• Security 2.0: Survival in the New Threatscape

    by RSAC Contributor on July 20, 2015

    This is the first in a three-part series on IT security from Forsythe Technology. This post looks at core infrastructure and threat and vulnerability management. Security breaches are inevitable. Organizations needs to shift from aging mindsets and predictable tools to comprehensive prevention, detection and response capabilities in order to neutralize potential damage. In this blog series, …

  • Cloud Security at RSA Conference 2015 APJ

    by Fahmida Y. Rashid on July 20, 2015

    RSA Conference Asia-Pacific kicks of this week in Singapore. Last month, RSA Security’s Zulfikar Ramzan and Jim Reavis, the CEO of the Cloud Security Alliance, dug into the big questions surrounding cloud security during a TweetChat. Some of the topics discussed during the chat will also be part of the conversation at RSA Conference in Singapore. There will be a number of sessions at RSA Conference…

  • Don’t Make the Mistake of Being the Low-Hanging Fruit

    by Tony Bradley on July 17, 2015

    Attackers are typically lazy and many attacks are automated. If you’re an easy target, you will inevitably get breached. You’ve probably heard somebody say something to the effect that they don’t worry too much about security because they don’t have any data of value or interest. Maybe you’ve even said that your business. Unfortunately, that isn’t how attacker logic works. The mistake in this…

  • Peers Discuss Risks in the Payments World

    by RSAC Contributor on July 16, 2015

    Mike Vergara, vice-president of consumer risk management at PayPal led 25 security and risk professionals in a discussion about risk in the payments world as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Vergara's notes from the session. The attendees of Misconceptions of Risk in the Payments World provided a lively discussion and we all came away with new…

  • Automobile Industry Joins ISAC Party

    by Fahmida Y. Rashid on July 15, 2015

    The automobile industry’s new intelligence sharing and analysis center (ISAC) will let automakers exchange threat information to better secure vehicles. The announcement comes amidst growing concerns over vehicular safety. Self-driving cars aren’t the only targets, as all the automation systems and controls in passenger cars are increasingly networked. More than 60 percent of all new vehicles by…

  • The Modern Sherlock Holmes of the Cyber World is in Silicon Valley

    by RSAC Contributor on July 14, 2015

    Media Contributor – Interview by Kema (Rajandran) Johnson, a correspondent with Australian Security Magazine It’s no secret that information is power and it’s this notion that has sustained the initial interest in cyber forensics for young Security Engineer, Prima Virani. With an interest in information security and forensics from an early age, Ms Virani was drawn to the cyber security domain, …

  • Cloud Computing Design Patterns

    by Ben Rothke on July 13, 2015

    Far too many technology books take a Hamburger Helper approach, where the first part of the book is about an introduction to the topic with filler at the end with numerous appendices of publicly available information. These books end up being well over 800 pages without a lot of original information, even though they are written an advanced audience. In software engineering, a design pattern is a…

  • Hacking as a Competitive Sport, In Sports

    by Rook Security on July 10, 2015

    Recently we witnessed a rookie’s debut into the world of the breached–the MLB’s Houston Astros. With St. Louis Cardinals management now acknowledging its role in the attack to obtain operational information, it is a fascinating development for a number of reasons. Millions of credit cards stolen from a retailer? Been there, done that. Data on professional sports teams being illegally accessed?…

  • The Robot Invasion

    by Securosis Team on July 8, 2015

    This post is by Mike Rothman, analyst and President of Securosis, an independent security research firm. Most "models" of the technology market are nonsense, though there are a few models that I think make a huge amount of sense. Anything that looks like a grid and has vendors reduced to dots is the former. Gartner's hype cycle is the latter. For those of you that aren't familiar with the hype…

  • Peers Discuss Security Certifications

    by RSAC Contributor on July 6, 2015

    Security professionals break into small groups to discuss specific topics of interest during the RSA Conference Peer-2-Peer sessions. Ben Rothke, a senior eGRC consultant with Nettitude, facilitated a P2P discussion about the value of security certifications. Read on for Ben's thoughts about the discussion. During RSA Conference 2015 in San Francisco, I led a peer-to-peer session where I asked…

This document was retrieved from on Tue, 01 Dec 2015 13:18:29 -0500.
© 2015 EMC Corporation. All rights reserved.