Menu

Blogs

  • You Can’t Squeeze Blood From a Turnip

    by Tony Bradley on September 23, 2015

    You’ve probably heard the phrase “You can’t squeeze blood from a turnip,” before. The point is that no amount of begging, coercing, pushing, or otherwise coaxing something can yield results if those results simply aren’t possible. Many organizations, however, hand a proverbial turnip to the CISO and expect blood in return. Executive management or the company board have expectations for the CISO. …

  • Augmented Reality Law, Privacy, and Ethics: Law, Society, and Emerging AR Technologies

    by Ben Rothke on September 19, 2015

    The legal field is always catching up to advances in technology. Once of the many examples is the Digital Millennium Copyright Act (DMCA), which only went into effect in 1998. About 7 years after the creation of the world wide web. In Augmented Reality Law, Privacy, and Ethics: Law, Society, and Emerging AR Technologies, author and attorney Brian Wassom provides a forward thinking approach to how…

  • Making The Case For “Small Data”

    by Chenxi Wang on September 17, 2015

    Big Data is a buzzword. Many organizations hitching themselves to the Big Data-wagon amass data quickly in search of unicorn-esque insight, but don’t put much thought into the process. To make matters worse, data, in its various contemporary forms, is readily available. The temptation is high– to collect simply because you can and because it may become useful at some point. We should practice the…

  • Glass Houses are Cheaper: the Case for Transparent Pentesting

    by Wendy Nather on September 16, 2015

    When you engage an external company to do vulnerability assessments and penetration testing, you have a few options on how to scope it. Here are some of them: Win/lose engagement: either they get in, or they don't. In a previous life, I bought pizza for the consultants if they got in during the annual pentest. For four years I bought pizza, and then in the fifth year my wallet finally got a break. …

  • What Do Companies Expect From a CISO?

    by Tony Bradley on September 15, 2015

    The role of CISO is an important one. It must be. It has Chief right in the title. The question, though, is what exactly does a company expect a CISO to do? You can’t meet or manage expectations if you don’t know what they are, and there’s a good chance you won’t keep your CISO job very long if you can’t meet expectations. A CISO is responsible for securing and protecting information assets but…

  • Taking Responsibility for Information Security

    by Tony Bradley on September 9, 2015

    It’s impossible for any one person to manage every aspect of securing the network, endpoints and data of an entire organization. The top of the security chain of command in most cases is the Chief Information Security Officer, though, so ultimately that responsibility falls on the shoulders of the CISO. Security is everyone’s job. Each and every employee within a company has to have some basic…

  • InfoSec People Are Doing It For Themselves

    by RSAC Contributor on September 8, 2015

    I founded Peerlyst as a no-spin zone where the information security community can share real-world experience, coming up with solutions to common (and not-so-common) problems. To my delight, that’s exactly what’s been happening—and we announced an exciting milestone earlier this month. PeerSource Budget is a crowdsourced tool that gives InfoSec professionals powerful new capabilities for…

  • Criminals Use CEO Emails to Target Companies

    by RSAC Contributor on September 3, 2015

    That email from the CEO in your inbox may not be real. Stop and pick up the phone to make sure it's legitimate before you take action. The FBI said cybercriminals stole nearly $750 million from more than 7,000 companies in the United States between October 2013 and August 2015. When you include international victims, total losses from busness-to-email attacks exceed $1.2 billion. Attackers, …

  • VC CyberInvestment Landscape is White-Hot

    by RSAC Contributor on September 2, 2015

    This post on security investment trends comes from Alberto Yépez, managing director of venture capital firm Trident Capital Cybersecurity. Cybersecurity is an incredibly important investment arena for venture capitalists. There are two things to note: Experts estimate cyberattacks result in a $100 billion annual loss in the U.S. economy. And while cybersecurity spending is growing, it remains a…

  • Forget IoT. Your Antivirus is under Heavy Fire

    by RSAC Contributor on September 1, 2015

    This post comes from Bogdan Botezatu, a security researcher with BitDefender. While the general public awaits the IoT apocalypse, the rest of us know the real threat actually runs much deeper. Highly skilled and extremely well financed computer experts are targeting the apex link in the security ecosystem: the anti-malware vendor itself. Recent revelations have shown the National Security Agency…

This document was retrieved from http://www.rsaconference.com/blogs on Tue, 09 Feb 2016 21:37:43 -0500.
© 2016 EMC Corporation. All rights reserved.