Menu

Blogs

Showing Blog Posts: 31–40 of 131 tagged Enterprise Defense

  • An Anthem to Get Behind: Enable Two-Factor Authentication

    by Eric Cowperthwaite on February 17, 2015

    In the security industry, we all know it’s just a matter of time, sometimes minutes, before the next breach makes headlines. We’re stopping and blocking attacks left and right, and it only takes that one time for a hacker to be right, that one mistake before we have to answer the question, “What happened?” The latest victim was Anthem, a huge health insurance provider who had 80 million customer…

  • Changing the Security Conversation One Topic at a Time

    by Fahmida Y. Rashid on February 3, 2015

    Just two months into 2015, and there is already a theme in information security: let's talk. Let's talk within the organization, within the industry, with the government, with everyone else. It's not a new concept. The hallmark of a good security professional is one who can communicate effectively with end users, business stakeholders, and the board of directors. Information security…

  • Catching Up With Innovation Sandbox Winners: Sourcefire

    by Fahmida Y. Rashid on February 2, 2015

    The Innovation Sandbox Contest turns 10 this April! Every year, RSA Conference showcases 10 companies with innovative information security products on the market as part of its Innovation Sandbox Contest. Teams from each company present and demonstrate their product in front a panel of judges and answer questions. This year's winner will be named “Most Innovative Company at RSA Conference 2015.”…

  • Loose Lips Sink Ships (And Profit Margins!)

    by Dale "Woody" Wooden on January 27, 2015

    Dale "Woody" Wooden illustrates security concepts through stories. This story looks at how attackers monitor employee social media accounts. There is also a Part 2. One of the largest threats facing any corporation is the leak of critical information and the ease at which it can be monitored by criminals and terrorists. Few organizations properly train their employees how to protect themselves at…

  • The Practical Guide to HIPAA Privacy and Security Compliance

    by Ben Rothke on January 25, 2015

    From an information security perspective, there is nothing overly onerous with the HIPAA security and privacy requirements. But like all regulations, the devil is in the details. While HIPAA is meant to protect large-scale disclosure of patient data, some of it includes absurd requirements such as ensuring white-boards in hospital wards don’t have full patient information and that intravenous…

  • SBN: Running Adobe Flash? You Need to Read This Today

    by Security Bloggers Network on January 23, 2015

    Adobe has released a critical security patch for an Adobe Flash vulnerability that is being exploited by online criminals. The vulnerability, known as CVE-2015-0310, can be used by hackers to “circumvent memory randomization mitigations” on versions of Windows. Obviously it would be sensible to ensure that your version of Flash is updated as soon as possible. If you’re using Google Chrome or…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Are You Building a Cybersecurity Ecosystem or Just a Bunch of Controls?

    by Gib Sorebo on January 14, 2015

    With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in…

  • Infrastructure Protection: Plans and Strategies

    by Robert Moskowitz on January 12, 2015

    Modern organizations run on information, and information runs on infrastructure. Protecting that information infrastructure is vital to the organization’s health. Accomplishing effective infrastructure protection requires a broadly coordinated approach. This approach establishes priorities, sets operational goals, and details both human and technological requirements for reducing vulnerability, …

  • Customer Data: The Crown Jewels

    by Christopher Burgess on January 9, 2015

    Do you know where your company’s crown jewels are? Comparing customer data to the crown jewels is obviously an appropriate analogy if you consider the history of the jewels. The crown jewels represent the wealth of the monarchy, and in times gone by, a measure of fiscal reserve. England kept its Crown Jewels in Westminster Abbey until the early fourteenth century, and then were were moved to the…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 30 Jul 2015 10:10:07 -0400.
© 2015 EMC Corporation. All rights reserved.