Menu

Blogs

Showing Blog Posts: 1–10 of 56 tagged Business

  • RSA Conference APJ 2015 Ends With Call to Change the World

    by Fahmida Y. Rashid on July 24, 2015

    In life, there is always room for improvement, and that holds true for how people live, work, and interact. The last day of RSA Conference Asia Pacific & Japan 2015 reiterated that message through sessions, Expo floor, and keynotes. Organizations—and individual professionals—can improve how they operate internally and how they engage as part of a globalized society. Security professionals can—and…

  • Peers Discuss Risks in the Payments World

    by RSAC Contributor on July 16, 2015

    Mike Vergara, vice-president of consumer risk management at PayPal led 25 security and risk professionals in a discussion about risk in the payments world as part of the Peer-to-Peer discussion at RSA Conference 2015 in San Francisco. Below is Vergara's notes from the session. The attendees of Misconceptions of Risk in the Payments World provided a lively discussion and we all came away with new…

  • Collecting Security Metrics and What They Mean

    by Fahmida Y. Rashid on July 1, 2015

    Perhaps you are in the middle of a security rollout, or have new security initiatives in place. How do you know your project is successful? How do you identify problem spots, the areas which need fine-tuning or modifications? Simply put, what metrics do you have in place to help you understand the project's effectiveness? Measurements aren't supposed to be easy. Threats change on a regular basis, …

  • Peers Share Tales of Cyber-Bullying and Revenge Porn in the Workplace

    by RSAC Contributor on June 19, 2015

    Peer-2-Peer sessions bring together like-minded security professionals into small groups to discuss topics important to them. Larry Dietz, general counsel and managing director of information security at TAL Global, facilitated a P2P discussion about cyber-bullying and revenge porn. In this post, Dietz continues the conversation. The Cyber Bullying and Revenge Porn in the Workplace session was…

  • SOC: To outsource or not to outsource?

    by RSAC Contributor on June 17, 2015

    This post comes from Greg Boison, director of homeland and cybersecurity at Lockheed Martin, who was part of the Transforming SOCs roundtable discussion at the recent Gartner Security & Risk Management Summit. The following is his summary of the discussion. While walking the floor and listening to the sessions at the Gartner Risk and Security Summit, a key issue crystallized for me around Security…

  • Out of the Shadows: Fear is the Real Cloud Threat

    by Danelle Au on June 15, 2015

    Shadow IT is a misnomer, and we need to stop pretending that so-called rogue software applications are going to bring down the enterprise. That kind of fear mongering is misleading and doesn’t help advance the cause of securing data in the cloud. In fact, it is more of a threat to the security of the cloud than the software it demonizes. The term Shadow IT was coined out of a vestigial, …

  • Growing Up: A Roadmap to Vulnerability Management Maturity

    by Eric Cowperthwaite on June 8, 2015

    At this year’s RSA Conference, there was strong focus on identifying where your company’s security posture is in terms of maturity. As Brian Krebs touched on in a recent post, there are many different maturity models outlining what your company is doing, and what it should be doing. Of course each company is different, and the path to reducing risk is never a straight line. It is, however, …

  • Mining Your Banking Data Gold Mine

    by Dale "Woody" Wooden on May 14, 2015

    Dale "Woody" Wooden illustrates security concepts through stories. His past posts discussed how attackers mine employees' social media accounts for information and how social media can be used against you. This story is about companies asking for way too much information about your business. Would you give up all your itemized bank statements to a third party? Hand over information about…

  • Transforming Security into THE Business Enabler

    by Rook Security on May 11, 2015

    When I began my security career, shortly after the Y2K scare, there were many conversations about security as a roadblock. “Can’t do that ‘cause security won’t let us!” Most of the time security had the best interest of the company in mind, but other times it was because security professionals didn’t always understand the business objective. Silos existed in IT, IT Security, Business, and…

  • Give Boards Metrics They Can Actually Understand

    by Tony Kontzer on April 22, 2015

    Troy Braban was only half-joking with this slide he shared at the RSA Conference in San Francisco: "83.45% of metric presentations at 96.82% of security conferences suck." Fortunately for the the more than 500 attendees who packed his session to hear about security metrics boards actually care about, Braban, the CISO of Australia Post, wasn't talking about himself. The problem most CISOs have in…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 27 Jul 2015 23:29:15 -0400.
© 2015 EMC Corporation. All rights reserved.