Menu

Blogs

Showing Blog Posts: 1–10 of 28 tagged Infrastructure

  • Treat Yourself to a SPA, Not a Pen Test

    by Rook Security on August 27, 2015

    A lot of companies are asked to do a pen test by their clients, because they think a pen test will let them know if their business partner’s technology is “secure” against cyber threats. The scan happens. The areas that need to be fixed are fixed. And the client feels warm and fuzzy inside. However, this feeling is misleading as the company isn't necessarily more secure— all it says is that you…

  • Change Your Gears

    by Securosis Team on August 17, 2015

    I'm a cyclist. Not necessarily a very good one, but I can hold my own in the middle of the pack. On group rides you always have the person who locks into a gear and sticks with it. Their pedaling cadence slows on hills, speeds up on inclines, and they don't really shift a lot. It isn't overly efficient, especially compared to the pro-level riders who keep a constant cadence and work the shifter…

  • Innovation Sandbox Contest Returns to RSA Conference APJ 2015

    by Fahmida Y. Rashid on July 21, 2015

    While the RSA Conference Asia-Pacific and Japan 2015 starts with the keynotes on Wednesday, July 22, there are plenty of events on Tuesday, including the CSA Summit and Innovation Sandbox. Innovation is a popular word, especially in security circles. Everyone thinks their approach to solving a security problem is the right way to fix the problems plaguing the industry. Who doesn’t want to stand out…

  • Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data

    by Ben Rothke on June 30, 2015

    Getting log data is not an IT challenge. But the information security challenge and a huge struggle for those who are tasked with it, is making sense of a near infinite amount of data. In Information Security Analytics: Finding Security Insights, Patterns, and Anomalies in Big Data, authors Mark Talabis, Robert McPherson, I. Miyamoto and Jason Martin have created a brief guide that shows how you…

  • Peers Share Stories About Adopting the Cybersecurity Framework

    by RSAC Contributor on June 12, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Timothy Shea, a member of RSA’s Global Public Sector (GPS) Team, facilitated a P2P discussion about experiences adopting the cybersecurity framework (CSF) at RSA Conference 2015 in San Francisco. In this post, Shea continues the discussion from that session. The Cyb…

  • Using Peer Collaboration to Manage Supply Chain Risk

    by RSAC Contributor on May 29, 2015

    Peer-2-Peer sessions give RSAC attendees the opportunity to dig deeply into a single topic area with a group of like-minded peers. Robin Slade, of Shared Assessments, facilitated a P2P discussion on peer collaboration for risk management at RSA Conference 2015 in San Francisco. In this post, Slade continues the discussion from that session. Professionals in finance/banking, healthcare, insurance, …

  • Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

    by Ben Rothke on April 29, 2015

    All encryption (with the exception of a one-time pad) can be broken. Bruce Schneier likes to use the analogy of a pole in the ground for encryption. You can try to break the pole (encryption); or simply go around the pole. Rather than finding problems with a proven encryption algorithm, attackers will try to go around it via how it’s implemented, and other similar attacks. In Phishing Dark Waters:…

  • Which Peer-2-Peer Session Will You Attend at RSAC 2015?

    by Fahmida Y. Rashid on April 13, 2015

    What is a Peer-2-Peer session? Peer2Peer sessions enable groups that share a common interest to come together and explore a specific security topic. You will be digging into a topic you really care about in a room with like-minded peers and a facilitator. Wondering which conversation will be the most relevant to your job role and concerns? We asked each session facilitator to provide a short…

  • Are You Building a Cybersecurity Ecosystem or Just a Bunch of Controls?

    by Gib Sorebo on January 14, 2015

    With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in…

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

This document was retrieved from http://www.rsaconference.com/blogs on Tue, 01 Sep 2015 20:19:58 -0400.
© 2015 EMC Corporation. All rights reserved.