Menu

Blogs

  • Blackhat Movie Shows Viewers What Cyber-Attacks Look Like

    by Fahmida Y. Rashid on January 19, 2015

    Cybercrime is practically on the news every day—infected computers looting individual bank accounts, distributed denial-of-service attacks, hacked social media accounts, and data breaches. So clearly the time is right for a movie about hacking, right? There are plenty of reviews already for Michael Mann’s latest action thriller Blackhat, so there is no need to repeat what they say here, here, and …

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Are You Building a Cybersecurity Ecosystem or Just a Bunch of Controls?

    by Gib Sorebo on January 14, 2015

    With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in…

  • RSAC 2015 Spotlight: Innovation Sandbox

    by Fahmida Y. Rashid on January 13, 2015

    Is there innovation left in the information security industry? Or are companies faced with the same catalog of over-promising/under-delivering products year after year? The Innovation Sandbox at RSA Conference is designed to show off exciting developments in our industry. For conference veterans and first-timers alike, the week will be jam-packed with talks, keynotes, and sessions, as well as…

  • Infrastructure Protection: Plans and Strategies

    by Robert Moskowitz on January 12, 2015

    Modern organizations run on information, and information runs on infrastructure. Protecting that information infrastructure is vital to the organization’s health. Accomplishing effective infrastructure protection requires a broadly coordinated approach. This approach establishes priorities, sets operational goals, and details both human and technological requirements for reducing vulnerability, …

  • Customer Data: The Crown Jewels

    by Christopher Burgess on January 9, 2015

    Do you know where your company’s crown jewels are? Comparing customer data to the crown jewels is obviously an appropriate analogy if you consider the history of the jewels. The crown jewels represent the wealth of the monarchy, and in times gone by, a measure of fiscal reserve. England kept its Crown Jewels in Westminster Abbey until the early fourteenth century, and then were were moved to the…

  • What the Sony Hack Means for Critical Infrastructure

    by Gib Sorebo on January 8, 2015

    Given the number of major breaches making the news, not only do they begin to blur together, but it also becomes easy to underappreciate the significance of each one. The Sony hack may have gotten lost in the crowd if it weren’t for the way Sony responded, by cancelling or postponing the release of “The Interview.” Moreover, the source of the attack was not some garden variety criminal hacker or…

  • Looking Ahead at RSA Conference 2015

    by Fahmida Y. Rashid on January 6, 2015

    Information security is not a static field. There is always something to learn, from experts in the field and from peers in the industry. One way to do that is by attending conferences—and RSA Conference 2015 is coming up. Are you ready? This is as good time as any for a reminder: RSA Conference 2015 is in April. Make that mental adjustment now—instead of spending a week in San Francisco in late…

  • N-DEx: Law Enforcement Security Standards

    by Robert Moskowitz on January 5, 2015

    The U.S. government launched a major law enforcement project, the National Data Exchange (N-DEx), in March 2008 to facilitate cases, criminal information, and available evidence among cooperating agencies. It's 2014, and the project is languishing. N-DEx was designed as an information repository that federal, state, and local law enforcement could tap for a variety of purposes, with the basic idea…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 18 Apr 2015 07:38:00 -0400.
© 2015 EMC Corporation. All rights reserved.