The best approach to building a security policy is by using a comprehensive, layered approach that covers all threats (both new and known). This policy needs to leverage real-time threat intelligence by addressing all threat vectors and all platform types as workloads migrate from physical to virtual to...
The threat landscape certainly has changed in recent years. But can you say the same about the traditional intrusion prevention system."The biggest problem with IPSs today is that organizations are trying to fight today's threats with yesterday's solutions," says Bertone, who serves as CTO of Fidelis Cybersecurity....
As pressure to speed the development of applications intensifies, CISOs must be the "voice of reason," taking a leadership role in ensuring security issues are addressed early in app development process, says John Dickson, principal at Denim Group, a Texas-based security consultancy.
To paraphrase an old saying, a wall is only as
strong as its weakest point. When it comes
to system and data security, people are
often that point.
People are the last line of defense to prevent
unblocked attacks from clearing a path to
your systems and data. To serve that role
effectively, employees must be...
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
Despite near-constant warnings from law enforcement officials and the information security community, too many organizations still aren't taking security seriously, experts warned at the Irish Cyber Crime Conference in Dublin.
In a security landscape where the frenetic pace of technology has changed paradigms in ways organizations are struggling to cope with, Blue Coat's Hugh Thompson advises adopting a 'Degrees of Freedom' approach.
Just how prepared are Japanese entities for dealing with the risks from targeted attacks? What are the unique considerations and the maturity level? Trend Micro's Masayoshi Someya shares his perspective.
(ISC)Â² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?
Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Technology is the biggest challenge to ethics and compliance in organizations today, says Deloitte's Keith Darcy. "We have the capacity to do things before we ever consider the ethical consequences ..."
Target Corp. is providing $5 million to help fund an effort to educate consumers about the risks of cybercrime. Meanwhile, a group of House Democrats had called for a hearing about the retailer's breach, while two senators have demanded details.