• A Note on #CISOProblems

    by Eric Cowperthwaite on August 11, 2015

    What is it about this time of year? In the past month or so I’ve noticed even more headlines and reports than usual about the problems plaguing today’s CSOs and CISOs. If you’ve somehow managed to dodge the onslaught of grim stats, I’ll sum it up for you: The “bad guys” are proliferating and becoming more sophisticated. Security managers are having a hard time getting enough “good guys” on their…

  • CISO Guide to Being an Effective Security Leader

    by Fahmida Y. Rashid on August 10, 2015

    With all the data breaches and security headlines of the past year, it was inevitable that the role of the CISO would become much more visible. Organizations are increasingly hiring CISOs or creating senior-level security positions, but there is still a lot of confusion about what a CISO actually does. The job description has changed from mitigating exposure and securing the perimeter, to one of…

  • A Vendor's View of the RSA Conference: U.S. vs. Asia-Pacific Japan

    by RSAC Contributor on August 7, 2015

    This post comes from Stephen Cavey, director of corporate development for Ground Labs. Ground Labs was a sponsor and exhibitor for both RSA Conference USA and RSA Conference APJ this year. Below are his thoughts on both conferences. Conferences provide the ideal venue to directly engage your clients, as well as connect with members of the same industry. And when it comes to IT security…

  • Digital Identity Management

    by Ben Rothke on August 6, 2015

    Digital identity management is a broad term; but when applied to information security, refers to identifying users with a network, application or system and controlling their access to resources within those systems and applications. An interesting point made early in Digital Identity Management (Elsevier 978-1785480041) is that French Interest users averaged 16.4 digital ID’s in 2013; which is up…

  • Gossip to Grownup: How Intelligence Sharing Developed

    by Wendy Nather on August 5, 2015

    From an evolutionary standpoint, there was probably not much difference for cavemen between saying, "Watch out for that saber-toothed cat," "Don't eat those berries," and "Don't get Gerf mad; she swings a mean tree branch." It was all about sharing information about threats. And we're still working out how to do that today, based on the new types of threats to our businesses, our social standing, …

  • Peers Talk About Mindfulness

    by RSAC Contributor on August 4, 2015

    Jennifer Minella, VP of Engineering at Carolina Advanced Digital, led security and risk professionals in a discussion about mindfulness and leadership as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Minella's notes from the session. The idea of this P2P was that we can affect change in the workplace around us, and sharing ways to go about that. In the end…

  • Peers Discuss Supply Chain, Governance

    by RSAC Contributor on August 3, 2015

    Puneet Kukreja, senior security advisor of National Australia Bank, led security and risk professionals from financial services, automotive, and energy sectors in a roundtable discussion about supply chain security as part of the Peer-to-Peer session at RSA Conference 2015 in San Francisco. Below is Kukrejas notes from the session. Approximately 30 attendees were present for the roundtable…

  • Peers Discuss Partner Security

    by RSAC Contributor on July 31, 2015

    Ken Morrison, principal of IT consultancy Morrison Consulting, led security and risk professionals in a discussion about outsourcing as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Morrison's notes from the session. Outsourcing to global partners is a regular activity by companies seeking to leverage their resources. Our session, Who’s invited to Your…

  • How Not To Be Hacked: The Definitive Guide for Regular People

    by Ben Rothke on July 30, 2015

    The Advanced Encryption Standard (AES), also known as Rijndael, is susceptible to brute forces attacks. Mohit Arora of Freescale Semiconductor wrote in 2012 that it would take 1 billion billion years to crack the 128-bit AES key using brute force attack. No one ever said brute force had to be quick. For those that don’t have a billion billion years, the alternative is to bypass the cryptography…

  • Your Security Posture is Only as Good as Your Security Awareness

    by Tony Bradley on July 29, 2015

    Everyone knows they’re not supposed to open file attachments or click on links in unsolicited emails, right? At this stage in the game after all those headlines, it’s tempting to assume everyone has gotten the memo. Everyone exercises a healthy dose of cautious skepticism when online. Wrong. The average user is definitely better educated about security risks and potential threats than he or she…

This document was retrieved from on Wed, 10 Feb 2016 23:23:06 -0500.
© 2016 EMC Corporation. All rights reserved.