Blog Posts Tagged with "Security Strategies"

94ae16c30d35ee7345f3235dfb11113c

Electronic Warfare and Cyber – Uncomfortable Cousins?

January 18, 2013 Added by:Joel Harding

I know the Chinese recently held a military exercise under constrained conditions, they even advertised it ex post facto. Why don’t we? I would see that as the perfect opportunity to increase the cross-pollination, knowledge and appreciation between Electronic Warfare and cyber...

Comments  (0)

76e662e7786bf88946bd6c010c03ac65

Controversial Active Cyber Defense

December 01, 2012 Added by:Jarno Limnéll

Increasingly, both the armed forces and businesses are practicing the concept of “active defense,” a military term that refers to efforts to thwart an attack by attacking the attackers. However popular it has become, active defense is an alarming trend...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Unconventional Defense - Taming a wild environment with CCRM

November 15, 2012 Added by:Rafal Los

Configuration, Change and Release Management is crucial to being an effective information security organization in an enterprise large, or small. If you don't have a handle on the rate of change in your enterprise, you have absolutely no hope of effectively securing anything...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

CISO Concerns: Security vs. Usability, Affordability

October 25, 2012 Added by:Rafal Los

Recently in New York city we hosted a CISO-level event where we discussed various issues experienced during the life of an enterprise security program. CISOs brought up various topics from budgeting to being overwhelmed with constantly evolving threats - but one in particular caught my attention...

Comments  (2)

Bd07d58f0d31d48d3764821d109bf165

What’s Your Horizon of Focus for Security?

October 09, 2012 Added by:Tripwire Inc

In the corporate world, we talk a lot about corporate goals & objectives. In the US Government, you hear a lot about “The Mission,” which is the unifying goal that ties an agency (or multiple agencies) together in a shared sense of purpose. I’m a big believer in connecting our actions as information security professionals to The Mission...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security and the Enterprise: Connect What?

September 20, 2012 Added by:Tripwire Inc

We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?

Comments  (0)

Ff632049ba1218ecd55b8122b2112642

The Best in Practice

September 12, 2012 Added by:Randall Frietzsche

If we are charged with designing, architecting, implementing, deploying, integrating, training and supporting security technology, processes and policies within our organization, we might discover that this work is really an art more than a science...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Why Data Security and Enterprise Risk Management are Important

August 28, 2012 Added by:Christopher Rodgers

Management sometimes assumes that when they have identified and summarized the top risks to their organization through a Strategic Risk Assessment, that they have implemented ERM. This is simply not the case. Strategic Risk Assessment is an important component of ERM and usually a starting point, but not a final destination...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Threat Intelligence: Plenty Out There, But Are You an Analyst?

August 27, 2012 Added by:Infosec Island Admin

As the complexity of attacks grow at a rate outstripping the pace of Moores Law, defenders have to take up a more nuanced approach to protecting their environments. Reliance on technical solutions alone is not tenable, you have to look at the creature behind the keyboard to get a better picture of the attack...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Which Application Testing is Right for Your Organization?

August 23, 2012 Added by:Brent Huston

Billions of dollars and millions of identities are at stake every day. In the past, security professionals thought firewalls, Secure Sockets Layer, patching, and privacy policies were enough to protect websites from hackers. Today, we know better. Whatever your industry — you should have consistent testing...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

Thoughts On a U.S. Cyber Militia

August 23, 2012 Added by:Joel Harding

The Swiss are standing up a cyber command and they say their cyber warriors will be armed. Why wouldn’t this work in the US? First, we don’t trust our people as much as the Swiss. That is the nature of our culture, especially in the US. We are more paranoid, cynical and negative. We tend to micromanage...

Comments  (4)

Bd07d58f0d31d48d3764821d109bf165

Compliance is Not Always a Four-Letter Word

August 22, 2012 Added by:Tripwire Inc

This typical reaction I get in the US is many organizations see compliance as a “tax” and try to get away with doing the bare minimum. How do you and your organizations view compliance? Do you see it as a four-letter word, a nuisance, or as a step along the path to more effective security?

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Defining One Successful Strategy for Enterprise Security

August 20, 2012 Added by:Rafal Los

In far too many organizations leaders and practitioners tell me that the role of Information Security is to protect the organization. Accepting this thinking got us into the predicament where are today, where security isn't everyone's job and only Infosec is thinking about security. This couldn't be more wrong...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Army to Integrate Cyber Considerations Across the Board

August 20, 2012 Added by:Headlines

"The vulnerabilities inherent in social media, ubiquitous encryption and malicious software that has the ability to change form and target enroute, retaining access and the freedom to maneuver in cyberspace will be essential for us to defend ourselves and influence the nature of future conflict..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Unsafe at Any Speed: Enterprises Misunderstand Software Quality

August 13, 2012 Added by:Rafal Los

I had a hard time believing that "going faster" could be more secure. It was difficult to wrap my brain around how deploying code in more rapid succession could mean that the code deployed could actually be safer... but I believe that to be true now. The one caveat here is "if it's done right"...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Mobile Security Experts on BYOD

August 08, 2012 Added by:Fergal Glynn

Devices aren’t the main problem in a BYOD strategy: employees are. That’s why BYOD is not just a technical issue. It needs a holistic approach that includes HR, data security and legal stakeholders. Organizations adopting a BYOD strategy should put in place a strategy that includes policies and technical constraints...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »