Blog Posts Tagged with "Security Strategies"


BYOD - Challenges of Protecting Data - Part 4

August 07, 2012 Added by:Rafal Los

When it comes down to it, BYOD is only possible if you've got the basics of data-centric security right. You know, protecting the actual data rather than trying to build elaborate structures around the things that work with that data in order to compensate. Let me explain...

Comments  (0)


On Security Awareness Training

August 05, 2012 Added by:PCI Guru

Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...

Comments  (0)


BYOD: Challenges of Protecting Data - Part Two

August 01, 2012 Added by:Rafal Los

Productivity is nice to talk about when you can sit at home and read your corporate email on your tablet, or mobile phone - but what if that device is ridden with malware, or hijacked to be part of a botnet, there are very serious security and productivity implications there. Let's expand on this a bit...

Comments  (0)


Don’t Freak Out, It was Only DefCon

July 31, 2012 Added by:Brent Huston

Disregard tales of drunken hackers menacing Vegas hotels, changing signs and doing social engineering attacks. They are good for amusement and awareness, but they are NOT really useful as a lens for viewing your organization’s risk or the steps you should be taking to protect your data. Instead, stick to the basics...

Comments  (1)


BYOD: Challenges of Protecting Data - Part One

July 30, 2012 Added by:Rafal Los

Whether we're talking about cloud computing, or BYOD, or hacking in general - the buck stops with data. Some believe you can't ever classify all of your data and you should move on, while others believe that without making data custodians responsible for classification of critical data nothing else can happen...

Comments  (1)


UK Intelligence and Security Committee Annual Report

July 20, 2012 Added by:Stefano Mele

"There appears to have been some progress on developing cyber capabilities. However, cyber security is a fast-paced field and delays in developing our capabilities give our enemies the advantage. We are therefore concerned that much of the work to protect UK interests in cyberspace is still at an early stage..."

Comments  (0)


English Translation of the Dutch Defense Cyber Strategy

July 18, 2012 Added by:Matthijs R. Koot

The biggest threat in the digital domain is due to high-end and complex digital offensive capabilities that are targeted at a specific targets that can severely limit the the armed forces' ability to act. A lack of insight into digital possibilities to carry out attacks is a real risk to the armed forces...

Comments  (0)


On Government Strategies to Mitigate Growing Cyber Threats

July 16, 2012 Added by:Plagiarist Paganini

We have witnessed the recruitment of hackers on the part of governments to carry out offensive actions and to train personnel in the use of deadly new weapon... the keyboard. Not with bullets, but with bits we must now battle, and who better than a hacker can transfer their knowledge on the subject matter?

Comments  (0)


Spring Cleaning for Your Security Toolbox

July 08, 2012 Added by:Robb Reck

Give each system and process a priority rating. The ones with the highest rating get the training, money and man-power assigned to master, maintain and run them. The ones with lower ratings get a project plan set up for decommissioning. As in most things in life, true excellence is in quality, not quantity...

Comments  (0)


The Resilient Enterprise: Taming Chaos with Automation

June 20, 2012 Added by:Rafal Los

Whatever the incident or failure, the system can detect and respond in an automated fashion as long as its within the realm of known things. When things fail or break in a new way that has never been seen before, the system will take corrective action to restore service to the best of its ability...

Comments  (0)


Insider Threats Confound Enterprise Security Efforts

June 20, 2012 Added by:Headlines

"The majority of staff within any organization are trustworthy and honest. But businesses must understand the scale of the threat posed by the small proportion of staff who act dishonestly and defraud their employer and the numerous ways in which an organization can be targeted"...

Comments  (1)


Companies Focus on Growth But Lag Behind Threats

June 20, 2012 Added by:Bob Radvanovsky

Industries that are regulated or that have to adhere to a standard feel that if they simply follow the requirements that they are secured. This is a misnomer, as adherence to a regulation, governance or compliance standard is a good start, but it does not necessarily mean that an organization is "secure"...

Comments  (0)


Stability is Bad for Your Business

June 19, 2012 Added by:Rafal Los

In really re-evaluating what my whole push behind enterprise resiliency is all about - I've come to realize that the stability / resiliency tradeoff is actually quite intuitive, it's just that not many of us were taught to think this way. What we're really saying is that stability is bad...

Comments  (0)


CISSP Reloaded Domain Eight: BCPs and DRs

June 14, 2012 Added by:Javvad Malik

Some companies are not factoring cloud-based or 3rd party hosted applications into their DR plans because contractually the cloud provider is responsible. What would you do if your cloud-provider got hit by a disaster they couldn’t recover from. What would you do in order to continue your business operations?

Comments  (0)


Pink Floyd’s "The Wall" and Compliance

June 12, 2012 Added by:Thomas Fox

Compliance: One of the most important things is that sometimes you just hit a brick wall. You can carefully plan a strategy, implement the planned strategy and then measure the results, but it can still fall completely flat. In other words, you hit the proverbial wall...

Comments  (0)


What's in a Name: Does DevOps Need a Security Flavor?

June 12, 2012 Added by:Rafal Los

Lots of folks are trying to remove bottlenecks between development and deployment within an organization to get IT to a more agile state. Every once in a while someone talks about security - I've been trying to figure out whether and how we should be discussing the DevOps and security relationship...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »