Menu

Blogs

  • Getting “Eyes on the Glass” for Critical Infrastructure

    by Gib Sorebo on January 29, 2015

    It’s sort of ironic that the sector with the most 24x7 control rooms, still struggles with monitoring for cyber attacks. However, the critical infrastructure sectors, for the most part, change slowly. And while they have always appreciated the need to monitor operations around the clock, those operations had been largely self-contained with limited exposure to outside networks. Consequently, …

  • Network Security: Does Your Network Resemble a Sieve?

    by Christopher Burgess on January 29, 2015

    The new year is on the here and you're putting together the goals and objectives for your network security team. The number of data breaches during the past year have finally caught the attention of your company's board of directors and executive decision makers. Resources have always been tight, but this year there is an allocation to secure the company's networks. It would appear that the years…

  • Designing and Building a Security Operations Center

    by Ben Rothke on January 28, 2015

    Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues…

  • Data Privacy (or the Lack Thereof) in the Internet of Things

    by John Linkous on January 28, 2015

    At this year's Consumer Electronics Show (CES) in Las Vegas, new technologies ran the gamut from incremental changes for existing technologies to full-blown new market segments (here's looking at you, drones). While technologies such as drones and connected cars have significant implications for geo-positioning privacy and even kinetic threats, an even bigger threat comes from the impact they may…

  • Loose Lips Sink Ships (And Profit Margins!)

    by Dale "Woody" Wooden on January 27, 2015

    One of the largest threats facing any corporation is the leak of critical information and the ease at which it can be monitored by criminals and terrorists. Few organizations properly train their employees how to protect themselves at home, to stay safe while traveling, or to censor corporate information on social media. The first step in education is focusing on cyber-hygiene when traveling as…

  • PRAGMATIC Security Metrics - Applying Metametrics to Information Security

    by Ben Rothke on January 27, 2015

    Like all books on metrics, early in PRAGMATIC Security Metrics: Applying Metametrics to Information Security authors Krag Brotby and Gary Hinson state that “you can't manage what you can't measure”. The authors claim that other books on information security metrics discuss number theory and statistics in academic terms. This title promises to be light on mathematics and heavy on utility and is…

  • Peer2Peer Sessions, Crowdsourced Content, an All New Sandbox and Much More!

    by Linda Gray on January 26, 2015

    We’re just a few months away from RSA Conference and planning is well underway. This year’s show is sure to be bigger and better than ever, and we’re particularly excited to announce new session formats, a revamped Sandbox and other features. Here’s a sneak peak at some of the show’s returning favorites and new additions… Our popular Peer2Peer sessions are back. These highly interactive gatherings…

  • The Practical Guide to HIPAA Privacy and Security Compliance

    by Ben Rothke on January 25, 2015

    From an information security perspective, there is nothing overly onerous with the HIPAA security and privacy requirements. But like all regulations, the devil is in the details. While HIPAA is meant to protect large-scale disclosure of patient data, some of it includes absurd requirements such as ensuring white-boards in hospital wards don’t have full patient information and that intravenous…

  • CISOs Need a Board Coach

    by Rook Security on January 23, 2015

    Boards are concerned about cybersecurity, specifically about how it impacts their reputation and securities (stock). The CISO is capable of assisting the organization in selecting, deploying, and managing the capabilities to address risks identified by the board. What sounds like a perfect match is often not, as many CISOs don't have the business acumen required to be an active participant in…

  • SBN: Running Adobe Flash? You Need to Read This Today

    by Security Bloggers Network on January 23, 2015

    Adobe has released a critical security patch for an Adobe Flash vulnerability that is being exploited by online criminals. The vulnerability, known as CVE-2015-0310, can be used by hackers to “circumvent memory randomization mitigations” on versions of Windows. Obviously it would be sensible to ensure that your version of Flash is updated as soon as possible. If you’re using Google Chrome or…

This document was retrieved from http://www.rsaconference.com/blogs on Thu, 29 Jan 2015 21:33:15 -0500.
© 2015 EMC Corporation. All rights reserved.