Menu

Blogs

Showing Blog Posts: 11–20 of 102 tagged Enterprise Defense

  • Customer Data: The Crown Jewels

    by Christopher Burgess on January 9, 2015

    Do you know where your company’s crown jewels are? Comparing customer data to the crown jewels is obviously an appropriate analogy if you consider the history of the jewels. The crown jewels represent the wealth of the monarchy, and in times gone by, a measure of fiscal reserve. England kept its Crown Jewels in Westminster Abbey until the early fourteenth century, and then were were moved to the…

  • Cybercrime: The Computer Hacking Persona Debunked

    by Robert Moskowitz on December 29, 2014

    Popular media is filled with stories of computer hackers —young, male, nerdy college dropouts who are not very social—and their hacking activities. However, reports show that hackers are actually a wild and crazy bunch and far more diverse than most people suspect. They are quite social in certain settings. What's more, within these social circles, advanced knowledge of computers and software…

  • Lockdown: Information Security Threats on the Edge of 2015

    by John Linkous on December 26, 2014

    As we look forward to 2015, this is a good time to take stock of how the information security threats and attack landscape have been changing. Let’s see: major data breaches at global, brand-name organizations, state-sponsored hacking activity, revelations of our own government's attempts to access personal data. It would be easy to proclaim 2014 as the "Year of the Security Threat," but that's…

  • Network Intrusion: Methods of Attack

    by Robert Moskowitz on December 25, 2014

    A network intrusion is any unauthorized activity on a computer network. Detecting an intrusion depends on the defenders having a clear understanding of how attacks work. In most cases, such unwanted activity absorbs network resources intended for other uses, and nearly always threatens the security of the network and/or its data. Properly designing and deploying a network intrusion detection…

  • A Morality Tale: The Good and Bad of DDoS Attacks, and What to Do About Them

    by John Linkous on December 8, 2014

    It's 4:55 p.m. on a Friday afternoon, and your phone rings. You're a CISO of a large company selling products online. It's your lead SOC analyst calling with a big problem. The moment that you've successfully avoided for your tenure so far has finally arrived: web-facing applications are slowing to a crawl, and customers are calling and complaining. You are under attack—it’s a distributed…

  • Your End-of-the-Year Security Checklist

    by Fahmida Y. Rashid on December 5, 2014

    Let's talk about checklists! Specifically, checklists of things information security professionals should complete between now and the end of the year. Slow period? What slow period? The end-of-the-year is a very busy time for IT security. Last minute modifications and additions to next-year's budget are underway, as well as looking at this year's budget and figuring out what else needs to be…

  • Keeping the Lights On, Networks Safe

    by Fahmida Y. Rashid on December 1, 2014

    December is a month for looking back at all the things that happened this year and for looking ahead to what is in store next year. For many information security professionals, it is also a month of long hours as organizations rely on skeleton staff to defend the network. Criminals frequently launch their campaigns over holidays, weekends, and late at night when IT staff has a skeleton crew in…

  • Bulletproof SSL and TLS

    by Ben Rothke on November 24, 2014

    If SSL is the emperor’s new clothes, then Ivan Ristic in Bulletproof SSL and TLS has shown that perhaps the emperor isn't wearing anything at all. There is a perception that if a web site is SSL secured, then it’s indeed secure. Read a few pages in this important book, and the SSL = security myth is dispelled. For the first 8 of the 16 chapters, Ristic, one of the greatest practical SSL./TLS…

  • Network Intrusion: NIDS and Detection

    by Robert Moskowitz on November 24, 2014

    Network intrusions—any unauthorized activity on a computer network—utilize network resources that can be better used for other, authorized, purposes. They threaten the security of the network and data. There are a variety of ways to detect an intrusion, including monitoring network logs, sniffing network traffic, and real-time filtering for specific network events. At a minimum, network security…

  • Guidelines For Retailers This Holiday Shopping Season

    by Fahmida Y. Rashid on November 19, 2014

    The holiday shopping season is looming, and retailers are gearing up for Black Friday and other sales. It's been a year since criminals infiltrated Target's networks with malware and made off with millions of credit card details. Retailers are scrambling to get everything ready for the shoppers and deals; we hope their networks are secure and ready, as well. Or will cyber-criminals have another…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 05 Mar 2015 17:30:40 -0500.
© 2015 EMC Corporation. All rights reserved.