• The Modern Sherlock Holmes of the Cyber World is in Silicon Valley

    by RSAC Contributor on July 14, 2015

    Media Contributor – Interview by Kema (Rajandran) Johnson, a correspondent with Australian Security Magazine It’s no secret that information is power and it’s this notion that has sustained the initial interest in cyber forensics for young Security Engineer, Prima Virani. With an interest in information security and forensics from an early age, Ms Virani was drawn to the cyber security domain, …

  • Cloud Computing Design Patterns

    by Ben Rothke on July 13, 2015

    Far too many technology books take a Hamburger Helper approach, where the first part of the book is about an introduction to the topic with filler at the end with numerous appendices of publicly available information. These books end up being well over 800 pages without a lot of original information, even though they are written an advanced audience. In software engineering, a design pattern is a…

  • Hacking as a Competitive Sport, In Sports

    by Rook Security on July 10, 2015

    Recently we witnessed a rookie’s debut into the world of the breached–the MLB’s Houston Astros. With St. Louis Cardinals management now acknowledging its role in the attack to obtain operational information, it is a fascinating development for a number of reasons. Millions of credit cards stolen from a retailer? Been there, done that. Data on professional sports teams being illegally accessed?…

  • The Robot Invasion

    by Securosis Team on July 8, 2015

    This post is by Mike Rothman, analyst and President of Securosis, an independent security research firm. Most "models" of the technology market are nonsense, though there are a few models that I think make a huge amount of sense. Anything that looks like a grid and has vendors reduced to dots is the former. Gartner's hype cycle is the latter. For those of you that aren't familiar with the hype…

  • Peers Discuss Security Certifications

    by RSAC Contributor on July 6, 2015

    Security professionals break into small groups to discuss specific topics of interest during the RSA Conference Peer-2-Peer sessions. Ben Rothke, a senior eGRC consultant with Nettitude, facilitated a P2P discussion about the value of security certifications. Read on for Ben's thoughts about the discussion. During RSA Conference 2015 in San Francisco, I led a peer-to-peer session where I asked…

  • We Can Learn a Few Lessons From Data Breaches

    by Fahmida Y. Rashid on July 3, 2015

    A data breach, or any security incident, really, should never be a point of schadenfreude or the start of the blame game. No matter how secure you are in your security plans, this is a good opportunity to look for lessons you can apply to your organization. When a data breach hits the news headlines, it’s easy to fall in the trap of pointing out errors. “If only the company had done this.” “The…

  • Get Ready for RSA Conference 2016 Call for Speakers

    by Britta Glade on July 2, 2015

    RSA Conference moves back to its “traditional” timing next year, taking place Feb. 29-Mar. 4 in San Francisco at the Moscone Center. Quite naturally, that means Call for Speakers is back in the summer: watch for it to open July 15 and close on August 13. This is an incredibly busy time of year for many of you (who said anything about a vacation!?), so hopefully a heads up on this window of time…

  • Collecting Security Metrics and What They Mean

    by Fahmida Y. Rashid on July 1, 2015

    Perhaps you are in the middle of a security rollout, or have new security initiatives in place. How do you know your project is successful? How do you identify problem spots, the areas which need fine-tuning or modifications? Simply put, what metrics do you have in place to help you understand the project's effectiveness? Measurements aren't supposed to be easy. Threats change on a regular basis, …

  • Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data

    by Ben Rothke on June 30, 2015

    Getting log data is not an IT challenge. But the information security challenge and a huge struggle for those who are tasked with it, is making sense of a near infinite amount of data. In Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data, authors Mark Talabis, Robert McPherson, I. Miyamoto and Jason Martin have created a brief guide that shows how you…

  • When Data Classification is a Mistake

    by Wendy Nather on June 29, 2015

    Classifying data is such a given that it's often one of the first things that security professionals recommend when launching a program. If you don't know the criticality of your data and where it's located, the conventional wisdom goes, then how can you assess the risk and decide how to mitigate it? And if you don't know what's most critical, then how can you prioritize your finite resources…

This document was retrieved from on Sat, 30 Apr 2016 14:47:06 -0400.
© 2016 EMC Corporation. All rights reserved.