Menu

Blogs

Showing Blog Posts: 1–10 of 693

  • Designing and Building a Security Operations Center

    by Ben Rothke on January 28, 2015

    Many organizations are overwhelmed by the onslaught of security data from disparate systems, platforms and applications. They have numerous point solutions (anti-virus, firewalls, IDS/IPS, ERP, access control, IdM, single sign-on, etc.) that can create millions of daily log messages. In addition to directed attacks becoming more frequent and sophisticated, there are regulatory compliance issues…

  • Data Privacy (or the Lack Thereof) in the Internet of Things

    by John Linkous on January 28, 2015

    At this year's Consumer Electronics Show (CES) in Las Vegas, new technologies ran the gamut from incremental changes for existing technologies to full-blown new market segments (here's looking at you, drones). While technologies such as drones and connected cars have significant implications for geo-positioning privacy and even kinetic threats, an even bigger threat comes from the impact they may…

  • PRAGMATIC Security Metrics - Applying Metametrics to Information Security

    by Ben Rothke on January 27, 2015

    Like all books on metrics, early in PRAGMATIC Security Metrics: Applying Metametrics to Information Security authors Krag Brotby and Gary Hinson state that “you can't manage what you can't measure”. The authors claim that other books on information security metrics discuss number theory and statistics in academic terms. This title promises to be light on mathematics and heavy on utility and is…

  • Loose Lips Sink Ships (And Profit Margins!)

    by Dale "Woody" Wooden on January 27, 2015

    One of the largest threats facing any corporation is the leak of critical information and the ease at which it can be monitored by criminals and terrorists. Few organizations properly train their employees how to protect themselves at home, to stay safe while traveling, or to censor corporate information on social media. The first step in education is focusing on cyber-hygiene when traveling as…

  • Peer2Peer Sessions, Crowdsourced Content, an All New Sandbox and Much More!

    by Linda Gray on January 26, 2015

    We’re just a few months away from RSA Conference and planning is well underway. This year’s show is sure to be bigger and better than ever, and we’re particularly excited to announce new session formats, a revamped Sandbox and other features. Here’s a sneak peak at some of the show’s returning favorites and new additions… Our popular Peer2Peer sessions are back. These highly interactive gatherings…

  • The Practical Guide to HIPAA Privacy and Security Compliance

    by Ben Rothke on January 25, 2015

    From an information security perspective, there is nothing overly onerous with the HIPAA security and privacy requirements. But like all regulations, the devil is in the details. While HIPAA is meant to protect large-scale disclosure of patient data, some of it includes absurd requirements such as ensuring white-boards in hospital wards don’t have full patient information and that intravenous…

  • SBN: Running Adobe Flash? You Need to Read This Today

    by Security Bloggers Network on January 23, 2015

    Adobe has released a critical security patch for an Adobe Flash vulnerability that is being exploited by online criminals. The vulnerability, known as CVE-2015-0310, can be used by hackers to “circumvent memory randomization mitigations” on versions of Windows. Obviously it would be sensible to ensure that your version of Flash is updated as soon as possible. If you’re using Google Chrome or…

  • CISOs Need a Board Coach

    by Rook Security on January 23, 2015

    Boards are concerned about cybersecurity, specifically about how it impacts their reputation and securities (stock). The CISO is capable of assisting the organization in selecting, deploying, and managing the capabilities to address risks identified by the board. What sounds like a perfect match is often not, as many CISOs don't have the business acumen required to be an active participant in…

  • A Guide for CISOs Concerned About Data Collection

    by Fahmida Y. Rashid on January 22, 2015

    In A CISOs Guide to Principles of Data Privacy and Security, David Sheidlower, a CISO of an international media and advertising firm examines the key issues surrounding data privacy and security. The eBook is currently publicly available on Security Current . The Guide addresses privacy policies, Big Data, consent, governance, and security. In the introduction, Sheidlower quotes Ed Mierzwinski, …

  • State of the Union Puts Cybersecurity on National Agenda

    by Fahmida Y. Rashid on January 21, 2015

    Buried among the slew of national issues such as equal pay, immigration reform, climate change and Ebola, President Barack Obama spent a few seconds talking about net neutrality and cybersecurity in his State of the Union speech Tuesday evening. While it's nice to see security on the general agenda, it's still too early to know the government's plans. The full paragraph from the State of the Union…

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 28 Jan 2015 23:15:00 -0500.
© 2015 EMC Corporation. All rights reserved.