Menu

Blogs

Showing Blog Posts: 11–20 of 130 tagged Data Breach

  • The Hacker as an Administrator

    by Marc Maiffret on February 10, 2015

    In many data breaches, your IT team or someone else with the right privileges has been co-opted. By the time an attacker is lifting data from your servers, they are no longer hacking but simply using stolen user credentials and passwords. And in many of those instances, the way they are moving through your environment is not via any custom tools, but by taking advantage of administrative features…

  • Designing and Building a Security Operations Center

    by Ben Rothke on January 28, 2015

    Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues…

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • What the Sony Hack Means for Critical Infrastructure

    by Gib Sorebo on January 8, 2015

    Given the number of major breaches making the news, not only do they begin to blur together, but it also becomes easy to underappreciate the significance of each one. The Sony hack may have gotten lost in the crowd if it weren’t for the way Sony responded, by cancelling or postponing the release of “The Interview.” Moreover, the source of the attack was not some garden variety criminal hacker or…

  • The best information security book of 2014 and some other excellent ones

    by Ben Rothke on December 29, 2014

    There were a lot of good information security book that came out in 2014, and many that were not worth reading. The following book stand out as the best, followed by a number of other superb titles, listed in no particular order: Measuring and Managing Information Risk: A FAIR Approach - Authors Dr. Jack Freund and Jack Jones have written a magnificent book that will change the way (for the…

  • Network Intrusion: Methods of Attack

    by Robert Moskowitz on December 25, 2014

    A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attacks work. In most cases, such unwanted activity absorbs network resources intended for other uses, and nearly always threatens the security of the network and/or its data. Properly designing and deploying a network intrusion detection…

  • Today's Challenge: Database Security in the Cloud

    by Christopher Burgess on December 19, 2014

    There is more to loud data security than just data security in the cloud. The core product offerings for cloud data storage services (or Cloud Sync and Share as they my be called) include storage, sync, share, view, collaborate, Web and mobile support, and APIs, said Rich Mogull of Securosis. "Without a solid security baseline it really doesn't matter what else the service officers," Mogull wrote. …

  • Shopping at Breached Retailers This Holiday Season

    by Fahmida Y. Rashid on December 17, 2014

    We are about halfway into the holiday shopping season, and it’s not clear if the retail breaches have affected how consumers are shopping this year. Overall shopper traffic over the Thanksgiving holiday—Thursday to Sunday—dropped 5.2 percent compared to 2013, according to early numbers from the National Retail Federation released earlier this month. There were also a lot of provocative numbers…

  • Guidelines For Retailers This Holiday Shopping Season

    by Fahmida Y. Rashid on November 19, 2014

    The holiday shopping season is looming, and retailers are gearing up for Black Friday and other sales. It's been a year since criminals infiltrated Target's networks with malware and made off with millions of credit card details. Retailers are scrambling to get everything ready for the shoppers and deals; we hope their networks are secure and ready, as well. Or will cyber-criminals have another…

  • The Human Element in the Data Breach

    by Christopher Burgess on November 17, 2014

    We are all familiar with the adage, "to err is human; to really foul things up requires a computer," which implies that the computer may be to blame for many data breach calamities. Alas, it appears the erring human is also culpable. Take, for example, the recent kerfuffle surrounding Apple's iCloud and the compromise of celebrity accounts containing salacious photos. After much slinging of…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 31 Aug 2015 00:46:06 -0400.
© 2015 EMC Corporation. All rights reserved.