Blogs

  • On deceptive email I get from VeriSign

    by Ben Rothke on February 19, 2010

    VeriSign has long touted themselves as the company of trust. It is pervasive in their advertising, marketing literature, and in their corporate mission statements. Yet for years, VeriSign has been sending marketing emails that are deceptive. Note the email I just got with the subject: Give us 4 minutes, we'll give you a 4GB USB flash drive. That sounds like a pretty reasonable offer, and one would…

  • Preview - Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet

    by Ben Rothke on February 19, 2010

    I just got a copy of Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet. It is one of those true thrillers that is hard to put down. At 260 pages, it is an easy read. The book is a compelling story of the early days of the DDoS wars and how Barrett Lyon tracked down the Russian perpetrators of the attacks. So far, seems like a really good read.

  • Security Warrior

    by Ben Rothke on February 17, 2010

    Security Warrior is an excellent security reference. As is the case in the physical world, when providing computer security the optimal approach is to be proactive. Security Warrior is about taking such a preventive approach to computer predators. Attackers are often highly skilled, and the authors have adopted the premise that the only way to defend a network is to understand the motives of a…

  • New Information Security Lawsuit -- Why Now?

    by Stephen Wu on February 16, 2010

    Over the years, many have doubted whether we will see substantial, real-dollar information security lawsuits. Some said that companies don't want to be embarrassed by filing suit and having to admit in their complaints that they've been hacked. Others said there's no money in it for potential plaintiffs (and plaintiffs' attorneys). In my opinion, I always thought we'd see plaintiffs filing cases…

  • Forensic Discovery

    by Ben Rothke on February 16, 2010

    When most people think of forensics, television shows like Quincy and CSI come to mind. Where such shows deviate from reality is the unrealistic speed at which the actors are able to identify, apprehend and prosecute the perpetrators. In the real world, (unlike television, where the crime must be solved by the end of the family hour), crimes are solved with slow, deliberate and methodical steps. …

  • Managing an Information Security and Privacy Awareness and Training Program

    by Ben Rothke on February 12, 2010

    Managing an Information Security and Privacy Awareness and Training Program is the definitive reference on creating an information security awareness campaign and program. Managing an Information Security and Privacy Awareness and Training Program is without a doubt the definitive reference on creating an information security awareness program Behind most information security problems are users…

  • Cryptography for Dummies

    by Ben Rothke on February 11, 2010

    Cryptography for Dummies is a really good introduction to cryptography. Cryptography is one of the most intimidating aspects of computer security, conjuring up, as it does, such concepts as hash functions and public-key infrastructures. For the average user who wants to know about cryptography without gaining the proficiency of a cryptographer, Cryptography for Dummies is the perfect…

  • Hacking For Dummies

    by Ben Rothke on February 10, 2010

    Hacking For Dummies is an excellent introduction to hacking for beginners. The media often mistakenly characterize hackers as bored technical geniuses. In truth, most hackers, as the media use the term, are not geniuses; they are simply adept at downloading hacking tools that do all of the dirty work for them. These so-called script kiddies often do not know what they are doing until the damage…

  • Outsourcing Information Security

    by Ben Rothke on February 9, 2010

    Outsourcing Information Security is required reading for anyone considering outsourcing information security functionality. When it comes to the outsourcing of information security functions specifically, the situation is even worse. Far too few organizations know the inherent risks involved with outsourcing security, and don't properly investigate what they are getting into. The same company…

  • “Ten Commandments” of eDiscovery

    by Stephen Wu on February 9, 2010

    My colleague, Steven Teppler, recently spoke at the LegalTech New York trade show on eDiscovery and digital evidence topics. After attending the show, Steve posted a listserv mail concerning an interesting presentation at the show entitled "The Ten eDiscovery Commandments." The presenters were U.S. Magistrate Judges Frank Maas and Andrew Peck (both from the Southern District of New York). …

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 26 Jul 2014 03:06:32 -0400.
© 2014 EMC Corporation. All rights reserved.