Blogs

Showing Blog Posts: 1–10 of 19 tagged Infrastructure

  • Security Reality: Special Challenges in Q4

    by Fahmida Y. Rashid on November 3, 2014

    The end of the year is a busy time for information security professionals. There are a lot of balls to juggle, and our adversaries are poised to attack if we look in the wrong direction. The team behind Target’s data breach last year took advantage of the retailer’s increased traffic volume—both online as well as through its brick-and-mortar stores—to sneak in and infect the point-of-sale…

  • Security Infrastructure: What Does It Really Entail?

    by Robert Moskowitz on October 31, 2014

    For years, the goal behind security infrastructure has been to thwart—or at least, mitigate—malicious attacks against an organization's secure data. But in today's world of interconnected computer systems and new generation of information technology capabilities, this old-style infrastructure is no longer capable of guaranteeing privacy for sensitive data. Modern industry needs requires features…

  • Security Infrastructure: Infrastructure Protection

    by Robert Moskowitz on October 2, 2014

    With today's emphasis on information collection, processing, and usage, Nearly every organization today has to collect, process, and use data for its daily activities, strategic planning, and administration. Considering how heavily dependent organizations are on their information infrastructures, protecting that infrastructure is critical. As much as we would like to, the systems cannot just be…

  • 3 Reasons to Consider a Managed Security Services Partner

    by Christopher Burgess on September 11, 2014

    Companies are generally cataloged as small, medium, or large. But size does not matter to a cybercriminal or an unethical competitor, who view companies as either soft and vulnerable, or hardened and difficult. Companies need to determine what level of "hardness" they need to achieve, and whether they want to build it themselves, partner with a managed security services entity, or a little of…

  • Don't Let Hybrid Clouds Rain on Your Security

    by John Linkous on September 4, 2014

    Enterprises of all sizes have wholeheartedly adopted the cloud in all its various forms: Infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and other, more exotic and granular definitions of "aaS" implementations are being developed every day. For many organizations, however, the hybrid cloud is key to scaling their services while still maintaining…

  • A Cloud Is Still a Cloud: The Private Cloud and Security

    by John Linkous on August 28, 2014

    The options today for moving business functions to private clouds are staggering. Organizations adopt the cloud for various applications, from direct-to-buyer sales and content delivery, to back office functions such as supply chain management, finance operations, and human resources. The increasingly granular ways in which they can slice-and-dice cloud delivery are tremendous. Private clouds, in…

  • Risks of Not Fixing the Heartbleed Flaw

    by Fahmida Y. Rashid on August 22, 2014

    By now you’ve seen reports about the data breach at Community Health Systems where attackers stole non-medical records for 4.5 million patients, and how attackers targeted the Heartbleed flaw to get on the network. This should be a warning to IT admins: Did you fully address the bug in your own networks? "Unless fully remediated, Heartbleed leaves open doors for attackers to extract data, including…

  • Security Metrics: How Are You Measuring Security?

    by Joshua Marpet on August 12, 2014

    Do you have an information security practice? How do you measure its effectiveness? By the number of tickets generated? The number of viruses found and stamped out? Or by how quiet it is?—"If they don't bother me, they must be doing their job!" Have the security metrics guidelines changed in the last few years as infosec moved away from a helpdesk mentality, towards a penetration tester's…

  • The Future Is Now: Threats That Were Never Supposed to Happen Are Here

    by John Linkous on July 29, 2014

    Recently, I took the opportunity to install the latest version of Pwnie Express's Pwn Pad 2014ce on my Google Nexus 7 tablet. For those who aren't familiar with the Pwn Pad, it's a modified version of the Kali Linux distribution that provides a complete, walking environment for detecting and—as a white-hat only, of course—testing information security threats. While the Pwn Pad is a great mobile…

  • Robust Security Intelligence: How Different Security Infrastructures Measure Up

    by Christopher Burgess on July 25, 2014

    What constitutes good security infrastructure? Ask a member of a security vendor's sales team, and he might hand you an order book with all the boxes checked. Ask a consultant, and her solution might focus on an extended hand-holding engagement. Ask a member of a country's cybersecurity emergency response team (CERT), and he will talk about national infrastructure and public-private partnerships. …

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 19 Dec 2014 10:48:51 -0500.
© 2014 EMC Corporation. All rights reserved.