Menu

Blogs

Showing Blog Posts: 1–10 of 95 tagged Compliance

  • Stop the Insanity! My First Year as a PCI QSA

    by Rook Security on April 27, 2015

    I’ve been involved with PCI-DSS in some way, shape, or form over the past eight years. For most of this time, I worked for corporations that needed to achieve or maintain PCI DSS compliance. A little over a year ago, I received Qualified Security Assessor (QSA) training and became a full-fledged QSA. It’s quite different being on the other side of the fence. I also understand my clients’…

  • Dive into Deep Conversations at Peer-2-Peer Sessions at RSAC 2015

    by Fahmida Y. Rashid on April 16, 2015

    At RSA Conference, you can meet in a group to explore a specific security topic in-depth as part of a Peer-2-Peer session. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short summary to help you decide. This post highlights five P2P sessions (Scroll down for answers). Links to other session summaries are at the…

  • Which Peer-2-Peer Session at RSAC 2015 Interests You?

    by Fahmida Y. Rashid on April 15, 2015

    Have you checked out a Peer-2-Peer session yet? In a Peer2Peer session, you explore a specific security topic with other like-minded peers and a facilitator. There are quite a few sessions, covering enterprise defense, incident response, and privacy, just to name a few. We asked each session facilitator to provide a short summary to help you decide which session will be the most relevant to your…

  • Which Peer-2-Peer Session Will You Attend at RSAC 2015?

    by Fahmida Y. Rashid on April 13, 2015

    What is a Peer-2-Peer session? Peer2Peer sessions enable groups that share a common interest to come together and explore a specific security topic. You will be digging into a topic you really care about in a room with like-minded peers and a facilitator. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short…

  • Securosis Guide: 2015 Endpoint Security Trends

    by Securosis Team on April 7, 2015

    This post is part of a multi-part series about the Securosis Guide to the RSA Conference (download the RSAC-G PDF). Please scroll to the bottom for links to other posts in the series. What you'll see at the RSAC in terms of endpoint security is really more of the same. Advanced attacks blah, mobile devices blah blah, AV-vendor hatred blah blah blah. Just a lot of blah... But we are still recovering…

  • Securosis Guide: P.Compliance.90X

    by Securosis Team on March 27, 2015

    This post is part of a multi-part series about the Securosis Guide to the RSA Conference (download the RSAC-G PDF). Please scroll to the bottom for links to other posts in the series. Compliance. It's a principle driver for security spending, and vendors know this. That's why each year compliance plays a major role in vendor messaging on the RSAC show floor. A plethora of companies claiming to be…

  • Working With Government: Security Standards

    by Todd Inskeep on March 5, 2015

    This is the fifth post in a multi-part series following the President’s State of the Union speech back in January. The series examines how the information security community needs to engage with the government to shape laws which will affect the industry. You can see the first, second, third, and fourth posts. Let's take a look at prescriptive requirements. There has been little discussion of…

  • Security Awareness Training: We're Doing it Wrong!

    by Rook Security on March 3, 2015

    This post comes from Arlie Hartman, a senior security advisor at Rook Security. It’s a relentless mantra in information security community: “People are the weakest link.” The success of email phishing, watering hole attacks, and over-the-phone social engineering tactics proves that attackers just have to target people in order to sidestep several layers of defense in depth measures. Most security…

  • We Welcome Our New Automation Overlords

    by Securosis Team on February 5, 2015

    This post is by Rich Mogull, analyst and CEO of Securosis, an independent security research firm. I am inherently lazy. If I can come up with some new, automated way to solve a problem and save some time, I'll spend many hours more than it would take to knock it out manually on the off chance of some future time savings. But I understand I'm a bit unusual that way (and it is sometimes to my…

  • Social Media Security: Leveraging Social Networking While Mitigating Risk

    by Ben Rothke on February 3, 2015

    A firm can spend decades building a brand into one that inspires trust. Unfortunately, social media can quickly destroy that trust in an instant. In Social Media Security: Leveraging Social Networking While Mitigating Risk, author Michael Cross provides a comprehensive overview of the security and privacy risks around social media. The book lives up to its title and effectively shows the reader…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 27 Apr 2015 08:05:26 -0400.
© 2015 EMC Corporation. All rights reserved.