Menu

Blogs

Showing Blog Posts: 1–10 of 83 tagged Security

  • Cloud Computing Design Patterns

    by Ben Rothke on July 13, 2015

    Far too many technology books take a Hamburger Helper approach, where the first part of the book is about an introduction to the topic with filler at the end with numerous appendices of publicly available information. These books end up being well over 800 pages without a lot of original information, even though they are written an advanced audience. In software engineering, a design pattern is a…

  • RSAC Reflects Changes in Industry Attitudes, Focus

    by Tony Kontzer on April 22, 2015

    This is my fourth RSA Conference, which doesn't exactly make me a cagey old veteran, but it's just enough history to have a sense of how the gathering has changed in recent years. (All of you who've been coming since the 1990s should probably stop reading before you start snickering derisively like those two old dudes from the balcony on The Muppet Show.) The changes from my first RSAC in 2010 are…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Which Is It: Privacy vs. Security, or Privacy and Security?

    by Christopher Burgess on November 21, 2014

    The age-old question: is it "privacy vs. security" or "privacy and security"? This year, we’ve seen data breach after data breach affecting companies of all sizes and across all industries. We’ve also seen victims grapple with privacy headaches in the aftermath. It would seem, then, that security and privacy are intertwined. But when considering the users and how they interact with company data, …

  • No Easy Answer for In-App Data Security on Mobile Devices

    by John Linkous on August 7, 2014

    The proliferation of mobile devices—smartphones, tablets, convertibles, and more—is leading to a fundamental shift in how technology is used both for individuals and businesses. It's also leading to major problems for ensuring mobile security, especially inside of apps. App data is managed through Internet-connected, platform-specific programs for mobile devices, delivered through trusted app…

  • Supply Chain Security: What It Means on a Global Level

    by John Linkous on July 18, 2014

    Take a good, long look at your smartphone. While there is a big vendor name on the outside, if you were to open up its case, you would find several other vendor labels on various components: capacitive touchscreens; video and audio ASICs; Bluetooth and WiFi hardware; and individual capacitors, resistors, and other electronics gear building blocks, to name just a few, all of which are manufactured…

  • When Culture and Security Collide

    by Alex Bender on July 7, 2014

    I talked about Security Protocols before it was cool: What happens when culture and security collide? On March 10, 2014, attendees of the music, film and interactive conference and festival South by Southwest (SXSW) crammed into two overflowing rooms for what many would later claim to be the most talked about event of the show. Former NSA contractor Edward Snowden addressed the SXSW audience via…

  • When Apps Attack! What Is – and Isn't – Application Security

    by John Linkous on July 2, 2014

    One of the most interesting subjects at RSA Conference 2014 was the defense of software code, in all its many forms. While many of the developer-centric tracks and sessions were heavily focused on eliminating flaws within code, one of the key messages that crossed the boundary of speaking events is the idea of what is—and is not—application security. Black-box testing of apps is a fascinating…

  • Intellectual Property at Risk

    by Christopher Burgess on June 23, 2014

    Walk about your office and ask your employees, "Are you appropriately protecting the company's intellectual property (IP)?" Count how many responses resemble, "Oh, I don't have access to any IP, I work in XYZ department, not R&D." Such answers cause cringes at every level, as it demonstrates multiple points of failure: failure to enlighten the workforce that IP involves so much more than just R&D…

  • A Tale of Two Cultures: Cool or Vigilant. Can the Security Industry Have Both?

    by Alex Bender on June 6, 2014

    We live in an age when a company’s “cool corporate culture” can actually come to influence them as a brand. Multi-billion dollar company Google offers an open, startup-like culture with an office layout that encourages spontaneous interactions. Earlier this year, the media was abuzz with the news that popular online shoe and clothing shop Zappos would transform itself from a traditional…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 30 Jul 2015 21:01:24 -0400.
© 2015 EMC Corporation. All rights reserved.