Menu

Blogs

  • Book review: Serious Cryptography: A Practical Introduction to Modern Encryption

    by Ben Rothke on December 13, 2017

    Leading image

    Philosopher Alfred North Whitehead noted that modern philosophy is simply a series of footnotes to Plato. When it comes to cryptography, much of it is simply footnotes to Bruce Schneier’s classic work Applied Cryptography: Protocols, Algorithms and Source Code in C. In Serious Cryptography: A Practical Introduction to Modern Encryption (No Starch Press 978-1593278267), Jean-Philippe Aumasson has written not just some good footnotes to Schneier, but a valuable work on modern encryption and…

  • The New Frontier of App Security

    by Ryan O’Leary on December 8, 2017

    The speed of business is constantly increasing. To keep up, organizations have started to develop and release new products, websites, and apps at breakneck speeds. This quickened pace has shifted the way web applications are developed. Development software now needs to seamlessly integrate into other tools, so there are more APIs, and because we want to release apps faster, we’ve moved to a…

  • Supply Chain Attacks on Retail – What Happens When Trusted Channels Can’t be Trusted?

    by Netta Schmeidler on December 5, 2017

    The holiday season has officially begun, but for many retailers those visions of dancing sugarplums have given way to nightmares about cyberattacks. The ThreatMetrix Q3 2017 Cybercrime Report predicts that the number of ecommerce attacks in the last quarter of 2017 will be greater than the number of attacks across all industries in the same quarter last year, with more than 50 million attacks…

  • Ben's Book of the Month: Review of "How Healthcare Data Privacy Is Almost Dead ... and What Can Be Done to Revive It!"

    by Ben Rothke on November 30, 2017

    This month’s theme is security strategy & operations. Some questions include: what makes a good cybersecurity strategy? What policies and procedures should you have in place to ensure your employees, customers and sensitive data remain safe? If you believe John Trinckes in How Healthcare Data Privacy Is Almost Dead ... and What Can Be Done to Revive It! (Auerbach Publications 978-1498783958), the…

  • Cyber Criminals Are Turning to a New Source of Valuable, Loosely Protected Data, and You Won't Believe What Industry It's In

    by Tony Kontzer on November 29, 2017

    It's time for today's cybersecurity awareness test: What industry has accounted for 2 percent of all data breaches during 2017, more than healthcare, social media or retail? Finance would be a good guess, but it would be skewed by the scale of the Equifax breach. Government would make sense, too, given that the IRS was breached earlier this year and the SEC in September revealed a substantial…

  • Cybersecurity Strategies that Won’t Break the Bank

    by David Bradbury on November 28, 2017

    Throughout my career, I have seen first-hand the real world impacts that a breach in cyber security can have on customers, businesses and communities. With cyberattacks growing in number and sophistication, today security is a requirement of "doing business", however, many companies and organizations lack the knowledge and resources to secure their platforms, products and solutions. For example, …

  • SecDevOps: Minimizing Vulnerabilities While Enabling Fearless Innovation

    by Tony Kontzer on November 22, 2017

    One of the big trends sweeping the IT world is the embracing of DevOps. But, as attendees at the recent DevOps Enterprise Summit in San Francisco were reminded, a DevOps strategy ultimately is only as strong as the security wrapped around it. Look at it this way: The point of DevOps is to get an organization's software development and operations teams on the same page to speed up the development…

  • Does Your Cybersecurity Strategy Include Jedi Knights and Imperials?

    by Dave Lewis on November 21, 2017

    What makes for a good cyber security strategy? There are all sorts of directions we could take this discussion. For instance, do you handle security issues in a reactive or proactive manner? Do you become unnecessarily preoccupied by the possible threat posed by the sharks in the ocean? Or better still, on how you will deal with all of the potential eventualities that could spring forth from that…

  • Book Review: Why CISOs Fail: The Missing Link in Security Management--and How to Fix It

    by Ben Rothke on November 17, 2017

    A recurring complaint of many executives when berating their CISO, is that they’ve spent exorbitant amounts on information security and often don’t have a lot to show for it. In Why CISOs Fail: The Missing Link in Security Management--and How to Fix It (Auerbach Publications 978-1138197893) author Barak Engel shows how these executives are at times correct. Engel has been in the information…

  • The Best Cybersecurity Programs Put Employee Training First

    by Robert Ackerman Jr. on November 14, 2017

    Timely advice about creating a worthwhile corporate cybersecurity strategy sagely starts today by realizing that establishing firewalls and relying on the IT department to monitor attacks isn’t sufficient. Reactive strategies break down over time, making proactive strategies crucial. Further, defensive strategies work only within centralized, controlled and managed-device networks – all now…

  • Don’t Be a Spreadsheet Junkie

    by Humphrey Christian on November 8, 2017

    Let’s face it. Most of us have some sort of dependence on Excel and PowerPoint. They serve as our centerpiece for aggregating data and building corporate presentations. However, when it comes to cyber security, neither one should be involved. They slow down the process, leave too much leeway for data “massaging” and create inconsistencies up, down and across the organization. Yet surprisingly, at…

View All

 

Are you interested in contributing to the RSA Conference blog? Download our 2018 Editorial Calendar for more info. 

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 13 Dec 2017 11:57:37 -0500.
© 2017 EMC Corporation. All rights reserved.