Menu

Blogs

Showing Blog Posts: 1–10 of 136 tagged Enterprise Defense

  • Treat Yourself to a SPA, Not a Pen Test

    by Rook Security on August 27, 2015

    A lot of companies are asked to do a pen test by their clients, because they think a pen test will let them know if their business partner’s technology is “secure” against cyber threats. The scan happens. The areas that need to be fixed are fixed. And the client feels warm and fuzzy inside. However, this feeling is misleading as the company isn't necessarily more secure— all it says is that you…

  • CISO Guide to Being an Effective Security Leader

    by Fahmida Y. Rashid on August 10, 2015

    With all the data breaches and security headlines of the past year, it was inevitable that the role of the CISO would become much more visible. Organizations are increasingly hiring CISOs or creating senior-level security positions, but there is still a lot of confusion about what a CISO actually does. The job description has changed from mitigating exposure and securing the perimeter, to one of…

  • Digital Identity Management

    by Ben Rothke on August 6, 2015

    Digital identity management is a broad term; but when applied to information security, refers to identifying users with a network, application or system and controlling their access to resources within those systems and applications. An interesting point made early in Digital Identity Management (Elsevier 978-1785480041) is that French Interest users averaged 16.4 digital ID’s in 2013; which is up…

  • Peers Discuss Supply Chain, Governance

    by RSAC Contributor on August 3, 2015

    Puneet Kukreja, senior security advisor of National Australia Bank, led security and risk professionals from financial services, automotive, and energy sectors in a roundtable discussion about supply chain security as part of the Peer-to-Peer session at RSA Conference 2015 in San Francisco. Below is Kukrejas notes from the session. Approximately 30 attendees were present for the roundtable…

  • Peers Discuss Partner Security

    by RSAC Contributor on July 31, 2015

    Ken Morrison, principal of IT consultancy Morrison Consulting, led security and risk professionals in a discussion about outsourcing as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Morrison's notes from the session. Outsourcing to global partners is a regular activity by companies seeking to leverage their resources. Our session, Who’s invited to Your…

  • Data Protection and Identity and Access Management Domains

    by RSAC Contributor on July 24, 2015

    This is the second in a three-part series on IT security from Forsythe Technology. This post looks at data protection and identity and access management. Other posts covered core infrastructure and threat and vulnerability management and governance and application security. Your Data Has Left the Building: Are You Protecting It? In the previous post, I talked about the current role of perimeter and…

  • Security 2.0: Survival in the New Threatscape

    by RSAC Contributor on July 20, 2015

    This is the first in a three-part series on IT security from Forsythe Technology. This post looks at core infrastructure and threat and vulnerability management. Security breaches are inevitable. Organizations needs to shift from aging mindsets and predictable tools to comprehensive prevention, detection and response capabilities in order to neutralize potential damage. In this blog series, …

  • The Robot Invasion

    by Securosis Team on July 8, 2015

    This post is by Mike Rothman, analyst and President of Securosis, an independent security research firm. Most "models" of the technology market are nonsense, though there are a few models that I think make a huge amount of sense. Anything that looks like a grid and has vendors reduced to dots is the former. Gartner's hype cycle is the latter. For those of you that aren't familiar with the hype…

  • Peers Share Stories About Adopting the Cybersecurity Framework

    by RSAC Contributor on June 12, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Timothy Shea, a member of RSA’s Global Public Sector (GPS) Team, facilitated a P2P discussion about experiences adopting the cybersecurity framework (CSF) at RSA Conference 2015 in San Francisco. In this post, Shea continues the discussion from that session. The Cyb…

  • Security by the Numbers and the Work Ahead

    by Fahmida Y. Rashid on June 2, 2015

    Every day, there is yet another survey or report highlighting people’s perceptions of information security and identifying issues that need attention. Most of them tend to repeat what we already know, but two stood out recently and got me thinking. Data Breach Costs The first is the 2015 Cost of Data Breach by IBM and the Ponemon Institute. The average per-record cost of lost or stolen data in the…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 05 Sep 2015 03:44:39 -0400.
© 2015 EMC Corporation. All rights reserved.