Menu

Blogs

Showing Blog Posts: 71–80 of 80 tagged Security

  • Dan Geer gets it

    by Ben Rothke on December 17, 2009

    After reading Economics & Strategies of Data Security, you know that Dan Geer is a person who really gets what information security is all about. Too many organizations equate security with buying security products. While today's data centers are full of firewalls and intrusion detection systems, most organizations' IT systems are not getting more secure. Only risk-based methodologies can secure…

  • Beautiful Security: Leading Security Experts Explain How They Think

    by Ben Rothke on December 16, 2009

    My original review of Beautiful Security is on Slashdot. Books that collect chapters from numerous expert authors often fail to do more than be a collection of disjointed ideas. Simply combining expert essays does not always make for an interesting, cohesive read. Beautiful Security: Leading Security Experts Explain How They Think is an exception to that and is definitely worth a read. The book's 16…

  • Currently reading: Enterprise Security for the Executive: Setting the Tone from the Top

    by Ben Rothke on December 16, 2009

    I am currently reading Enterprise Security for the Executive: Setting the Tone from the Top by Jennifer Bayuk. So far, a really good book. Will review this in the coming weeks…..

  • Information Risk And Security: Preventing And Investigating Workplace Computer Crime

    by Ben Rothke on December 16, 2009

    As of mid-December 2009, Information Risk And Security: Preventing And Investigating Workplace Computer Crime by Edward Wilding, has a disappointing Amazon.com sales rank of 2,458,866. While the books list price of $160.00 may be partly to blame for that, the reality is that too many people mistakenly and naively think that information security is simply about keeping the hackers out. But hackers…

  • The Myths of Security: What the Computer Security Industry Doesn't Want You to Know

    by Ben Rothke on December 14, 2009

    My book review of The Myths of Security: What the Computer Security Industry Doesn't Want You to Know by John Viega was on Slashdot. The book is an interesting and thought-provoking. Ultimately, the state of information security can be summed up in the book's final three sentences, in which John Viega writes that “real, timely improvement is possible, but it requires people to care a lot more…

  • Going Old School

    by Gib Sorebo on December 2, 2009

    The world of information technology and electronics has produced spectacular advancements in the way we live. Technologies that once required human intervention can now be automated with the tasks to be performed hidden from view. While that has made our lives easier, it doesn’t always pique our curiosity. We have to admit that it’s usually a lot more fun to watch a demonstration where something…

  • CFATS: Is the Danger Real?

    by Gib Sorebo on November 30, 2009

    As we get closer to the RSA Conference in March, I want to highlight some of the topics scheduled to be part of the Physical Security and Critical Infrastructure track. The subjects cover an array of issues from lock picking to the integrity of the electrical grid. One topic that is gaining increasing attention is the security of chemical plants. Given the potential terrorist applications of…

  • What Does Smart Grid Security Mean to You?

    by Gib Sorebo on October 15, 2009

    As someone who has been knee-deep in Smart Grid security research, collaboration, assessments, and integration projects for the past year, it is sometimes easy to forget that most of the information security community hasn’t had much exposure to this area. Given that we received several submissions for sessions related to Smart Grid security, and it has been getting a fair amount of media…

  • What Is Taum Sauk?

    by Gib Sorebo on October 7, 2009

    Sometimes the significance of critical infrastructure doesn’t hit home for people until they’re faced with the consequences of its failure. In 2005, the people in the Missouri Ozarks learned firsthand the value of information integrity and what can happen when efforts are not made to ensure the accuracy of data. Taum Sauk is a pumped-storage hydroelectric plant run by the AmerenUE electric…

  • Welcome to the Critical Infrastructure Blog

    by Gib Sorebo on October 2, 2009

    Welcome to the inaugural posting for the Critical Infrastructure blog. I hope this will help to broaden the scope of information security coverage provided by RSA ® Conference 365. As part of the recognition of this increasingly important area, the RSA Conference will feature a track entitled Physical Security and Critical Infrastructure, which had previously been covered under the Physical…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 21 Dec 2014 14:24:23 -0500.
© 2014 EMC Corporation. All rights reserved.