Menu

Blogs

Showing Blog Posts: 31–40 of 818

  • Transforming Security into THE Business Enabler

    by Rook Security on May 11, 2015

    When I began my security career, shortly after the Y2K scare, there were many conversations about security as a roadblock. “Can’t do that ‘cause security won’t let us!” Most of the time security had the best interest of the company in mind, but other times it was because security professionals didn’t always understand the business objective. Silos existed in IT, IT Security, Business, and…

  • Lessons Learned at RSAC 2015

    by Tony Kontzer on May 5, 2015

    Now that the curtain has fallen on the RSA Conference 2015, San Francisco edition, what have you learned? I can't speak for anyone else, but I returned from RSAC with a number of things bouncing around my head. For instance, right out of the gate, we learned that Amit Yoran is an energetic and forceful speaker who will carry the RSA Conference keynote torch with great aplomb. Yoran took the stage…

  • Next Stop for the CISO: The Office of the CIRO?

    by Tony Kontzer on May 4, 2015

    As if CISOs didn't have enough to worry about already, now we are hearing they should be seriously considering acquiring the skills they need to become the chief information risk officer. Few organizations today have a CIRO, but if the scuttlebutt at the recently concluded RSA Conference is to be believed, they will soon, and CISOs are the logical choices to fill that role. It's reasonable to…

  • Everyone has a role to play in securing Asia’s digital future

    by Linda Gray on May 1, 2015

    Asia is in the middle of a digital revolution, with a booming market for consumer electronics and a fast-growing startup scene. The explosive growth makes organizations in the Asia-Pacific region especially attractive to criminals and hackers. They are playing a game of cat-and-mouse, with defenders trying to secure information within the enterprise and attackers trying to access it unlawfully. …

  • Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails

    by Ben Rothke on April 29, 2015

    All encryption (with the exception of a one-time pad) can be broken. Bruce Schneier likes to use the analogy of a pole in the ground for encryption. You can try to break the pole (encryption); or simply go around the pole. Rather than finding problems with a proven encryption algorithm, attackers will try to go around it via how it’s implemented, and other similar attacks. In Phishing Dark Waters:…

  • Is Defense in Depth Dead? Part 2: The Lesson of Babylon

    by Danelle Au on April 28, 2015

    A few weeks ago, when I asked, Is Defense in Depth Dead? I used the example of Dover Castle to illustrate the point that, as weapons and warfare change, defensive strategies must also evolve to meet new realities. Dover Castle and other fortresses offered their occupants centuries of effective protection—until the advent of gunpowder and cannon on the battlefields of medieval Europe. Which is not…

  • Congress is Moving Forward With Information Sharing, Will it Work?

    by Tony Kontzer on April 27, 2015

    Boosted by the U.S. House of Representatives considering — and ultimately passing — two separate cyber threat information-sharing bills last week, information sharing was top of mind for many attendees at RSA Conference last week. Having waited patiently for years as Washington debated the particulars of a complex issue, RSAC speakers had a lot of feelings about what information sharing means to…

  • Stop the Insanity! My First Year as a PCI QSA

    by Rook Security on April 27, 2015

    I’ve been involved with PCI-DSS in some way, shape, or form over the past eight years. For most of this time, I worked for corporations that needed to achieve or maintain PCI DSS compliance. A little over a year ago, I received Qualified Security Assessor (QSA) training and became a full-fledged QSA. It’s quite different being on the other side of the fence. I also understand my clients’…

  • Protecting Children From Online Predators

    by Tony Kontzer on April 24, 2015

    Something totally unexpected happened to me at the RSA Conference in San Francisco Thursday: For the first time in my decades-long career, I cried at a technology event. And something tells me I wasn't the only one. RSAC attendees listened to Alicia Kozakiewicz tell, in amazing detail, of her nightmarish abduction by an Internet predator during the "In to the Woods" keynote panel. On New Year's Day, …

  • Hugh Thompson Show Closes Out RSAC 2015

    by Fahmida Y. Rashid on April 24, 2015

    Dr. Hugh Thompson, the program committee chairman of RSA Conference, closed out the RSA Conference week with the amusing and informational “Hugh Thompson and Guests.” How many of us will ever be able to look at a horse and carriage again without remembering his retelling of his family's runaway carriage ride? All the laughter and jokes aside, Thompson addressed an area of conversation which…

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 04 Jul 2015 11:21:12 -0400.
© 2015 EMC Corporation. All rights reserved.