Information Security

Information Security news, information, and how-to advice

sepia number 3 film reel top three

The 3 hidden costs of incident response

Every business function seeks to apply finite resources to maximum benefit, and to do that effectively in security, like threats, requires a keen understanding of those costs that are known and those that are hiding.

futuristic security interface

The evolution of security operations, automation and orchestration

Basic functionality of SOAR products is being supplemented with strong integration, canned runbooks, and case management.

ransom locked encrypt

2018 – the year of the targeted attack?

There is a definite increase in sophisticated bad actor groups focusing on specific, high value targets.

woman on smartphone city network security leader iot

What is a Chief Security Officer? Understanding this critical role

The Chief Security Officer (CSO) is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.

public cloud

Don’t fall off the log!

Effective log management is key to data security in the public cloud.

rsa

6 takeaways (and 3 predictions) from CISO meetings at the RSA Conference

The most effective way for divining the current state of enterprise cybersecurity practices is to talk to a number of CISOs representing different industries and to distill those conversations into an overall model.

keys authentication

How consumer omnichannel authentication benefits businesses

Consumers want the same authentication experience across all channels without the hassle of remembering passwords, pins, etc. Consumer omnichannel authentication is transforming businesses and providing key benefits, including...

apple store

Apple means business when protecting intellectual property

Apple takes the protection of intellectual property very seriously. In 2017, it says 27 people were caught and 12 arrested for revealing inside information.

hunting and monitoring security threats

Cyberwar: Silicon Valley’s new bright, shiny thing

Tech companies are hoping you forget history and ignore their culpability.

uncle sammy

Insuring Uncle Sam’s cyber risk

The insurance sector needs to have panel members that are already cleared and approved by the DoD in advance of a cyber incident being reported and arguably before coverages are agreed upon within the four corners of an insurance...

login credential - user name, password - administrative controls

Adopt the NIST cybersecurity framework (CSF) and harness the wisdom of crowds

The NIST CSF crowd-sourcing methodology is exactly what makes it so robust. It draws from every angle the priorities and use cases of its creators, resulting in a framework that adds depth and breadth to your organization, while being...

vulnerable gdpr breach security cyber attack

GDPR: one size does not fit all

Why mid-market companies face a tougher road with GDPR.

data science certification brain with data

Avoiding split-brain scenarios for security solutions

Security solutions can have split-brain personalities especially when promises, architectures, expectations, and real-world runtime do not match. Vendors and end users need to be aware of when the hands are not aware of what the feet...

iot security networking privacy

Intentional Electromagnetic Interference (IEMI) – the overlooked threat to IoT

As IoT adoption continues to proliferate, manufactures and adopters are increasingly aware of cybersecurity risks to IoT. Yet, even among the IoT security professionals, one significant potential remote attack vector is often...

supply chain

DOD releases new guidance to protect data within the supply chain

Companies supplying products and services to the US Department of Defense must meet 110 security requirements specified in NIST SP 800-171 or risk losing contract awards through a new set of risk scoring guidelines. The new rules...

security threats and vulnerabilities

5 signs you've been hit with an advanced persistent threat (APT)

Do you have valuable data on your network? Noticing odd network behavior? You could be the victim of an APT attack

ransomware breach hackers dark web

Another night at the information security museum

Firms need to put fundamental information security processes in place to ensure they don’t become ransomware victims. It’s not that difficult, people.

8 small business security

Doing security policies right

To maximize the effectiveness of your business’ security policy, consider these five essential areas during the creation and deployment stages.

agile devops

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

European Union, EU

General Data Protection Regulation (GDPR) requirements, deadlines and facts

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

Load More