Menu

Blogs

Showing Blog Posts: 1–10 of 64 tagged Security Operations

  • Don’t Be a Spreadsheet Junkie

    by Humphrey Christian on November 8, 2017

    Let’s face it. Most of us have some sort of dependence on Excel and PowerPoint. They serve as our centerpiece for aggregating data and building corporate presentations. However, when it comes to cyber security, neither one should be involved. They slow down the process, leave too much leeway for data “massaging” and create inconsistencies up, down and across the organization. Yet surprisingly, at…

  • Ben's Book of the Month: Review of "Building a Corporate Culture of Security: Strategies for Strengthening Organizational Resiliency"

    by Ben Rothke on July 31, 2017

    This month’s book of the month theme is security strategy & operations. Without a strategy and effective operations; there is no information security. The Major League Baseball All-Star game is somewhat of an oddity. You take all of the best players, and have them play together for one night. For the rest of the season, what often separate a winning team from a losing one, is the ability of not…

  • Operationalizing Cybersecurity

    by Tom Conkle on July 27, 2017

    Operationalizing, or implementing, cybersecurity is an ongoing effort that continually evolves and grows. Just like organizations can’t achieve safety; they cannot achieve cybersecurity. Therefore, having a well-defined organizational cybersecurity strategy is essential in keeping organizational security goals in mind. Board members are becoming increasingly aware of the requirements to implement…

  • Effective Cyber Security is All About the Benjamins

    by Humphrey Christian on July 10, 2017

    Who can forget the famous Jerry Maguire quote, “Show me the money!” Fans have referenced it for decades in various contexts for obvious reasons. Money drives decisions, ideas and actions. In enterprises, almost every major decision is driven by money, a.k.a ‘value at risk,’ except when it comes to cyber risk. Attempts thus far to quantify the financial impact of cyber risk have fallen short. The…

  • Digital Smoke Jumpers: Preventing a GDPR Disaster

    by Guy Bejerano on July 5, 2017

    Smoke Jumpers are an elite element of the U.S. Forest Service. They are the men and women trained to jump out of airplanes and into the heart of a forest fire. As a fire rages across rugged terrain inaccessible to conventional equipment, Smoke Jumpers act to stall the fire’s advance. Often they will use techniques that literally “fight fire with fire.” Controlled burns are executed in an inferno’s…

  • Cyber Laws and Regulations Make Sense but Must Be Strengthened

    by Robert Ackerman Jr. on June 23, 2017

    Almost everybody knows by now that many of our activities have become dependent upon computer systems, data networks and various electronic devices – and that the movement toward hyper connectivity confronts a relentless siege from constantly evolving cyber threats and vulnerabilities. Most companies have their hands full, and far too many are being breached despite their sharply heightened focus…

  • What the Super Bowl Teaches About Cyber Security – Are Security and Operations Uniting Like a Team?

    by Allison Cramer on February 5, 2017

    I survived the play offs, wondered why anyone watches the Pro Bowl, and then set my focus on the Super Bowl. Who would win – who had the best skills, best coaching, best records, etc. As I wondered I started to see similarities between the relationships of the players and the relationships of security and operations teams. Stick with me for a moment. At the simplest level, the defense is there to…

  • Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies

    by Ben Rothke on December 29, 2016

    Advanced persistent threats (APT) have gotten significant amounts of press over the last few years. When I first scanned the title of this book, I assumed it was on that topic. While Advanced Persistent Security: A Cyberwarfare Approach to Implementing Adaptive Enterprise Protection, Detection, and Reaction Strategies (Syngress 978-0128093160) does details APT, that’s not the main focus. The books…

  • DNS Security: Defending the Domain Name System

    by Ben Rothke on November 22, 2016

    That you are reading this review, and my ability to post it are due in large part due to the Domain Name System (DNS). DNS is Wikipedia describes it is a hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most…

  • How to Avoid Wasting Time on False Positives

    by Carl Manion on November 7, 2016

    False positives. Those annoying notifications that make you panic at first, but after further investigation, turn out to be nothing to worry about. At first, they may seem like a minor inconvenience, but what happens when you have hundreds—or even thousands—of them occurring every day and you find yourself wasting 75 percent (or more) of your time? Unfortunately, this is exactly what’s happening…

View All

 

Are you interested in contributing to the RSA Conference blog? Download our 2017 Editorial Calendar or 2018 Editorial Calendar for more info. 

This document was retrieved from http://www.rsaconference.com/blogs on Sat, 25 Nov 2017 00:41:01 -0500.
© 2017 EMC Corporation. All rights reserved.