Blogs

Showing Blog Posts: 1–10 of 107 tagged Data Breach

  • Around the Web: Backoff, Online Payments, Security

    by Fahmida Y. Rashid on October 24, 2014

    Data breaches, point-of-sale malware, and payment card security were among the hottest topics this week. Information security professionals have to sift through and absorb a lot of information throughout the week, including news reports, survey results, threat advisories, and security warnings. That's just the beginning. Don't forget breaking research, insightful blog posts from other security…

  • Security in the Cloud? Your Questions and Cloud Resources

    by Christopher Burgess on October 16, 2014

    The "cloud" is a nebulous concept. The "private cloud" is not as clearly defined as the "public cloud," but it is still confusing. Of course, we have a long list of questions regarding the cloud, but it's important to ask questions specifically about how cloud data is stored and kept secure. Resources to secure the cloud are plentiful. Here are some of the most important questions organizations…

  • Modern-Day Intrusion Detection: Of Needles, Haystacks, and Cybercrime

    by John Linkous on October 7, 2014

    After a corporation discovers a data breach, there is a flurry of law enforcement activity. From the FBI, Department of the Treasury, and Secret Service to state and local police, a cadre of law enforcement officials will be part of the investigation into how the data breach occurred, how detection technologies could have been more effective, and who was criminally responsible. One of the hardest…

  • 3 Reasons to Consider a Managed Security Services Partner

    by Christopher Burgess on September 11, 2014

    Companies are generally cataloged as small, medium, or large. But size does not matter to a cybercriminal or an unethical competitor, who view companies as either soft and vulnerable, or hardened and difficult. Companies need to determine what level of "hardness" they need to achieve, and whether they want to build it themselves, partner with a managed security services entity, or a little of…

  • Security Audit: The Pitfalls of Third-Party Assessments

    by John Linkous on September 9, 2014

    Everyone is aware of last year’s data breach at Target. Millions of records of cardholder data were stolen and Target is still recovering, with current costs at $148 million. What's not well-known, or openly discussed, is the behind-the-scenes conversations the company has had with its PCI assessor and the standards organization. The PCI Security Standards Council (SSC), consisting of major credit…

  • Understanding PoS Malware Infecting Retailers

    by Fahmida Y. Rashid on September 3, 2014

    By now you should be aware that cyber-criminals have struck at home improvement giant Home Depot and walked off with payment card details for millions of shoppers. Brian Krebs, who first reported the breach on Tuesday, believes nearly every single Home Depot location has been affected, and that attackers have been stealing payment card details for several months. If true, the breach at Home Depot…

  • Data Protects Patient Privacy

    by Christopher Burgess on August 26, 2014

    Who wants his or her medical information shared beyond the healthcare professionals who need to know? It’s common sense that when it comes to medical privacy, no one wants to share his information. For the recent 2014 EMC Privacy Index,respondents from different countries were asked to rate their willingness to trade privacy for convenience on a scale from 0 to 100 (100 being the most willing and 0…

  • Risks of Not Fixing the Heartbleed Flaw

    by Fahmida Y. Rashid on August 22, 2014

    By now you’ve seen reports about the data breach at Community Health Systems where attackers stole non-medical records for 4.5 million patients, and how attackers targeted the Heartbleed flaw to get on the network. This should be a warning to IT admins: Did you fully address the bug in your own networks? "Unless fully remediated, Heartbleed leaves open doors for attackers to extract data, including…

  • The Business of Security

    by Christopher Burgess on August 6, 2014

    Some of the most affable salespersons any of us have ever encountered are in the business of selling security. The business of security takes on many personas: technology, intelligence, awareness, knowledge, automation, hardware, software, legal, identity, BYOD, privacy, insider or outsider, risk and risk tolerance, and identity. At the recent RSA Conference 2014, many presentations touched one…

  • When Culture and Security Collide

    by Alex Bender on July 7, 2014

    I talked about Security Protocols before it was cool: What happens when culture and security collide? On March 10, 2014, attendees of the music, film and interactive conference and festival South by Southwest (SXSW) crammed into two overflowing rooms for what many would later claim to be the most talked about event of the show. Former NSA contractor Edward Snowden addressed the SXSW audience via…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 31 Oct 2014 06:43:35 -0400.
© 2014 EMC Corporation. All rights reserved.