Menu

Blogs

Showing Blog Posts: 1–10 of 91 tagged Legal

  • Private Sector Cooperation in Cyber Threat Intelligence

    by Rita S. Heims on April 22, 2015

    Devices provide imperfect information security protection, even if they are considered acceptable for purposes of satisfying a legal obligation to follow industry security standards. An advanced warning system that predicts the likelihood of cyber attack may ultimately be more effective and less costly if well designed and executed. Private organizations have tremendous technical capacity to…

  • Don’t Miss Peer-2-Peer Sessions at RSAC 2015

    by Fahmida Y. Rashid on April 15, 2015

    By all means, you should try to attend at least one Peer-2-Peer session while at RSA Conference this year. These sessions let you dig into a specific security topic you care about with your industry peers. It is a great opportunity to learn what other people are doing and walk away with new ideas. Wondering which conversation will be the most relevant to your job role and concerns? We asked each…

  • Social Media Security: Leveraging Social Networking While Mitigating Risk

    by Ben Rothke on February 3, 2015

    A firm can spend decades building a brand into one that inspires trust. Unfortunately, social media can quickly destroy that trust in an instant. In Social Media Security: Leveraging Social Networking While Mitigating Risk, author Michael Cross provides a comprehensive overview of the security and privacy risks around social media. The book lives up to its title and effectively shows the reader…

  • InfoSec Needs to Work With Government to Shape New Laws

    by Todd Inskeep on January 21, 2015

    The President’s State of The Union address Tuesday night addressed Information Security for the second time in three years. Two years ago, in 112 words, the President announced the NIST Framework, increased information sharing through executive action, and called for the nation to “face the rapidly growing threat from cyber-attacks.” The threat then was theft of corporate secrets and “real threats…

  • N-DEx: Law Enforcement Security Standards

    by Robert Moskowitz on January 5, 2015

    The U.S. government launched a major law enforcement project, the National Data Exchange (N-DEx), in March 2008 to facilitate cases, criminal information, and available evidence among cooperating agencies. It's 2014, and the project is languishing. N-DEx was designed as an information repository that federal, state, and local law enforcement could tap for a variety of purposes, with the basic idea…

  • The Muddled State of Security Standards

    by John Linkous on December 22, 2014

    One of my favorite quotes—attributed to either Admiral Grace Hopper or computer science professor Andy Tanenbaum—goes something like this: "The nice thing about standards is that there are so many to choose from." It’s true in the information security world, too. Standards, Standards Everywhere! Let’s first settle what we mean by security standards. There's no shortage of recommendations on how to…

  • What's in Your Privacy Policy?

    by Christopher Burgess on December 4, 2014

    The days of asking "Why do I need an entire policy about privacy?" are long gone. Users regularly evaluate the trade-off between how their information is being used and the cost to personal privacy. Every company needs to be upfront about how user data is being used, shared, and stored. What Does a Privacy Policy Look Like? A quick survey of well-known companies and their respective privacy…

  • And Then There Were None: Europe, the Internet, and the Right to Be Forgotten

    by John Linkous on October 20, 2014

    The European Court of Justice's ruling in May said that individuals have the "right to be forgotten" could fundamentally change Internet privacy and security. The case involved a Spanish attorney, Mario Costeja González, who was troubled that public notices were being posted in his local newspaper regarding the repossession and auction of his home. He appealed to the Court, which ruled that, …

  • Bitcoin and the Future of Crypto-Currency

    by John Linkous on September 23, 2014

    Break out your cryptographically-signed digital wallet and lay your bets: Where is Bitcoin going? As perhaps the best-known—but certainly not the sole—crypto-currency around, Bitcoin has certainly seen its share of media coverage in recent months. And like other hot-button subjects, Bitcoin seems to elicit strong reactions both for and against it. Some view it as a universal currency, free from…

  • Security Audit: The Pitfalls of Third-Party Assessments

    by John Linkous on September 9, 2014

    Everyone is aware of last year’s data breach at Target. Millions of records of cardholder data were stolen and Target is still recovering, with current costs at $148 million. What's not well-known, or openly discussed, is the behind-the-scenes conversations the company has had with its PCI assessor and the standards organization. The PCI Security Standards Council (SSC), consisting of major credit…

This document was retrieved from http://www.rsaconference.com/blogs on Mon, 31 Aug 2015 02:45:57 -0400.
© 2015 EMC Corporation. All rights reserved.