Blogs

Showing Blog Posts: 1–10 of 79 tagged Security

  • No Easy Answer for In-App Data Security on Mobile Devices

    by John Linkous on August 7, 2014

    The proliferation of mobile devices—smartphones, tablets, convertibles, and more—is leading to a fundamental shift in how technology is used both for individuals and businesses. It's also leading to major problems for ensuring mobile security, especially inside of apps. App data is managed through Internet-connected, platform-specific programs for mobile devices, delivered through trusted app…

  • Supply Chain Security: What It Means on a Global Level

    by John Linkous on July 18, 2014

    Take a good, long look at your smartphone. While there is a big vendor name on the outside, if you were to open up its case, you would find several other vendor labels on various components: capacitive touchscreens; video and audio ASICs; Bluetooth and WiFi hardware; and individual capacitors, resistors, and other electronics gear building blocks, to name just a few, all of which are manufactured…

  • When Culture and Security Collide

    by Alex Bender on July 7, 2014

    I talked about Security Protocols before it was cool: What happens when culture and security collide? On March 10, 2014, attendees of the music, film and interactive conference and festival South by Southwest (SXSW) crammed into two overflowing rooms for what many would later claim to be the most talked about event of the show. Former NSA contractor Edward Snowden addressed the SXSW audience via…

  • When Apps Attack! What Is – and Isn't – Application Security

    by John Linkous on July 2, 2014

    One of the most interesting subjects at RSA Conference 2014 was the defense of software code, in all its many forms. While many of the developer-centric tracks and sessions were heavily focused on eliminating flaws within code, one of the key messages that crossed the boundary of speaking events is the idea of what is—and is not—application security. Black-box testing of apps is a fascinating…

  • Intellectual Property at Risk

    by Christopher Burgess on June 23, 2014

    Walk about your office and ask your employees, "Are you appropriately protecting the company's intellectual property (IP)?" Count how many responses resemble, "Oh, I don't have access to any IP, I work in XYZ department, not R&D." Such answers cause cringes at every level, as it demonstrates multiple points of failure: failure to enlighten the workforce that IP involves so much more than just R&D…

  • A Tale of Two Cultures: Cool or Vigilant. Can the Security Industry Have Both?

    by Alex Bender on June 6, 2014

    We live in an age when a company’s “cool corporate culture” can actually come to influence them as a brand. Multi-billion dollar company Google offers an open, startup-like culture with an office layout that encourages spontaneous interactions. Earlier this year, the media was abuzz with the news that popular online shoe and clothing shop Zappos would transform itself from a traditional…

  • Disruption Can Wound or Kill, With or Without Social Engineering

    by Christopher Burgess on June 2, 2014

    The realization that your team is in the sights of individuals performing social engineering attacks is alarming. To think the information they elicited or the actions they induced were used to perform attacks involving your customers—well, you'd naturally feel panicked. But what if you were that customer, whose data or whose network has been made vulnerable by the actions of your team? Think it…

  • Mobile Devices, Cyber Attacks, and the New Frontier

    by John Linkous on May 26, 2014

    As the unrelenting game of attackers versus defenders continues in the world of information security, mobile cyber attacks are becoming a more desirable attack vector for hackers, criminal organizations, and nation-states to gain access to data. The past few years have started to see long-term, concerted campaigns targeting mobile devices, most notably the Red October malware that targeted…

  • National and International Security Awareness Initiatives

    by Christopher Burgess on May 23, 2014

    Programs such as National Cyber Security Awareness Month (US) and Safer Internet Day (global) are designed to heighten international awareness for both companies and consumers. But who benefits? Individuals? Small and medium businesses (SMBs)? Enterprises? Individual Awareness Over the course of the past five years, National Cyber Security Awareness Month (NCSAM) has evolved from providing…

  • The Security Threat Posed by Social Engineering

    by Christopher Burgess on April 10, 2014

    When one uses the words "security threat" and "social engineering" together, the analogy of hand-in-glove is appropriate. At the RSA Conference 2014, this was adroitly explained in the session "When the Phone Is More Dangerous Than Malware" hosted by Christopher Hadnagy and Michele Fincher, both of Social-Engineer, Inc., as they walked the attendees through how social engineers collect, sort, …

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 26 Oct 2014 00:22:16 -0400.
© 2014 EMC Corporation. All rights reserved.