Menu

Blogs

  • Measures and Metrics in Corporate Security

    by Ben Rothke on March 18, 2015

    Two of the most famous quotes from Lord Kelvin are “to measure is to know” and “if you can not measure it, you can not improve it”. With that, in Measures and Metrics in Corporate Security, author George Campbell provides a quick and high-level introduction to the topic of metrics and measurement. Campbell is the former Chief Security Officer at Fidelity Investments, where metrics are used…

  • If You’re Not With Us, You’re Against Us

    by Eric Cowperthwaite on March 17, 2015

    It’s time that we all came to an important and necessary conclusion: There is no silver bullet in security. There is no one product, solution, vendor or technology that is going to make you 100 percent secure. And if you’re relying on one product, you deserve a blog post all your own. Now that we’ve all agreed on this point, let’s start talking about how we can all be working together to solve a…

  • Smashing the Binary

    by Wendy Nather on March 16, 2015

    One big problem in security is the tendency to think in binary terms. Either you’re breached or you’re not; either you’re secure or you’re not. But this black-and-white worldview can be the cause of both technology and people problems. Is it possible to be a “little bit pwned”? Most would say no, although if you’re used to dealing with a wide spectrum of incidents within an organization, you know…

  • Is Defense In Depth Dead?

    by Danelle Au on March 12, 2015

    When Great Britain’s Royal Engineer, Maurice built Dover Castle in the late 1100s, he focused not just on the grandeur but on the security of its architecture. In Medieval times, castles were the backbone of power, meaning that it had to withstand assaults from enemies. When building Dover Castle, Maurice The Engineer, who served King Henry II, designed a castle with multiple layers of defense…

  • Keeping Kids Safe Online: RU Ready?

    by Fahmida Y. Rashid on March 11, 2015

    It takes a village to take care of, and protect, children. This year, RSA Conference is thinking of the kids. The Internet offers a tremendous wealth of education opportunities, entertainment options, and communication tools for our kids. Unfortunately, the Internet also exposes kids to various dangers, including cyber-bullying, online predators, and identity theft. Children need to learn how to…

  • Prepare Yourself with Incident Response Tabletop Sessions

    by Matthew Pascucci on March 10, 2015

    It's inevitable: Sooner or later, you will experience a security breach. Whether the news makes the front pages of a national media publication or kept within the walls of your company doesn't matter—you'll still feel the repercussions. So how can you prepare? Conduct an incident response (IR) tabletop exercise with all the groups responsible for their part of the incident response plan. Many…

  • Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

    by Ben Rothke on March 9, 2015

    In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, author Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book…

  • Working With Government: Security Standards

    by Todd Inskeep on March 5, 2015

    This is the fifth post in a multi-part series following the President’s State of the Union speech back in January. The series examines how the information security community needs to engage with the government to shape laws which will affect the industry. You can see the first, second, third, and fourth posts. Let's take a look at prescriptive requirements. There has been little discussion of…

  • Catching Up With Cyphort's Marion Marschalek

    by Fahmida Y. Rashid on March 4, 2015

    Marion Marschalek, a threat researcher with Cyphort, spoke at both RSA Conference 2014 in San Francisco and RSA Conference APJ 2014 in Singapore. In this Q&A she talks about what excites her about information security and how she got to where she is today. RSA Conference: Can you provide some background on how you got into the security industry and how you ended up where you are today? Marschalek:…

  • Security Awareness Training: We're Doing it Wrong!

    by Rook Security on March 3, 2015

    This post comes from Arlie Hartman, a senior security advisor at Rook Security. It’s a relentless mantra in information security community: “People are the weakest link.” The success of email phishing, watering hole attacks, and over-the-phone social engineering tactics proves that attackers just have to target people in order to sidestep several layers of defense in depth measures. Most security…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 23 May 2015 10:52:14 -0400.
© 2015 EMC Corporation. All rights reserved.