• What Black Hat and the NFL Have in Common: Strategy

    by Eric Cowperthwaite on August 19, 2015

    This time of year is a merging of two of my favorite things, Hacker Summer Camp aka BSidesLV, Black Hat and DefCon, and the beginning of the football season. On the surface it might not appear that these things have a lot in common. However, a bit deeper analysis tells us that the strategies employed by your security team and your favorite football team revolve around many of the same principles…

  • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography

    by Ben Rothke on August 19, 2015

    It’s not clear who first uttered the quip: Of course I can keep a secret. It's the people I tell it to that can't. But what’s clear is that there are plenty of times when it’s a matter of life and death to ensure that secrets remain undisclosed. In The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography, author Simon Singh reveals the often hush-hush world of the science of…

  • Change Your Gears

    by Securosis Team on August 17, 2015

    I'm a cyclist. Not necessarily a very good one, but I can hold my own in the middle of the pack. On group rides you always have the person who locks into a gear and sticks with it. Their pedaling cadence slows on hills, speeds up on inclines, and they don't really shift a lot. It isn't overly efficient, especially compared to the pro-level riders who keep a constant cadence and work the shifter…

  • Security Awareness as the Front Line of Defense

    by Fahmida Y. Rashid on August 13, 2015

    People still fall for phishing scams, open up attachments on spam messages, and visit websites claiming to have exclusive video footage of the latest scandal du jour. The average person’s ability to stay safe online hasn’t really changed. We are bombarded almost daily about the latest data breaches. Many of us have had our credit cards replaced, not just once, but maybe even twice or three times, …

  • A Note on #CISOProblems

    by Eric Cowperthwaite on August 11, 2015

    What is it about this time of year? In the past month or so I’ve noticed even more headlines and reports than usual about the problems plaguing today’s CSOs and CISOs. If you’ve somehow managed to dodge the onslaught of grim stats, I’ll sum it up for you: The “bad guys” are proliferating and becoming more sophisticated. Security managers are having a hard time getting enough “good guys” on their…

  • CISO Guide to Being an Effective Security Leader

    by Fahmida Y. Rashid on August 10, 2015

    With all the data breaches and security headlines of the past year, it was inevitable that the role of the CISO would become much more visible. Organizations are increasingly hiring CISOs or creating senior-level security positions, but there is still a lot of confusion about what a CISO actually does. The job description has changed from mitigating exposure and securing the perimeter, to one of…

  • A Vendor's View of the RSA Conference: U.S. vs. Asia-Pacific Japan

    by RSAC Contributor on August 7, 2015

    This post comes from Stephen Cavey, director of corporate development for Ground Labs. Ground Labs was a sponsor and exhibitor for both RSA Conference USA and RSA Conference APJ this year. Below are his thoughts on both conferences. Conferences provide the ideal venue to directly engage your clients, as well as connect with members of the same industry. And when it comes to IT security…

  • Digital Identity Management

    by Ben Rothke on August 6, 2015

    Digital identity management is a broad term; but when applied to information security, refers to identifying users with a network, application or system and controlling their access to resources within those systems and applications. An interesting point made early in Digital Identity Management (Elsevier 978-1785480041) is that French Interest users averaged 16.4 digital ID’s in 2013; which is up…

  • Gossip to Grownup: How Intelligence Sharing Developed

    by Wendy Nather on August 5, 2015

    From an evolutionary standpoint, there was probably not much difference for cavemen between saying, "Watch out for that saber-toothed cat," "Don't eat those berries," and "Don't get Gerf mad; she swings a mean tree branch." It was all about sharing information about threats. And we're still working out how to do that today, based on the new types of threats to our businesses, our social standing, …

  • Peers Talk About Mindfulness

    by RSAC Contributor on August 4, 2015

    Jennifer Minella, VP of Engineering at Carolina Advanced Digital, led security and risk professionals in a discussion about mindfulness and leadership as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Minella's notes from the session. The idea of this P2P was that we can affect change in the workplace around us, and sharing ways to go about that. In the end…

This document was retrieved from on Fri, 27 Nov 2015 08:38:56 -0500.
© 2015 EMC Corporation. All rights reserved.