• The Sorry State of Cybersecurity Threat Intelligence

    by Gib Sorebo on January 21, 2015

    During the opening montage of every Law and Order episode is the statement (by now probably burned into all our collective consciousness): “In the criminal justice systems there are two separate yet equally important groups, the police who investigate crimes and the district attorney who prosecutes the offenders. These are their stories.” What is typically left out of both the TV show and the real…

  • InfoSec Needs to Work With Government to Shape New Laws

    by Todd Inskeep on January 21, 2015

    The President’s State of The Union address Tuesday night addressed Information Security for the second time in three years. Two years ago, in 112 words, the President announced the NIST Framework, increased information sharing through executive action, and called for the nation to “face the rapidly growing threat from cyber-attacks.” The threat then was theft of corporate secrets and “real threats…

  • RSA Conference Announces New Crowdsourced Submissions

    by Britta Glade on January 20, 2015

    We are very excited to introduce Crowdsourced Submissions at RSA® Conference 2015! This is an opportunity for the public to vote on sessions of interest. We know you have great ideas and terrific conversation topics—the quality and quantity of submissions for the traditional tracks was at an all time high this year—so here’s your chance to still be part of the RSA Conference program. Submissions…

  • Blackhat Movie Shows Viewers What Cyber-Attacks Look Like

    by Fahmida Y. Rashid on January 19, 2015

    Cybercrime is practically on the news every day—infected computers looting individual bank accounts, distributed denial-of-service attacks, hacked social media accounts, and data breaches. So clearly the time is right for a movie about hacking, right? There are plenty of reviews already for Michael Mann’s latest action thriller Blackhat, so there is no need to repeat what they say here, here, and …

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Are You Building a Cybersecurity Ecosystem or Just a Bunch of Controls?

    by Gib Sorebo on January 14, 2015

    With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in…

  • RSAC 2015 Spotlight: Innovation Sandbox

    by Fahmida Y. Rashid on January 13, 2015

    Is there innovation left in the information security industry? Or are companies faced with the same catalog of over-promising/under-delivering products year after year? The Innovation Sandbox at RSA Conference is designed to show off exciting developments in our industry. For conference veterans and first-timers alike, the week will be jam-packed with talks, keynotes, and sessions, as well as…

  • Infrastructure Protection: Plans and Strategies

    by Robert Moskowitz on January 12, 2015

    Modern organizations run on information, and information runs on infrastructure. Protecting that information infrastructure is vital to the organization’s health. Accomplishing effective infrastructure protection requires a broadly coordinated approach. This approach establishes priorities, sets operational goals, and details both human and technological requirements for reducing vulnerability, …

  • Customer Data: The Crown Jewels

    by Christopher Burgess on January 9, 2015

    Do you know where your company’s crown jewels are? Comparing customer data to the crown jewels is obviously an appropriate analogy if you consider the history of the jewels. The crown jewels represent the wealth of the monarchy, and in times gone by, a measure of fiscal reserve. England kept its Crown Jewels in Westminster Abbey until the early fourteenth century, and then were were moved to the…

This document was retrieved from on Thu, 08 Oct 2015 16:11:10 -0400.
© 2015 EMC Corporation. All rights reserved.