Menu

Blogs

Showing Blog Posts: 11–20 of 81 tagged Security

  • National and International Security Awareness Initiatives

    by Christopher Burgess on May 23, 2014

    Programs such as National Cyber Security Awareness Month (US) and Safer Internet Day (global) are designed to heighten international awareness for both companies and consumers. But who benefits? Individuals? Small and medium businesses (SMBs)? Enterprises? Individual Awareness Over the course of the past five years, National Cyber Security Awareness Month (NCSAM) has evolved from providing…

  • The Security Threat Posed by Social Engineering

    by Christopher Burgess on April 10, 2014

    When one uses the words "security threat" and "social engineering" together, the analogy of hand-in-glove is appropriate. At the RSA Conference 2014, this was adroitly explained in the session "When the Phone Is More Dangerous Than Malware" hosted by Christopher Hadnagy and Michele Fincher, both of Social-Engineer, Inc., as they walked the attendees through how social engineers collect, sort, …

  • As Companies Get Social, Network Security Grows

    by David Wallace on April 8, 2014

    "As long as it happens to someone else" is a key part of data protection and network security. Deter the bad guys long enough and they'll go looking for a weaker target. Social and personal connections can help immensely with daily work but make for scary nightmares. The IT department can "MacGyver" systems to guard against technical leaks or intrusion, but then they have to hope that humans…

  • CISOs, Business Security, and the Business of Security

    by Christopher Burgess on April 3, 2014

    So you want to be a CISO, really? Business security, or the business of security, has evolved and is evolving, according to Todd Fitzgerald of Grant Thornton International, who shared his thoughts in his RSA Conference 2014 session, "So Why on Earth Would You WANT to Be a CISO?" Fitzgerald captured the challenge facing all who are thinking of moving into the CISO career track when he shared a…

  • RFID: Connecting Users and Devices

    by Christopher Burgess on March 13, 2014

    Radio-frequency identification (RFID) chips are permeating our life at every level—at work, at home, and on the go. And while there is a important distinction between RFID and near field communications (NFC) chips, the premise is similar. For example, you may carry a dongle which opens your automobile door when it's within 20 feet of the vehicle. Whereas if you have a credit card from a European…

  • Customer Privacy: The Surprising Driver of Today's Massive Vendor Security Movement

    by John Linkous on February 6, 2014

    Within recent weeks, a plethora of vendors have announced massive security changes to their products and platforms. From Google's migration of all web certificates to 2048-bit encryption keys to Twitter's implementation of session-specific encryption keys via forward secrecy, vendors are rapidly implementing security controls across their infrastructure, often at substantial cost. The driver…

  • When Security Policies Collide With Business Realities

    by Christopher Burgess on February 4, 2014

    Horror stories abound about the wayward employee who ignored the established information security policies in an effort to get the job done. The employee didn't mean to put the company at risk, but that's exactly what happened. In situations like this, the employee is likely caught in the switches between the information security policies of the company and the goals and expectations of his…

  • FedRAMP: It's Not Just for the Government Anymore

    by John Linkous on January 9, 2014

    For years, information security professionals, analysts, and pundits have all been pointing out the security risks inherent in cloud computing. Far from being a "Chicken Little" message, these concerns have been backed up by nonstop real-world incursions into cloud services, including major successful attacks on customer-facing cloud environments hosted by Adobe, LinkedIn, CloudFlare, and others. …

  • Security Industry is the real Wolf of Wall Street

    by Alex Bender on January 7, 2014

    Consumer-facing social technologies typically get the lion’s share of buzz around financial news, but FireEye’s $1 billion acquisition of Mandiant is ringing up and down Wall Street. This deal is just the latest in a line of IPOs, M&As and funding announcements thrusting security into the mainstream and attracting attention from global investors. If you take a page out of Det. Lester Freamon’s…

  • Job Reconnaissance: Using Hacking Skills to Win the Job Hunt Game

    by Ben Rothke on January 6, 2014

    It wasn’t that long ago that a cover letter, resume and fax number was all that was required to apply for a job. Using that approach in 2014 will likely restrict your ability to get your next job. In Job Reconnaissance: Using Hacking Skills to Win the Job Hunt Game, author Josh More notes that since people will only look for a job every few years or perhaps once in a decade; even though they have…

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 30 Jan 2015 02:54:42 -0500.
© 2015 EMC Corporation. All rights reserved.