Menu

Blogs

  • What the Sony Hack Means for Critical Infrastructure

    by Gib Sorebo on January 8, 2015

    Given the number of major breaches making the news, not only do they begin to blur together, but it also becomes easy to underappreciate the significance of each one. The Sony hack may have gotten lost in the crowd if it weren’t for the way Sony responded, by cancelling or postponing the release of “The Interview.” Moreover, the source of the attack was not some garden variety criminal hacker or…

  • Looking Ahead at RSA Conference 2015

    by Fahmida Y. Rashid on January 6, 2015

    Information security is not a static field. There is always something to learn, from experts in the field and from peers in the industry. One way to do that is by attending conferences—and RSA Conference 2015 is coming up. Are you ready? This is as good time as any for a reminder: RSA Conference 2015 is in April. Make that mental adjustment now—instead of spending a week in San Francisco in late…

  • Cyber Crime and Cyber Terrorism Investigator's Handbook

    by Ben Rothke on January 5, 2015

    While the perpetrator of the recent Sony hack is still to be determined, it was certainly an act of either cybercrime or cyberterrorism. With that, in Cyber Crime and Cyber Terrorism Investigator's Handbook, editors Babak Akhgar, Andrew Staniforth and Francesca Bosco have assembled a team of over 25 writers to give the reader an detailed overview of the topic. The authors and contributors are all…

  • N-DEx: Law Enforcement Security Standards

    by Robert Moskowitz on January 5, 2015

    The U.S. government launched a major law enforcement project, the National Data Exchange (N-DEx), in March 2008 to facilitate cases, criminal information, and available evidence among cooperating agencies. It's 2014, and the project is languishing. N-DEx was designed as an information repository that federal, state, and local law enforcement could tap for a variety of purposes, with the basic idea…

  • Data Privacy in the Era of Sharing

    by Christopher Burgess on January 1, 2015

    Information is meant to be obtained, consumed, and, above all, shared. Yet we sit today in a new era of data privacy and transperancy, where consumers want to know how and where their information will be used. It doesn't matter if the information aggregation happened with their direct participation or if it was collected wholesale. As we collaborate, share, and enable, we must ensure we do so…

  • Security Infrastructure: Homeland Security

    by Robert Moskowitz on December 31, 2014

    As part of its mission to protect US infrastructure, the Department of Homeland Security develops and deploys an array of security infrastructure systems designed to assess, ferret out, and thwart as many real-world risks as possible. The Department must keep American infrastructure secure and resilient enough to withstand and recover from all conceivable dangers. DHS focuses on infrastructure…

  • Cybercrime: The Computer Hacking Persona Debunked

    by Robert Moskowitz on December 29, 2014

    Popular media is filled with stories of computer hackers —young, male, nerdy college dropouts who are not very social—and their hacking activities. However, reports show that hackers are actually a wild and crazy bunch and far more diverse than most people suspect. They are quite social in certain settings. What's more, within these social circles, advanced knowledge of computers and software…

  • The best information security book of 2014 and some other excellent ones

    by Ben Rothke on December 29, 2014

    There were a lot of good information security book that came out in 2014, and many that were not worth reading. The following book stand out as the best, followed by a number of other superb titles, listed in no particular order: Measuring and Managing Information Risk: A FAIR Approach - Authors Dr. Jack Freund and Jack Jones have written a magnificent book that will change the way (for the…

  • Lockdown: Information Security Threats on the Edge of 2015

    by John Linkous on December 26, 2014

    As we look forward to 2015, this is a good time to take stock of how the information security threats and attack landscape have been changing. Let’s see: major data breaches at global, brand-name organizations, state-sponsored hacking activity, revelations of our own government's attempts to access personal data. It would be easy to proclaim 2014 as the "Year of the Security Threat," but that's…

  • Network Intrusion: Methods of Attack

    by Robert Moskowitz on December 25, 2014

    A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attacks work. In most cases, such unwanted activity absorbs network resources intended for other uses, and nearly always threatens the security of the network and/or its data. Properly designing and deploying a network intrusion detection…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 03 Aug 2015 11:09:18 -0400.
© 2015 EMC Corporation. All rights reserved.