Menu

Blogs

Showing Blog Posts: 11–20 of 179 tagged Cybersecurity

  • Critical Infrastructure Security Isn't Keeping Up with Threats

    by John Linkous on October 9, 2014

    The next time you turn on the faucet in your home, ask yourself: "How do I know this water is safe?" This may seem an odd way to begin a blog post on security, but it’s important to realize that water, electricity, food, and transportation are all part of the critical infrastructure that provides these conveniences—and in some cases, the lifeline—of our world. Technology is making these systems…

  • Cybersecurity Requires Qualified Personnel

    by Christopher Burgess on September 25, 2014

    The community of cybersecurity professionals is an energetic, creative, and highly sought-after one. It's also incredibly small, with hiringdemands outpacing available supply of professionals. Ask your chief information security officer, chief information officer, or chief security officer if they have all the information security personnel they want, and the answer will be almost always be a…

  • The Once and Future Network Security Appliance

    by John Linkous on September 16, 2014

    In the early 2000s, the network security appliance became ubiquitous. Beginning with Web application firewalls (WAFs), and eventually extending through all seven layers of the network model, security appliances were being popped into server racks like candy. "Need to filter spam? There's an appliance for that!" "Do you want to analyze the flow data generated on your firewalls? There's an…

  • Intelligence-Driven Security and the Future of Threat Detection

    by John Linkous on August 21, 2014

    For many years, signature-based detection was the hallmark of finding and eliminating security threats in the enterprise. While antivirus and similar products were successful against single-vector attacks, the fact is, we're seeing more and more major security breaches where traditional approaches to security no longer work. To address these new threats, intelligence-driven security is needed. …

  • Social Engineering in IT Security: Tools, Tactics, and Techniques

    by Ben Rothke on August 21, 2014

    When I first got a copy of Social Engineering in IT Security Tools, Tactics, and Techniques by Sharon Conheady, my first thought was that it likely could not have much that Christopher Hadnagy didn’t already detail in the definitive text on the topic: Social Engineering: The Art of Human Hacking. Obviously Hadnagy thought differently, as he wrote the foreword to the book; which he found to be a…

  • The Future Is Now: Threats That Were Never Supposed to Happen Are Here

    by John Linkous on July 29, 2014

    Recently, I took the opportunity to install the latest version of Pwnie Express's Pwn Pad 2014ce on my Google Nexus 7 tablet. For those who aren't familiar with the Pwn Pad, it's a modified version of the Kali Linux distribution that provides a complete, walking environment for detecting and—as a white-hat only, of course—testing information security threats. While the Pwn Pad is a great mobile…

  • Mobile Payments and Devices Under Attack

    by Christopher Burgess on July 21, 2014

    A number of annual security reports released in the first half of 2014 address the threat to mobile devices and capabilities, including mobile payments and banking. If you are an Android user, you will find it interesting these reports estimated 98 to 99 percent of all mobile malware created in 2013 targeted Android devices (see, for example, the Cisco 2014 Annual Security Report and the Kaspersky…

  • Government Security and InfoSec: Perfect Together?

    by Joshua Marpet on July 11, 2014

    Besides the white hat/black hat divide implicit within the world of InfoSec, there is another divide of mindsets—that of the corporate InfoSec individual and the government security individual. Their career paths are similar: They go to school, learn on the job, and hang out at conferences and user-group meetings. They decry the problems that software developers put in their paths and…

  • Data-Driven Security: Analysis, Visualization and Dashboards

    by Ben Rothke on July 7, 2014

    There is a not so fine line between data dashboards and other information displays that provide pretty but otherwise useless and unactionable information; and those that provide effective answers to key questions. Data-Driven Security: Analysis, Visualization and Dashboards is all about the later. In this extremely valuable book, authors and noted experts Jay Jacobs and Bob Rudis bring their…

  • Cyber Crime, Security and Digital Intelligence

    by Ben Rothke on June 30, 2014

    Cyber Crime, Security and Digital Intelligence by Mark Johnson is a high-level introductory text to information security. The books 12 chapters cover the following topics: Threats to key sectors Cyber security fundamentals Cyber-attack fundamentals Organized cyber attacks Cloud risks Web 2.0 risks Cyber security threat actors Common vulnerabilities Cyber security control frameworks Cyber security…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 21 Dec 2014 08:30:37 -0500.
© 2014 EMC Corporation. All rights reserved.