Menu

Blogs

  • CISOs Need a Board Coach

    by Rook Security on January 23, 2015

    Leading image

    Boards are concerned about cybersecurity, specifically about how it impacts their reputation and securities (stock). The CISO is capable of assisting the organization in selecting, deploying, and managing the capabilities to address risks identified by the board. What sounds like a perfect match is often not, as many CISOs don't have the business acumen required to be an active participant in board meetings. Key messages are lost en route from the board to the CISO, resulting in a mismatch…

  • SBN: Running Adobe Flash? You Need to Read This Today

    by Security Bloggers Network on January 23, 2015

    Adobe has released a critical security patch for an Adobe Flash vulnerability that is being exploited by online criminals. The vulnerability, known as CVE-2015-0310, can be used by hackers to “circumvent memory randomization mitigations” on versions of Windows. Obviously it would be sensible to ensure that your version of Flash is updated as soon as possible. If you’re using Google Chrome or…

  • A Guide for CISOs Concerned About Data Collection

    by Fahmida Y. Rashid on January 22, 2015

    In A CISOs Guide to Principles of Data Privacy and Security, David Sheidlower, a CISO of an international media and advertising firm examines the key issues surrounding data privacy and security. The eBook is currently publicly available on Security Current . The Guide addresses privacy policies, Big Data, consent, governance, and security. In the introduction, Sheidlower quotes Ed Mierzwinski, …

  • State of the Union Puts Cybersecurity on National Agenda

    by Fahmida Y. Rashid on January 21, 2015

    Buried among the slew of national issues such as equal pay, immigration reform, climate change and Ebola, President Barack Obama spent a few seconds talking about net neutrality and cybersecurity in his State of the Union speech Tuesday evening. While it's nice to see security on the general agenda, it's still too early to know the government's plans. The full paragraph from the State of the Union…

  • InfoSec Needs to Work With Government to Shape New Laws

    by Todd Inskeep on January 21, 2015

    The President’s State of The Union address Tuesday night addressed Information Security for the second time in three years. Two years ago, in 112 words, the President announced the NIST Framework, increased information sharing through executive action, and called for the nation to “face the rapidly growing threat from cyber-attacks.” The threat then was theft of corporate secrets and “real threats…

  • The Sorry State of Cybersecurity Threat Intelligence

    by Gib Sorebo on January 21, 2015

    During the opening montage of every Law and Order episode is the statement (by now probably burned into all our collective consciousness): “In the criminal justice systems there are two separate yet equally important groups, the police who investigate crimes and the district attorney who prosecutes the offenders. These are their stories.” What is typically left out of both the TV show and the real…

  • RSA Conference Announces New Crowdsourced Submissions

    by Britta Glade on January 20, 2015

    We are very excited to introduce Crowdsourced Submissions at RSA® Conference 2015! This is an opportunity for the public to vote on sessions of interest. We know you have great ideas and terrific conversation topics—the quality and quantity of submissions for the traditional tracks was at an all time high this year—so here’s your chance to still be part of the RSA Conference program. Submissions…

  • Blackhat Movie Shows Viewers What Cyber-Attacks Look Like

    by Fahmida Y. Rashid on January 19, 2015

    Cybercrime is practically on the news every day—infected computers looting individual bank accounts, distributed denial-of-service attacks, hacked social media accounts, and data breaches. So clearly the time is right for a movie about hacking, right? There are plenty of reviews already for Michael Mann’s latest action thriller Blackhat, so there is no need to repeat what they say here, here, and …

  • Inquiring Minds Want to Know: How Do You Implement Business Security?

    by Christopher Burgess on January 16, 2015

    Business security is not a new concept. Storeowners have alarms, video, and guards to keep the ne'er-do-wells of the world at bay. Corporations that handle money have to worry about embezzlers (does the fact that it is “white-collar crime” mean it is more sanitary as a crime?). And all who handle data must address the business of securing their data. Never Assume The number of data breaches and…

  • Enterprise Software Security: A Confluence of Disciplines

    by Ben Rothke on January 15, 2015

    To date, most software security books have focused solely on writing secure code and educating developers on how to do that. In Enterprise Software Security: A Confluence of Disciplines, authors Kenneth van Wyk, Mark Graff, Dan Peters and Diana Burley take a different, and ultimately necessary approach. Their tactic is that treating software security as an autonomous discipline doesn’t work. With…

  • Are You Building a Cybersecurity Ecosystem or Just a Bunch of Controls?

    by Gib Sorebo on January 14, 2015

    With all the emphasis on cybersecurity frameworks over the last couple years, it probably shouldn’t surprise anyone that a lot of organizations find themselves working off checklists of cybersecurity controls that they assume will give them better security. What is often missed is that these controls need to work together as an integrated system. For thousands of years, we’ve understood this in…

This document was retrieved from http://www.rsaconference.com/blogs on Sun, 25 Jan 2015 15:17:17 -0500.
© 2015 EMC Corporation. All rights reserved.