Menu

Blogs

  • Out of the Shadows: Fear is the Real Cloud Threat

    by Danelle Au on June 15, 2015

    Shadow IT is a misnomer, and we need to stop pretending that so-called rogue software applications are going to bring down the enterprise. That kind of fear mongering is misleading and doesn’t help advance the cause of securing data in the cloud. In fact, it is more of a threat to the security of the cloud than the software it demonizes. The term Shadow IT was coined out of a vestigial, …

  • Peers Share Stories About Adopting the Cybersecurity Framework

    by RSAC Contributor on June 12, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Timothy Shea, a member of RSA’s Global Public Sector (GPS) Team, facilitated a P2P discussion about experiences adopting the cybersecurity framework (CSF) at RSA Conference 2015 in San Francisco. In this post, Shea continues the discussion from that session. The Cyb…

  • Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan

    by Ben Rothke on June 10, 2015

    An extremely important piece of advice in Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan is on page 85, where authors Jeff Bollinger, Brandon Enright and Matthew Valites write that you will need at least one dedicated and full-time person to analyze your security event data. When creating programs for information security monitoring and its corresponding…

  • RSAC Unplugged, A Visual Retrospective

    by Fahmida Y. Rashid on June 9, 2015

    At RSA Conference, we like to experiment and try out new things. We tried crowd-sourcing some sessions for RSA Conference 2015. We are having year-round conversations through blog posts and webcasts. With RSAC Unplugged, we put 120 people in one room with excellent speakers and waited to see what would happen. We took away the exhibit hall and the sales pitches, consolidated all the tracks into…

  • Growing Up: A Roadmap to Vulnerability Management Maturity

    by Eric Cowperthwaite on June 8, 2015

    At this year’s RSA Conference, there was strong focus on identifying where your company’s security posture is in terms of maturity. As Brian Krebs touched on in a recent post, there are many different maturity models outlining what your company is doing, and what it should be doing. Of course each company is different, and the path to reducing risk is never a straight line. It is, however, …

  • How We Foiled Ransomware and Got the Files Back

    by RSAC Contributor on June 5, 2015

    Derek Soeder is a senior threat researcher at Cylance. In this post, Soeder discusses how he and his team reverse engineered ransomware to recover the password used to encrypt client files. In the interest of length, some of the technical steps the team took have been omitted from this story, but the original is now available on the Cylance website. Read on to find out just what Soeder had to do to…

  • Regionally Focused Security Lessons on Tap at RSA Conference APJ

    by Britta Glade on June 3, 2015

    The full agenda for RSA Conference Asia Pacific & Japan 2015 will soon be posted, featuring many top-rated speakers from across the globe delivering powerful presentations. The Program Committee had its hands full this year as it sorted through a record number of submissions, tasked with selecting those that provided the most timely, compelling content for our attendees—content that would really…

  • Security by the Numbers and the Work Ahead

    by Fahmida Y. Rashid on June 2, 2015

    Every day, there is yet another survey or report highlighting people’s perceptions of information security and identifying issues that need attention. Most of them tend to repeat what we already know, but two stood out recently and got me thinking. Data Breach Costs The first is the 2015 Cost of Data Breach by IBM and the Ponemon Institute. The average per-record cost of lost or stolen data in the…

  • Investigating Internet Crimes: An Introduction to Solving Crimes in Cyberspace

    by Ben Rothke on June 1, 2015

    Any organization that has a sizeable web presence, especially if it involves e-commerce, will inevitably become a victim of some sort of Internet malfeasance. Contrary to popular management belief, knowing how to effectively deal with, respond to, and recover from such incidents is not a trivial endeavor. Nothing proved that more than the Sony breach of 2014. In Investigating Internet Crimes: An…

  • Using Peer Collaboration to Manage Supply Chain Risk

    by RSAC Contributor on May 29, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Robin Slade, of Shared Assessments, facilitated a P2P discussion on peer collaboration for risk management at RSA Conference 2015 in San Francisco. In this post, Slade continues the discussion from that session. Professionals in finance/banking, healthcare, insurance, …

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 03 Sep 2015 13:12:02 -0400.
© 2015 EMC Corporation. All rights reserved.