Menu

Blogs

Showing Blog Posts: 1–10 of 98 tagged Compliance

  • Peers Share Stories About Adopting the Cybersecurity Framework

    by RSAC Contributor on June 12, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Timothy Shea, a member of RSA’s Global Public Sector (GPS) Team, facilitated a P2P discussion about experiences adopting the cybersecurity framework (CSF) at RSA Conference 2015 in San Francisco. In this post, Shea continues the discussion from that session. The Cyb…

  • CSA Guide to Cloud Computing: Implementing Cloud Privacy and Security

    by Ben Rothke on May 16, 2015

    Full disclosure: this book is sponsored by the Cloud Security Alliance of which I am a founding member. I am also friends with 2 of the authors. Even though cloud computing is mainstream such that even the Federal Government is on board; it’s not necessarily so that it will always make computing cheaper and faster. And all the more so when it comes to security and privacy. The challenge is how to…

  • Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

    by Ben Rothke on April 29, 2015

    All encryption (with the exception of a one-time pad) can be broken. Bruce Schneier likes to use the analogy of a pole in the ground for encryption. You can try to break the pole (encryption); or simply go around the pole. Rather than finding problems with a proven encryption algorithm, attackers will try to go around it via how it’s implemented, and other similar attacks. In Phishing Dark Waters:…

  • Stop the Insanity! My First Year as a PCI QSA

    by Rook Security on April 27, 2015

    I’ve been involved with PCI-DSS in some way, shape, or form over the past eight years. For most of this time, I worked for corporations that needed to achieve or maintain PCI DSS compliance. A little over a year ago, I received Qualified Security Assessor (QSA) training and became a full-fledged QSA. It’s quite different being on the other side of the fence. I also understand my clients’…

  • Dive into Deep Conversations at Peer-2-Peer Sessions at RSAC 2015

    by Fahmida Y. Rashid on April 16, 2015

    At RSA Conference, you can meet in a group to explore a specific security topic in-depth as part of a Peer-2-Peer session. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short summary to help you decide. This post highlights five P2P sessions (Scroll down for answers). Links to other session summaries are at the…

  • Which Peer-2-Peer Session at RSAC 2015 Interests You?

    by Fahmida Y. Rashid on April 15, 2015

    Have you checked out a Peer-2-Peer session yet? In a Peer2Peer session, you explore a specific security topic with other like-minded peers and a facilitator. There are quite a few sessions, covering enterprise defense, incident response, and privacy, just to name a few. We asked each session facilitator to provide a short summary to help you decide which session will be the most relevant to your…

  • Which Peer-2-Peer Session Will You Attend at RSAC 2015?

    by Fahmida Y. Rashid on April 13, 2015

    What is a Peer-2-Peer session? Peer2Peer sessions enable groups that share a common interest to come together and explore a specific security topic. You will be digging into a topic you really care about in a room with like-minded peers and a facilitator. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short…

  • Securosis Guide: 2015 Endpoint Security Trends

    by Securosis Team on April 7, 2015

    This post is part of a multi-part series about the Securosis Guide to the RSA Conference (download the RSAC-G PDF). Please scroll to the bottom for links to other posts in the series. What you'll see at the RSAC in terms of endpoint security is really more of the same. Advanced attacks blah, mobile devices blah blah, AV-vendor hatred blah blah blah. Just a lot of blah... But we are still recovering…

  • Securosis Guide: P.Compliance.90X

    by Securosis Team on March 27, 2015

    This post is part of a multi-part series about the Securosis Guide to the RSA Conference (download the RSAC-G PDF). Please scroll to the bottom for links to other posts in the series. Compliance. It's a principle driver for security spending, and vendors know this. That's why each year compliance plays a major role in vendor messaging on the RSAC show floor. A plethora of companies claiming to be…

  • Working With Government: Security Standards

    by Todd Inskeep on March 5, 2015

    This is the fifth post in a multi-part series following the President’s State of the Union speech back in January. The series examines how the information security community needs to engage with the government to shape laws which will affect the industry. You can see the first, second, third, and fourth posts. Let's take a look at prescriptive requirements. There has been little discussion of…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 30 Jul 2015 23:01:47 -0400.
© 2015 EMC Corporation. All rights reserved.