Menu

Blogs

Showing Blog Posts: 1–10 of 122 tagged Data Breach

  • Dig Deep into Security Topics With RSAC 2015 Learning Labs

    by Britta Glade on April 1, 2015

    At RSA Conference, we are hyper-focused on our attendees’ experience. What works for them? What doesn’t work for them? What do they want more of—or less? We scrutinize the feedback from our attendees and challenge ourselves to make every RSA Conference experience energizing, empowering, and enjoyable. From an education content standpoint, I listened and learned a lot from our delegates this year…

  • Prepare Yourself with Incident Response Tabletop Sessions

    by Matthew Pascucci on March 10, 2015

    It's inevitable: Sooner or later, you will experience a security breach. Whether the news makes the front pages of a national media publication or kept within the walls of your company doesn't matter—you'll still feel the repercussions. So how can you prepare? Conduct an incident response (IR) tabletop exercise with all the groups responsible for their part of the incident response plan. Many…

  • The Hacker as an Administrator

    by Marc Maiffret on February 10, 2015

    In many data breaches, your IT team or someone else with the right privileges has been co-opted. By the time an attacker is lifting data from your servers, they are no longer hacking but simply using stolen user credentials and passwords. And in many of those instances, the way they are moving through your environment is not via any custom tools, but by taking advantage of administrative features…

  • Designing and Building a Security Operations Center

    by Ben Rothke on January 28, 2015

    Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues…

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • What the Sony Hack Means for Critical Infrastructure

    by Gib Sorebo on January 8, 2015

    Given the number of major breaches making the news, not only do they begin to blur together, but it also becomes easy to underappreciate the significance of each one. The Sony hack may have gotten lost in the crowd if it weren’t for the way Sony responded, by cancelling or postponing the release of “The Interview.” Moreover, the source of the attack was not some garden variety criminal hacker or…

  • The best information security book of 2014 and some other excellent ones

    by Ben Rothke on December 29, 2014

    There were a lot of good information security book that came out in 2014, and many that were not worth reading. The following book stand out as the best, followed by a number of other superb titles, listed in no particular order: Measuring and Managing Information Risk: A FAIR Approach - Authors Dr. Jack Freund and Jack Jones have written a magnificent book that will change the way (for the…

  • Network Intrusion: Methods of Attack

    by Robert Moskowitz on December 25, 2014

    A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attacks work. In most cases, such unwanted activity absorbs network resources intended for other uses, and nearly always threatens the security of the network and/or its data. Properly designing and deploying a network intrusion detection…

  • Today's Challenge: Database Security in the Cloud

    by Christopher Burgess on December 19, 2014

    There is more to loud data security than just data security in the cloud. The core product offerings for cloud data storage services (or Cloud Sync and Share as they my be called) include storage, sync, share, view, collaborate, Web and mobile support, and APIs, said Rich Mogull of Securosis. "Without a solid security baseline it really doesn't matter what else the service officers," Mogull wrote. …

  • Shopping at Breached Retailers This Holiday Season

    by Fahmida Y. Rashid on December 17, 2014

    We are about halfway into the holiday shopping season, and it’s not clear if the retail breaches have affected how consumers are shopping this year. Overall shopper traffic over the Thanksgiving holiday—Thursday to Sunday—dropped 5.2 percent compared to 2013, according to early numbers from the National Retail Federation released earlier this month. There were also a lot of provocative numbers…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 19 Apr 2015 05:28:42 -0400.
© 2015 EMC Corporation. All rights reserved.