Blogs

Showing Blog Posts: 1–10 of 174 tagged Cybersecurity

  • Network Security Appliance: Build or Buy?

    by Joshua Marpet on October 29, 2014

    Monitoring your network can be a seriously unpleasant task. It involves everything from maintaining firewall rules, watching traffic, looking for problems, keeping track of the latest issues on the Internet, checking log data on the dashboard, correlating events—oh dear God, it keeps going! So, what do you do? Do you use a myriad of tools, stitch them together with some scripting, document the…

  • A Whole New Way to Spot Malware Before It Spots You

    by Robert Moskowitz on October 28, 2014

    Enterprise networks still rely on antivirus software and blacklists to keep known malware at arm's length. But researchers suggest another approach, one which promises to spot a dangerous piece of code before it shows up on a list somewhere. This form of detection doesn't look for malicious code, but for malicious networks communicating with that code. Internet service providers, and any…

  • Cyber Security Awareness Month: Engage Your Users

    by Fahmida Y. Rashid on October 21, 2014

    Security professionals should take advantage of Cyber Security Awareness Month to spotlight security initiatives within their organization. Use this month to get the board and C-suite to think about security. This is also a good time to demystify security for your end users. The Department of Homeland Security has conducted a series of events every year in October since 2004 to improve security…

  • Official (ISC)2 Guide to the CCFP CBK

    by Ben Rothke on October 21, 2014

    The Certified Cyber Forensics Professional (CCFP) is the latest certification from ISC 2 , creators of the CISSP certification. The CCFP, like the CISSP, is built around a common body of knowledge (CBK) that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more. For those looking for reference guide, the Official…

  • Effective Strategies for Information Protection

    by Robert Moskowitz on October 14, 2014

    The fact that more than one user in different locations may require simultaneous access to the confidential information used in different applications makes it difficult to protect the information from a wide variety of threats. Identifying Threats Protection is more than controlling access. It's also about preventing unauthorized release, unauthorized modification, and unauthorized denial of…

  • Critical Infrastructure Security Isn't Keeping Up with Threats

    by John Linkous on October 9, 2014

    The next time you turn on the faucet in your home, ask yourself: "How do I know this water is safe?" This may seem an odd way to begin a blog post on security, but it’s important to realize that water, electricity, food, and transportation are all part of the critical infrastructure that provides these conveniences—and in some cases, the lifeline—of our world. Technology is making these systems…

  • Cybersecurity Requires Qualified Personnel

    by Christopher Burgess on September 25, 2014

    The community of cybersecurity professionals is an energetic, creative, and highly sought-after one. It's also incredibly small, with hiringdemands outpacing available supply of professionals. Ask your chief information security officer, chief information officer, or chief security officer if they have all the information security personnel they want, and the answer will be almost always be a…

  • The Once and Future Network Security Appliance

    by John Linkous on September 16, 2014

    In the early 2000s, the network security appliance became ubiquitous. Beginning with Web application firewalls (WAFs), and eventually extending through all seven layers of the network model, security appliances were being popped into server racks like candy. "Need to filter spam? There's an appliance for that!" "Do you want to analyze the flow data generated on your firewalls? There's an…

  • Social Engineering in IT Security: Tools, Tactics, and Techniques

    by Ben Rothke on August 21, 2014

    When I first got a copy of Social Engineering in IT Security Tools, Tactics, and Techniques by Sharon Conheady, my first thought was that it likely could not have much that Christopher Hadnagy didn’t already detail in the definitive text on the topic: Social Engineering: The Art of Human Hacking. Obviously Hadnagy thought differently, as he wrote the foreword to the book; which he found to be a…

  • Intelligence-Driven Security and the Future of Threat Detection

    by John Linkous on August 21, 2014

    For many years, signature-based detection was the hallmark of finding and eliminating security threats in the enterprise. While antivirus and similar products were successful against single-vector attacks, the fact is, we're seeing more and more major security breaches where traditional approaches to security no longer work. To address these new threats, intelligence-driven security is needed. …

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 01 Nov 2014 07:53:48 -0400.
© 2014 EMC Corporation. All rights reserved.