Menu

Blogs

  • Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan

    by Ben Rothke on June 10, 2015

    An extremely important piece of advice in Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan is on page 85, where authors Jeff Bollinger, Brandon Enright and Matthew Valites write that you will need at least one dedicated and full-time person to analyze your security event data. When creating programs for information security monitoring and its corresponding…

  • RSAC Unplugged, A Visual Retrospective

    by Fahmida Y. Rashid on June 9, 2015

    At RSA Conference, we like to experiment and try out new things. We tried crowd-sourcing some sessions for RSA Conference 2015. We are having year-round conversations through blog posts and webcasts. With RSAC Unplugged, we put 120 people in one room with excellent speakers and waited to see what would happen. We took away the exhibit hall and the sales pitches, consolidated all the tracks into…

  • Growing Up: A Roadmap to Vulnerability Management Maturity

    by Eric Cowperthwaite on June 8, 2015

    At this year’s RSA Conference, there was strong focus on identifying where your company’s security posture is in terms of maturity. As Brian Krebs touched on in a recent post, there are many different maturity models outlining what your company is doing, and what it should be doing. Of course each company is different, and the path to reducing risk is never a straight line. It is, however, …

  • How We Foiled Ransomware and Got the Files Back

    by RSAC Contributor on June 5, 2015

    Derek Soeder is a senior threat researcher at Cylance. In this post, Soeder discusses how he and his team reverse engineered ransomware to recover the password used to encrypt client files. In the interest of length, some of the technical steps the team took have been omitted from this story. Read on to find out just what Soeder had to do to retrieve client data being held hostage by ransomware. In…

  • Regionally Focused Security Lessons on Tap at RSA Conference APJ

    by Britta Glade on June 3, 2015

    The full agenda for RSA Conference Asia Pacific & Japan 2015 will soon be posted, featuring many top-rated speakers from across the globe delivering powerful presentations. The Program Committee had its hands full this year as it sorted through a record number of submissions, tasked with selecting those that provided the most timely, compelling content for our attendees—content that would really…

  • Security by the Numbers and the Work Ahead

    by Fahmida Y. Rashid on June 2, 2015

    Every day, there is yet another survey or report highlighting people’s perceptions of information security and identifying issues that need attention. Most of them tend to repeat what we already know, but two stood out recently and got me thinking. Data Breach Costs The first is the 2015 Cost of Data Breach by IBM and the Ponemon Institute. The average per-record cost of lost or stolen data in the…

  • Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace

    by Ben Rothke on June 1, 2015

    Any organization that has a sizeable web presence, especially if it involves e-commerce, will inevitably become a victim of some sort of Internet malfeasance. Contrary to popular management belief, knowing how to effectively deal with, respond to, and recover from such incidents is not a trivial endeavor. Nothing proved that more than the Sony breach of 2014. In Investigating Internet Crimes: An…

  • Using Peer Collaboration to Manage Supply Chain Risk

    by RSAC Contributor on May 29, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Robin Slade, of Shared Assessments, facilitated a P2P discussion on peer collaboration for risk management at RSA Conference 2015 in San Francisco. In this post, Slade continues the discussion from that session. Professionals in finance/banking, healthcare, insurance, …

  • Hijacking Made Easy: Ransomware, Bitcoin, the Dark Web, and Intellectual Property Theft

    by John Linkous on May 27, 2015

    The FBI may have shut down CryptoLocker last year, but researchers report new variants of Cryptolocker have already started infecting users. Other ransomware families continue to make its way into corporate networks. Unlike other, stealthier malware focused on committing intellectual property theft without being seen, CryptoWall and its malware brethren flaunt their presence right in your face. …

  • The Human Element of Computer Security

    by Robert Moskowitz on May 25, 2015

    Most organizations spend significant sums on high-tech defenses such as firewalls, anti-virus software, intrusion detection systems, and biometric locking devices as part of their computer security efforts. But even the strongest hardware and software defenses cannot withstand the human element. The damage can be inflicted intentionally by demotivated employees or unintentionally by…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 03 Jul 2015 13:20:42 -0400.
© 2015 EMC Corporation. All rights reserved.