Menu

Blogs

Showing Blog Posts: 1–10 of 859

  • Forget IoT. Your Antivirus is under Heavy Fire

    by RSAC Contributor on September 1, 2015

    This post comes from Bogdan Botezatu, a security researcher with BitDefender. While the general public awaits the IoT apocalypse, the rest of us know the real threat actually runs much deeper. Highly skilled and extremely well financed computer experts are targeting the apex link in the security ecosystem: the anti-malware vendor itself. Recent revelations have shown the National Security Agency…

  • Five Ways Security Metrics Do More Harm Than Good

    by Tony Bradley on August 31, 2015

    There is no shortage of data out there. Virtually everything with a power source is logging events and churning out data almost constantly—including all of your security tools. That data—your security metrics—can uncover valuable truths about your security posture if used and analyzed properly, but it can also be very misleading or completely useless. Aaron Levenstein is credited with this little …

  • Introduction to Social Media Investigation

    by Ben Rothke on August 28, 2015

    Had you Googled social media investigation a decade ago, you would have gotten a handful of responses. Today, it has become a key part of law enforcement, family law and more. Social media played predominantly in the terrible murder last week of journalists Alison Parker and Adam Ward. Law enforcement poured over the social media profiles of the perpetrator. In Introduction to Social Media…

  • Treat Yourself to a SPA, Not a Pen Test

    by Rook Security on August 27, 2015

    A lot of companies are asked to do a pen test by their clients, because they think a pen test will let them know if their business partner’s technology is “secure” against cyber threats. The scan happens. The areas that need to be fixed are fixed. And the client feels warm and fuzzy inside. However, this feeling is misleading as the company isn't necessarily more secure— all it says is that you…

  • Security Metrics to Drive Change

    by Tony Bradley on August 24, 2015

    What’s the point, really? You've dedicated terabytes of storage to capture insane volumes of log data, but for what? Yes, you can distill the highlights which make you look good and drop them in your reports. Be warned that those types of vanity metrics don’t provide any real value. Use the right security metrics in the right way, and you can clearly illustrate the issues. And that's how you…

  • If You Don't Know Where You Are, How Do You Know Where You Are Going?

    by Tony Bradley on August 21, 2015

    Business intelligence and big data analytics are valuable tools for organizations. Collecting and analyzing the right metrics related to current and past performance helps businesses develop effective plans for the future. This is especially true when it comes to securing your network and protecting your data. Think of it like making a trip to the grocery store. You can just walk in and shop. You…

  • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography

    by Ben Rothke on August 19, 2015

    It’s not clear who first uttered the quip: Of course I can keep a secret. It's the people I tell it to that can't. But what’s clear is that there are plenty of times when it’s a matter of life and death to ensure that secrets remain undisclosed. In The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography, author Simon Singh reveals the often hush-hush world of the science of…

  • What Black Hat and the NFL Have in Common: Strategy

    by Eric Cowperthwaite on August 19, 2015

    This time of year is a merging of two of my favorite things, Hacker Summer Camp aka BSidesLV, Black Hat and DefCon, and the beginning of the football season. On the surface it might not appear that these things have a lot in common. However, a bit deeper analysis tells us that the strategies employed by your security team and your favorite football team revolve around many of the same principles…

  • Change Your Gears

    by Securosis Team on August 17, 2015

    I'm a cyclist. Not necessarily a very good one, but I can hold my own in the middle of the pack. On group rides you always have the person who locks into a gear and sticks with it. Their pedaling cadence slows on hills, speeds up on inclines, and they don't really shift a lot. It isn't overly efficient, especially compared to the pro-level riders who keep a constant cadence and work the shifter…

  • A Note on #CISOProblems

    by Eric Cowperthwaite on August 11, 2015

    What is it about this time of year? In the past month or so I’ve noticed even more headlines and reports than usual about the problems plaguing today’s CSOs and CISOs. If you’ve somehow managed to dodge the onslaught of grim stats, I’ll sum it up for you: The “bad guys” are proliferating and becoming more sophisticated. Security managers are having a hard time getting enough “good guys” on their…

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 02 Sep 2015 02:25:09 -0400.
© 2015 EMC Corporation. All rights reserved.