Blogs

Showing Blog Posts: 151–160 of 170 tagged Cybersecurity

  • Hacking For Dummies

    by Ben Rothke on February 10, 2010

    Hacking For Dummies is an excellent introduction to hacking for beginners. The media often mistakenly characterize hackers as bored technical geniuses. In truth, most hackers, as the media use the term, are not geniuses; they are simply adept at downloading hacking tools that do all of the dirty work for them. These so-called script kiddies often do not know what they are doing until the damage…

  • Mapping Security: The Corporate Security Sourcebook for Today's Global Economy

    by Ben Rothke on February 8, 2010

    Mapping Security: The Corporate Security Sourcebook for Today's Global Economy is an excellent resource for doing global information security. Creating an effective information security infrastructure for a large multi-national company is a challenge. Above and beyond the technology, the software, and the hardware, there are non-tangibles, specifically the cultures and laws where the security…

  • Summary of Selected Encryption Laws

    by Stephen Wu on January 23, 2010

    This month, I updated a white paper entitled "Summary of Selected Encryption Laws." The white paper will be an appendix in a forthcoming book to be published by the American Bar Association Section of Science and Technology Law on data protection. The white paper summarizes selected encryption-related federal and state statutes, regulations, and regulatory guidance. The original version of this…

  • e-Book: PCI Compliance for Dummies

    by Ben Rothke on January 18, 2010

    Ok, another Monday freebie - Qualys has a free e-book PCI Compliance for Dummies available athttp://www.qualys.com/docs/PCI-for-Dummies.pdf At 68 pages, it provides a really good introduction to the topic. For those that want a comprehensive reference on the topic, PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance by Chuvakin and Williams is worth the…

  • Can Attorneys and Technology Professionals Work Together?

    by Stephen Wu on December 15, 2009

    Last week, I attended a terrific conference for attorneys in San Francisco. For a while, I was steeped in the interesting legal educational content of the program, but once I left the conference, I returned to the world in which I usually dwell -- the intersection between law and technology. I realize that a wide gulf remains between attorneys and technology professionals -- one that has…

  • More FUD from the Mainstream Media?

    by Gib Sorebo on November 11, 2009

    Many of you may have watched the “60 Minutes” segment on Sunday entitled “Sabotaging the System.” The 20-minute segment highlighted a number of alleged past and potential cyber attacks, including power outages in Brazil, an attack on the military’s Central Command, and theft of millions through hacks of ATM networks. Beyond somelegitimate disputes as to whether the Brazilian blackouts were caused…

  • What Does Smart Grid Security Mean to You?

    by Gib Sorebo on October 15, 2009

    As someone who has been knee-deep in Smart Grid security research, collaboration, assessments, and integration projects for the past year, it is sometimes easy to forget that most of the information security community hasn’t had much exposure to this area. Given that we received several submissions for sessions related to Smart Grid security, and it has been getting a fair amount of media…

  • Alaska Data Protection Law

    by Stephen Wu on August 26, 2009

    This is another in our series of articles about data protection laws around the country. The focus for this post is on Alaska. On June 19, 2008, Alaska became the 44 th state with a breach notification law when then-Governor Sarah Palin signed HB 65, the Alaska Personal Information Protection Act (“Alaska Act”). Most of the Alaska Act became effective on July 1, 2009. The Alaska Act contains a…

  • Connecticut Data Protection Law

    by Stephen Wu on July 22, 2009

    As part of our ongoing efforts to keep you up-to-date concerning information security legislation around the country, this post covers a fairly recent Connecticut law of interest to information security professionals, executives, risk managers, and attorneys. Connecticut enacted a new data protection law that became effective October 31, 2008. It includes both protection of Social Security…

  • California Health Care Data Protection Law Addresses Worker Snooping

    by Stephen Wu on April 12, 2009

    Last year, Governor Arnold Schwarzenegger signed into law new data protection laws to prevent health care workers from peeking at celebrities’ medical records, although the legislation strikes at lax data protection practices generally. The scope of the security breaches at the UCLA Medical Center is impressive in terms of the number of people involved, the number of records viewed, and the long…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 20 Oct 2014 04:05:23 -0400.
© 2014 EMC Corporation. All rights reserved.