Menu

Blogs

Showing Blog Posts: 1–10 of 190 tagged Enterprise Defense

  • Secure Data Deletion

    by Ben Rothke on November 30, 2016

    The law of conservation of energy is that energy remains constant; it can be neither created or destroyed. It simply transforms from one form to another. While not a perfect analogy, data on a hard drive or other physical media is quite difficult to completely transform to the state of fully erased. While many have lost files and been unsuccessful in retrieving them, for an information security…

  • 10 Attributes of a NextGen Security Program

    by Rook Security on November 30, 2016

    By Mat Gangwer, CTO, Rook Security The uptick in the number of data breaches in the recent months has placed more focus and attention on companies’ security processes and programs. It is critical to begin planning and executing a security program with the proper tools in place to efficiently block, notify, and respond to threats while effectively controlling security resources and utilization to…

  • Businesses Must Secure Customer Data to Ensure Holiday Season Success

    by Nathan Eddy on November 28, 2016

    The holiday season is prime time for the use of credit card skimmers in retail environments. This time of year, the number of transactions increases and the ability of the average retailer to respond to threats is limited due to the amount of activity. Furthermore, most companies are in a change freeze between Thanksgiving and Christmas, slowing the rollout of new or modified security controls. …

  • DNS Security: Defending the Domain Name System

    by Ben Rothke on November 22, 2016

    That you are reading this review, and my ability to post it are due in large part due to the Domain Name System (DNS). DNS is Wikipedia describes it is a hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most…

  • Camouflaging State-Sponsored Malware Attacks

    by RSAC Contributor on November 21, 2016

    By Gunter Ollmann, CSO, Vectra Networks Most organizations continue to struggle with malware-based intrusions. Despite the deployment of policies, user education, enforcement chokepoints, data inspection, and regular assessment of defenses, malware remains the primary method of breaching the corporate network. While anti-virus vendors persist in publishing exposés on the latest and most advanced…

  • How to Protect Your Business When Your Cybersecurity Team Is Understaffed

    by Nathan Eddy on November 14, 2016

    There is a negative unemployment rate in IT security, which has led to a shortage of available talent in the market, with many firms unable to attract or evaluate key security talent. According to a Peninsula Press analysis of numbers from the Bureau of Labor Statistics, there were 209,000 unfilled cybersecurity jobs in the U.S. in 2015, with information security job postings up 74 percent in the…

  • Boards of Directors Are Driven Primarily by Compliance, Not Fear

    by Ryan Stolte on November 9, 2016

    Cybersecurity and risk are hot topics in the boardroom. Board members are increasingly asking CISOs to explain how they are protecting the company so that they can make informed cybersecurity decisions. In June 2016, we released a report, How Boards of Directors Really Feel About Cyber Security Reports that illustrated the increasing pressure for CISOs to present understandable and actionable…

  • How to Avoid Wasting Time on False Positives

    by Carl Manion on November 7, 2016

    False positives. Those annoying notifications that make you panic at first, but after further investigation, turn out to be nothing to worry about. At first, they may seem like a minor inconvenience, but what happens when you have hundreds—or even thousands—of them occurring every day and you find yourself wasting 75 percent (or more) of your time? Unfortunately, this is exactly what’s happening…

  • How to Spot (and Stop) Insider Threats

    by Jennifer Lawinski on November 1, 2016

    In light of recent news that the FBI arrested another NSA contractor for allegedly stealing state secrets in August, we sat down with insider threat expert Dawn Cappelli, Vice President and Chief Information Security Officer at Rockwell Automation, to talk about what businesses can do to combat malicious insider activity. RSAC: What are the different types of insider threats companies need to be…

  • Cybersecurity and Applied Mathematics

    by Ben Rothke on October 26, 2016

    Mathematics is an integral (no pun intended) part of information security and cryptography. The RSA cryptosystem is one of many examples—its foundation is based on mathematics. The core security of RSA is based on the practical difficulty of factoring the product of two very large prime numbers, known as the factoring problem. In elliptic curve cryptography (ECC), its security is based on the…

This document was retrieved from https://www.rsaconference.com/blogs on Wed, 07 Dec 2016 13:14:14 -0500.
© 2016 EMC Corporation. All rights reserved.