Menu

Blogs

Showing Blog Posts: 1–10 of 17 tagged IT

  • Is Defense in Depth Dead? Part 2: The Lesson of Babylon

    by Danelle Au on April 28, 2015

    A few weeks ago, when I asked, Is Defense in Depth Dead? I used the example of Dover Castle to illustrate the point that, as weapons and warfare change, defensive strategies must also evolve to meet new realities. Dover Castle and other fortresses offered their occupants centuries of effective protection—until the advent of gunpowder and cannon on the battlefields of medieval Europe. Which is not…

  • Give Boards Metrics They Can Actually Understand

    by Tony Kontzer on April 22, 2015

    Troy Braban was only half-joking with this slide he shared at the RSA Conference in San Francisco: "83.45% of metric presentations at 96.82% of security conferences suck." Fortunately for the the more than 500 attendees who packed his session to hear about security metrics boards actually care about, Braban, the CISO of Australia Post, wasn't talking about himself. The problem most CISOs have in…

  • RSA Conference Preview: Meet Your Guide

    by Tony Kontzer on April 20, 2015

    Hello, RSA Conference attendees. We probably haven't met before; my name is Tony, and I'll be one of your guides throughout this week. I am one of the contributors to the RSAC editorial team, and this year, we are going to take a different approach on how we cover the conference on the blog. This is a change for me, as in the past, I attended as a member of the technology media. As a journalist, …

  • Breaking the Glass Firewall: Women in IT Security Panel

    by Tony Kontzer on April 20, 2015

    Despite notable progress in the acceptance and treatment of female IT security employees, the industry continues to struggle in establishing itself as a career track for women. During a panel discussion at the RSA Conference Monday, a few of the world's best-known female security executives made it clear that the challenges of yesteryear are dropping away, but that the industry still must do a…

  • Security Innovation is Live and Well, With Plenty of Room for More

    by Fahmida Y. Rashid on March 24, 2015

    Is innovation in information security dead? It's easy to think so when each day there is a new headline about yet another massive organization's data breach, or a new report points out that enterprises aren't taking care of the security basics. All while cyber-attackers are gleefully scooping up our private data and looting our bank accounts. These breaches aren't happening because organizations…

  • We Welcome Our New Automation Overlords

    by Securosis Team on February 5, 2015

    This post is by Rich Mogull, analyst and CEO of Securosis, an independent security research firm. I am inherently lazy. If I can come up with some new, automated way to solve a problem and save some time, I'll spend many hours more than it would take to knock it out manually on the off chance of some future time savings. But I understand I'm a bit unusual that way (and it is sometimes to my…

  • Getting the InfoSec Budget You Need

    by Fahmida Y. Rashid on October 1, 2014

    There is a tongue-in-cheek saying that goes something like this: How do security professionals get the security budget they want? Wait for a data breach. It's a sad state of affairs that there is a grain of truth to this poor joke. This month, we explore how security professionals can tackle budget planning for next year. Security spending as a percentage of the overall IT budget has remained…

  • Security Metrics: How Are You Measuring Security?

    by Joshua Marpet on August 12, 2014

    Do you have an information security practice? How do you measure its effectiveness? By the number of tickets generated? The number of viruses found and stamped out? Or by how quiet it is?—"If they don't bother me, they must be doing their job!" Have the security metrics guidelines changed in the last few years as infosec moved away from a helpdesk mentality, towards a penetration tester's…

  • Given a Choice, Users Still Prefer 'Classic' Graphical User Interfaces

    by Robert Moskowitz on June 27, 2014

    A survey of Linux users shows that attempts to improve upon early, well-designed user interfaces are falling flat on their faces. Users like what they have right now on their computer screens and don't want any so-called "improvements" that force them to do, among other things, more clicking. These early graphical user interfaces (GUIs) are not easily defined. However, they generally include a…

  • Security Decisions: Changing the Way We Buy Security in the Enterprise

    by John Linkous on June 20, 2014

    When you hear the words "security product procurement," what's the first thing that pops into your head? Many enterprise customers who make security decisions for evaluating and purchasing technology often first think of the competitive landscape: How does one vendor's product compare to another? While this approach has been used since the dawn of commercial security products, there's a better…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 28 May 2015 18:11:19 -0400.
© 2015 EMC Corporation. All rights reserved.