Blogs

  • A Cloud Is Still a Cloud: The Private Cloud and Security

    by John Linkous on August 28, 2014

    Leading image

    The options today for moving business functions to private clouds are staggering. Organizations adopt the cloud for various applications, from direct-to-buyer sales and content delivery, to back office functions such as supply chain management, finance operations, and human resources. The increasingly granular ways in which they can slice-and-dice cloud delivery are tremendous. Private clouds, in particular, are being adopted at a heavy rate as organizations shift business operations to…

  • Data Protects Patient Privacy

    by Christopher Burgess on August 26, 2014

    Who wants his or her medical information shared beyond the healthcare professionals who need to know? It’s common sense that when it comes to medical privacy, no one wants to share his information. For the recent 2014 EMC Privacy Index,respondents from different countries were asked to rate their willingness to trade privacy for convenience on a scale from 0 to 100 (100 being the most willing and 0…

  • Risks of Not Fixing the Heartbleed Flaw

    by Fahmida Y. Rashid on August 22, 2014

    By now you’ve seen reports about the data breach at Community Health Systems where attackers stole non-medical records for 4.5 million patients, and how attackers targeted the Heartbleed flaw to get on the network. This should be a warning to IT admins: Did you fully address the bug in your own networks? "Unless fully remediated, Heartbleed leaves open doors for attackers to extract data, including…

  • Intelligence-Driven Security and the Future of Threat Detection

    by John Linkous on August 21, 2014

    For many years, signature-based detection was the hallmark of finding and eliminating security threats in the enterprise. While antivirus and similar products were successful against single-vector attacks, the fact is, we're seeing more and more major security breaches where traditional approaches to security no longer work. To address these new threats, intelligence-driven security is needed. …

  • Social Engineering in IT Security: Tools, Tactics, and Techniques

    by Ben Rothke on August 21, 2014

    When I first got a copy of Social Engineering in IT Security Tools, Tactics, and Techniques by Sharon Conheady, my first thought was that it likely could not have much that Christopher Hadnagy didn’t already detail in the definitive text on the topic: Social Engineering: The Art of Human Hacking. Obviously Hadnagy thought differently, as he wrote the foreward to the book; which he found to be a…

  • The Journey of an RSA Conference Speaking Submission

    by Britta Glade on August 20, 2014

    When thinking about the process for RSA Conference speaking proposals, I remembered School House Rock’s “I’m Just a Bill.” You know the one—“Bill,” a cute rolled-up piece of paper is sitting on the steps of Capitol Hill. He teaches the curious kid about the process, the waits, the analysis, and the debates that take place as part of his journey to becoming a law. For those “curious kids on the…

  • Cybercrime and Effective Cyber Law Enforcement

    by Robert Moskowitz on August 19, 2014

    These days, it's rare to open a news source (print or digital) without finding a story about cybercrime. Cybercriminals are hacking into databases, stealing credit and debit card account numbers, compromising individuals' identities, and shutting down legitimate websites. These articles highlight how necessary cyber law enforcement has become.Although data security budgets keep climbing and…

  • Identity Management and the Cloud: It's Easier Than You Think

    by John Linkous on August 14, 2014

    How do you create an identity management cloud? Identity management (IDM) has in the past hovered on the periphery of information security. No longer. As organizations become more aware of the risks of not keeping track of users, what they access, and what privileges they have, identity management is moving to the forefront. And identity management is not just limited to the largest enterprises, …

  • Security Metrics: How Are You Measuring Security?

    by Joshua Marpet on August 12, 2014

    Do you have an information security practice? How do you measure its effectiveness? By the number of tickets generated? The number of viruses found and stamped out? Or by how quiet it is?—"If they don't bother me, they must be doing their job!" Have the security metrics guidelines changed in the last few years as infosec moved away from a helpdesk mentality, towards a penetration tester's…

  • Carry On: Sound Advice from Schneier on Security

    by Ben Rothke on August 11, 2014

    Bruce Schenier has been called an information security rock star. If that’s the case, then Carry On: Sound Advice from Schneier on Security is his greatest hits collection 2008-2013. The roughly 175 essays in the book represent a collection of articles Schneier wrote for this Crypto-Gram newsletter, his blog and other blogs, magazines, newspapers and other periodicals. Some of the articles, such…

  • No Easy Answer for In-App Data Security on Mobile Devices

    by John Linkous on August 7, 2014

    The proliferation of mobile devices—smartphones, tablets, convertibles, and more—is leading to a fundamental shift in how technology is used both for individuals and businesses. It's also leading to major problems for ensuring mobile security, especially inside of apps. App data is managed through Internet-connected, platform-specific programs for mobile devices, delivered through trusted app…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 31 Aug 2014 04:15:35 -0400.
© 2014 EMC Corporation. All rights reserved.