Menu

Blogs

Showing Blog Posts: 1–10 of 125 tagged Enterprise Defense

  • The Human Element of Computer Security

    by Robert Moskowitz on May 25, 2015

    Most organizations spend significant sums on high-tech defenses such as firewalls, anti-virus software, intrusion detection systems, and biometric locking devices as part of their computer security efforts. But even the strongest hardware and software defenses cannot withstand the human element. The damage can be inflicted intentionally by demotivated employees or unintentionally by…

  • What's Next in Our Security Conversation

    by Fahmida Y. Rashid on May 18, 2015

    There were a lot of interesting conversations at RSA Conference last month. With everyone back home and back to the pressures of the daily job, what happens next? Where does all that energy and excitement go? Hopefully, it is being channeled into informal conversations and new initiatives. One of the key themes was that security is broken and it needs to change. Every company needs a holistic…

  • SANS NetWars at RSAC 2015

    by Fahmida Y. Rashid on May 15, 2015

    SANS Institute brought its NetWars competition to RSA Conference 2015 in San Francisco. A hands-on, interactive learning environment, SANS NetWars lets information security professionals develop and master skills they need in their jobs. The program focuses on developing skills in vulnerability assessment, system hardening, malware analysis, digital forensics, incident response, packet analysis, …

  • Today’s Attack Mode Mindset to Pen Testing

    by Eric Cowperthwaite on May 13, 2015

    Let’s start off by getting on the same page about what a penetration test is. The goal is generally to provide or your management team with an evaluation and snapshot of the organization’s security posture at a specified time. The actual testing involves mimicking what real attackers do, usually by leveraging a chain of vulnerabilities (i.e. attack path) in an attempt to reach critical assets. …

  • Transforming Security into THE Business Enabler

    by Rook Security on May 11, 2015

    When I began my security career, shortly after the Y2K scare, there were many conversations about security as a roadblock. “Can’t do that ‘cause security won’t let us!” Most of the time security had the best interest of the company in mind, but other times it was because security professionals didn’t always understand the business objective. Silos existed in IT, IT Security, Business, and…

  • Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

    by Ben Rothke on April 29, 2015

    All encryption (with the exception of a one-time pad) can be broken. Bruce Schneier likes to use the analogy of a pole in the ground for encryption. You can try to break the pole (encryption); or simply go around the pole. Rather than finding problems with a proven encryption algorithm, attackers will try to go around it via how it’s implemented, and other similar attacks. In Phishing Dark Waters:…

  • Is Defense in Depth Dead? Part 2: The Lesson of Babylon

    by Danelle Au on April 28, 2015

    A few weeks ago, when I asked, Is Defense in Depth Dead? I used the example of Dover Castle to illustrate the point that, as weapons and warfare change, defensive strategies must also evolve to meet new realities. Dover Castle and other fortresses offered their occupants centuries of effective protection—until the advent of gunpowder and cannon on the battlefields of medieval Europe. Which is not…

  • Learning About New Attack Techniques at RSAC 2015

    by Tony Kontzer on April 22, 2015

    A funny thing happened on my way to a session at the RSA Conference Tuesday. Long before I got there, and as I was checking messages on my phone, I nearly walked right into the back of a line. But for what? There were hundreds of people standing in line in the concourse, and hundreds of others rifling through their conference guides trying to figure out what all of the hubbub was. I smelled a…

  • RSA's Amit Yoran: Security is Stumbling Around in the Dark

    by Tony Kontzer on April 21, 2015

    Amit Yoran clearly knows a good metaphor when he sees one. Or in this case, doesn’t see one. Yoran, who was named RSA's president last fall, took the stage at the RSA Conference in San Francisco Tuesday to deliver his first opening keynote. In the dark. And he let the audience of thousands sit there, in the pitch black, for an excruciatingly long moment before offering the first glimpses of what…

  • Homeland Security Chief Talks Cybersecurity Mission at RSAC 2015

    by Tony Kontzer on April 21, 2015

    Jeh Johnson knows all too well how important security is. As the secretary of the U.S. Department of Homeland Security, Johnson not only is responsible for protecting the nation from terrorists, he's also accompanied by a secret service detail everywhere he goes. There was a time when that kind of physical security was enough, but the world has changed. During a keynote at the RSA Conference in…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 28 May 2015 06:05:54 -0400.
© 2015 EMC Corporation. All rights reserved.