Menu

Blogs

  • SecDevOps: Minimizing Vulnerabilities While Enabling Fearless Innovation

    by Tony Kontzer on November 22, 2017

    Leading image

    One of the big trends sweeping the IT world is the embracing of DevOps. But, as attendees at the recent DevOps Enterprise Summit in San Francisco were reminded, a DevOps strategy ultimately is only as strong as the security wrapped around it. Look at it this way: The point of DevOps is to get an organization's software development and operations teams on the same page to speed up the development process. But when you removing the obstacles that typically slow development teams and free them to…

  • Does Your Cybersecurity Strategy Include Jedi Knights and Imperials?

    by Dave Lewis on November 21, 2017

    What makes for a good cyber security strategy? There are all sorts of directions we could take this discussion. For instance, do you handle security issues in a reactive or proactive manner? Do you become unnecessarily preoccupied by the possible threat posed by the sharks in the ocean? Or better still, on how you will deal with all of the potential eventualities that could spring forth from that…

  • Book Review: Why CISOs Fail: The Missing Link in Security Management--and How to Fix It

    by Ben Rothke on November 17, 2017

    A recurring complaint of many executives when berating their CISO, is that they’ve spent exorbitant amounts on information security and often don’t have a lot to show for it. In Why CISOs Fail: The Missing Link in Security Management--and How to Fix It (Auerbach Publications 978-1138197893) author Barak Engel shows how these executives are at times correct. Engel has been in the information…

  • The Best Cybersecurity Programs Put Employee Training First

    by Robert Ackerman Jr. on November 14, 2017

    Timely advice about creating a worthwhile corporate cybersecurity strategy sagely starts today by realizing that establishing firewalls and relying on the IT department to monitor attacks isn’t sufficient. Reactive strategies break down over time, making proactive strategies crucial. Further, defensive strategies work only within centralized, controlled and managed-device networks – all now…

  • Don’t Be a Spreadsheet Junkie

    by Humphrey Christian on November 8, 2017

    Let’s face it. Most of us have some sort of dependence on Excel and PowerPoint. They serve as our centerpiece for aggregating data and building corporate presentations. However, when it comes to cyber security, neither one should be involved. They slow down the process, leave too much leeway for data “massaging” and create inconsistencies up, down and across the organization. Yet surprisingly, at…

  • Just How Much Does Your CISO Mitigate Cybersecurity Risk? Perhaps Less Than You Think

    by Gib Sorebo on November 3, 2017

    About ten years ago, I listened to John Thompson, then the CEO of Symantec and now Chairman of the Board for Microsoft, deliver his keynote at the RSA Conference in San Francisco. While I don’t remember many details of his talk, one quote stood out. In making a comparison to cybersecurity, he said, “You don’t buy brakes to stop. You buy brakes to go fast.” After all, if you drove your car at a…

  • Ben's Book of the Month: Review of "From CIA to APT: An Introduction to Cyber Security"

    by Ben Rothke on October 31, 2017

    It’s unclear if Albert Einstein really said that if “you do not really understand something unless you can explain it to your grandmother”. Explaining information security is often a challenge. Many try to explain it to the uninitiated, and often don’t do that great of a job. For those looking for a technical introductory text, by authors who could explain it to your grandmother, consider From CIA…

  • The Time to Rally Around Protecting Our Critical Infrastructure is Now

    by Tony Kontzer on October 30, 2017

    The massive 2003 power outage that left more than 50 million Americans and Canadians in the dark may have been a harbinger of things to come. The outage served as a sort of dress rehearsal for what happens when a major chunk of the power grid is rendered useless, and the fact that it was caused by a programming error in the distributor's alarm system should still make us very nervous. Some 14…

  • The Internet Wants You: Consider a Career in Cybersecurity

    by Wade Baker on October 26, 2017

    I want to share something with you that may not be apparent based on content statistics alone—the Internet is more than just cat videos. It stores and connects much of our lives, our livelihoods, and yes, even our livestock. That, of course, means there’s important stuff on there that needs to be protected from all manner of online threats, fraud, and pranks—including cyber cow tipping. …

  • FTP Is Dead. Long Live FTP!

    by Greg Hoffer on October 24, 2017

    The venerable File Transfer Protocol (or FTP) is going away. Kind of. Not really. In April, the Debian Project announced that it was killing its support of FTP services on November 1. Despite the Debian Project’s announcement, FTP won’t likely be faced with extinction just yet. Created in 1971, FTP has been around more than four decades. During that time, it has become ubiquitous, even if largely…

  • Denial of Trust: The Future Security Threat

    by Wendy Nather on October 18, 2017

    Visions of the future tend to include technology for good and for evil. The most frightening is when the former turns to the latter, seemingly without prompting by humans: robots gone wrong, Skynet, you name it. But more likely is the probability that good technology will be abused by humans for malicious purposes. In cybersecurity, this started with the urge to cheat at blackjack, but has now…

View All

 

Are you interested in contributing to the RSA Conference blog? Download our 2017 Editorial Calendar or 2018 Editorial Calendar for more info. 

This document was retrieved from http://www.rsaconference.com/blogs on Fri, 24 Nov 2017 09:53:39 -0500.
© 2017 EMC Corporation. All rights reserved.