Blogs

  • Training Bad Habits Out of Users: End User Training

    by Christopher Burgess on April 1, 2014

    User behavior is the magic ingredient which can ensure end user training programs are successful or an ignoble failure. The recent RSA Conference 2014 in San Francisco featured a panel discussion on this topic, "Changing User Behavior: The Science of Awareness" hosted by Frank Dimina, director of federal sales at Check Point Software Technologies. Dimina asked the panelists (Kati Rodzon, an…

  • The Oil and Gas Industry: A Surge in Cybersecurity Vigilance?

    by Gib Sorebo on March 31, 2014

    Last week I chaired a cybersecurity summit in Houston, Texas, one of many cybersecurity conferences focused on this sector. While the American Petroleum Institute (API) has sponsored such conferences for nearly a decade, the proliferation of these conferences along with the resurrection of an Information Sharing and Analysis Center (ISAC) for the oil and gas industry is a reflection of greater…

  • Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency

    by Ben Rothke on March 31, 2014

    Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency is definitely not your typical information security title. Mix in a few parts reference, technical guide, rant, scary stories, comedy and myriad references to movies, and there you have this book. The full title of the book is actually Cyber Attack, CyberCrime, CyberWarfare - CyberComplacency: Is Hollywood's blueprint for Chaos coming true?…

  • How Metrics Dictate Survival of Security's Fittest

    by Katrina Rodzon on March 27, 2014

    Setting up and maintaining a security awareness program is almost identical to doing a research study. You start with a question or behavior, you create your study/manipulation, and you measure the results. Sometimes the results lead to the end of the experiment, many other times it leads to small or large manipulations and further experimentation. The same is true when setting up a security…

  • Secure Global Open Source Calling and Message Tools

    by David Wallace on March 25, 2014

    Risk versus reward? Open source versus packaged? Security or flexibility? All of these decisions matter deeply when considering personal safety for international travelers. Because today's cell phones send a signal beacon that identifies your location, network, and movement, companies are turning to more secure open source applications to protect phone conversations and hide the email trail in…

  • Security Assessment From the Outside-In

    by David Wallace on March 20, 2014

    Outside-In security starts with realizing that your company or organization doesn't have all the answers. The Internet is a big place, and the World Wide Web is just one part of it. Connected mobile devices and appliances are expanding their reach every day, and with it, the complexity of a security assessment. Importance of Security Assessments Your people rely on personal devices and…

  • Protect Against Internal Data Security Threats: Specific Strategies and Techniques

    by Robert Moskowitz on March 18, 2014

    Everyone's worried about anonymous hackers, but the smartest IT Security teams also keep a sharp eye out for internal data security threats such as leaks from disgruntled employees, paid spies, or even trusted workers who are susceptible to human error. While you cannot guarantee total information security, at any price, there are some cost-effective strategies and techniques to cut down on the…

  • The Industrial Defender Acquisition: A Merging of National Security with Critical Infrastructure?

    by Gib Sorebo on March 17, 2014

    This last week, Industrial Defender announced that it had been acquired by Lockheed Martin for an unspecified amount. Brian Ahern and his team are to be congratulated on this apparently successful exit that they had been working towards for the last 12 years. Industrial Defender has long been the largest of the cybersecurity firms specializing in industrial control systems. It is a very fractured…

  • RFID: Connecting Users and Devices

    by Christopher Burgess on March 13, 2014

    Radio-frequency identification (RFID) chips are permeating our life at every level—at work, at home, and on the go. And while there is a important distinction between RFID and near field communications (NFC) chips, the premise is similar. For example, you may carry a dongle which opens your automobile door when it's within 20 feet of the vehicle. Whereas if you have a credit card from a European…

  • Threat Modeling: Designing for Security

    by Ben Rothke on March 3, 2014

    When it comes to measuring and communicating threats, the most ineffective example in recent memory was the Homeland Security Advisory System; which was a color-coded terrorism threat advisory scale. The system was rushed into use and its output of colors was not clear. What was the difference between levels such as high, guarded and elevated? From a threat perspective, which color was more severe -…

This document was retrieved from http://www.rsaconference.com/blogs on Tue, 23 Sep 2014 04:20:21 -0400.
© 2014 EMC Corporation. All rights reserved.