Menu

Blogs

Showing Blog Posts: 1–10 of 85 tagged Risk Management

  • Secure Data Deletion

    by Ben Rothke on November 30, 2016

    The law of conservation of energy is that energy remains constant; it can be neither created or destroyed. It simply transforms from one form to another. While not a perfect analogy, data on a hard drive or other physical media is quite difficult to completely transform to the state of fully erased. While many have lost files and been unsuccessful in retrieving them, for an information security…

  • The New Security Boundaries and How to Protect Them

    by Peter Merkulov on September 23, 2016

    The traditional network perimeter is a relic—a vestige of a time before the advent of easy mobility. And security strategies that focus on traditional perimeter defense are a symptom of change resistance and of a fixation on the past rather than a vision for the future. Consider this; the latest Ericsson mobility report says that 90 percent of the world’s population over the age of six will own a…

  • Perfecting Risk-Based Authentication: Applying the Right Tools to Lessen Risk

    by Gasan Awad on September 7, 2016

    Eighty percent of respondents to Kroll’s Global Fraud Report 2015/2016 said their organizations became more vulnerable to fraud in the past year. This means organizations need to be more aggressive in their collective approach to keeping fraud under control, including using a combination of fraud mitigation, identity proofing and account validation. In today’s competitive market, organizations…

  • Perfecting Risk-Based Authentication: Deciphering Multi-Layered Identity Proofing Strategies

    by Gasan Awad on May 12, 2016

    Fraudsters are a smart group. With each fraud prevention method that’s introduced, they figure out ways to work around it. Organizations must be careful when using technologies that fraudsters may have compromised, but that doesn’t mean throwing everything out and starting from scratch. As with many things, in security and fraud prevention one tool is never enough. An alarm system makes your home…

  • Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

    by Ben Rothke on April 1, 2016

    The notion of information assurance is not necessarily synonymous with information security. In Information Assurance Handbook: Effective Computer Security and Risk Management Strategies, (McGraw-Hill Education ISBN-13: 978-0071821650), authors Corey Schou and Steven Hernandez examine the subtle differences. Information assurance is about assuring information and managing risks related to all…

  • Cybercrime and Threats Are Growing in 2016

    by RSAC Contributor on January 21, 2016

    This post in our VC-series comes from Alberto Yépez and Don Dixon, managing directors of Trident Capital Cybersecurity. It’s a new year, and we are poised again for another round of malicious, often successful cyberattacks, many of which will draw upon ever more sophisticated technology. And some of which will be surprisingly deceptive. Take, for example, so-called “onion-layered” security…

  • The Security Reading Room: The Best Information Security Books of 2015

    by Ben Rothke on December 23, 2015

    There were a lot of good information security books that came out in 2015, and many that were not worth reading. The following books stand out as the best, listed in no particular order: Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World: Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and…

  • How to Enjoy the Holidays in Peace (While Keeping the Network Secure)

    by Tony Bradley on December 10, 2015

    I’m not sure why we even bother showing up to work in the month of December. The first week is spent coming down off of the Thanksgiving-gluttony food coma and frantically shopping online during work hours to find holiday gift bargains. We show up for the next two weeks because of a mandatory requirement to be physically present (even though you’ve already mentally checked out) and you’re just…

  • Insuring Cyber the Same Way as Natural Disasters

    by Rook Security on September 30, 2015

    There is no doubt that cyberinsurance is a fast-growing product with an important role in our current landscape where security breaches are happening at a breakneck pace. And many claim the market is nowhere near fully saturated...lots of companies remain unprotected. Most every Risk Manager has a disaster plan for what we typically think of as natural disasters: hurricane, fire, even polar…

  • Glass Houses are Cheaper: the Case for Transparent Pentesting

    by Wendy Nather on September 16, 2015

    When you engage an external company to do vulnerability assessments and penetration testing, you have a few options on how to scope it. Here are some of them: Win/lose engagement: either they get in, or they don't. In a previous life, I bought pizza for the consultants if they got in during the annual pentest. For four years I bought pizza, and then in the fifth year my wallet finally got a break. …

This document was retrieved from https://www.rsaconference.com/blogs on Sat, 10 Dec 2016 07:39:28 -0500.
© 2016 EMC Corporation. All rights reserved.