week. Information security professionals have to sift through and absorb a lot of information throughout the week, including news reports, survey results, threat advisories, and security warnings. That's just the beginning. Don't forget breaking research, insightful blog posts from other security…

  • Mobile Health Information: Secure or a Joke?

    by Joshua Marpet on October 23, 2014

    Android and iOS offer medical apps that can collect a user's health information and store it on his mobile device. But between the threat of malware and sharing user data across apps, is that information secure? Health Information Direct to Your Phone There are mobile health apps that can take your heartbeat, just like a single-lead ECG. These apps can interface with exercise gear, such as…

  • Risk Assessments Critical for Budget Planning

    by Fahmida Y. Rashid on October 22, 2014

    Planning for next year's budget is stressful for everyone involved, but information security professionals have the added challenge of translating their requests into business risks to get senior management buy-in. Understanding how the threats and gaps in protection map to business risks will help streamline the first round of budget planning. It is critical that you perform a full risk…

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Cyber Security Awareness Month: Engage Your Users

    by Fahmida Y. Rashid on October 21, 2014

    Security professionals should take advantage of Cyber Security Awareness Month to spotlight security initiatives within their organization. Use this month to get the board and C-suite to think about security. This is also a good time to demystify security for your end users. The Department of Homeland Security has conducted a series of events every year in October since 2004 to improve security…

  • And Then There Were None: Europe, the Internet, and the Right to Be Forgotten

    by John Linkous on October 20, 2014

    The European Court of Justice's ruling in May said that individuals have the "right to be forgotten" could fundamentally change Internet privacy and security. The case involved a Spanish attorney, Mario Costeja González, who was troubled that public notices were being posted in his local newspaper regarding the repossession and auction of his home. He appealed to the Court, which ruled that, …

  • Security in the Cloud? Your Questions and Cloud Resources

    by Christopher Burgess on October 16, 2014

    The "cloud" is a nebulous concept. The "private cloud" is not as clearly defined as the "public cloud," but it is still confusing. Of course, we have a long list of questions regarding the cloud, but it's important to ask questions specifically about how cloud data is stored and kept secure. Resources to secure the cloud are plentiful. Here are some of the most important questions organizations…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 31 Oct 2014 03:39:57 -0400.
© 2014 EMC Corporation. All rights reserved.