the State of Security

Incident Detection

Incident Detection and the State of Security

How To Deal with a Security Incident

How To Deal with a Security Incident

by Cindy Valladares

“Incidents are bound to happen, there’s no avoiding it!” Are you prepared to deal with a security breach? Infosec expert and ‘cynic’ Javvad Malik interviews Brian Honan (@BrianHonan on Twitter) internationally recognized information security expert, during Infosecurity Europe conference to offer tips on how to respond to security incidents. First tip? Identify if the problem [...]

Read More
Challenges in placing information security teams in the right organizational structure

Challenges in placing information security teams in the right organizational structure

by Shawna Turner-Rice

I often write blogs based on what crosses my inbox during a week; and recently I saw just enough articles on who security should report to that I thought I’d select it as the topic du jour.  (Much like Adam, I rarely seem to get to writing these early. This isn’t a new topic, I [...]

Read More
10 Steps for Early Incident Detection

10 Steps for Early Incident Detection

by Cindy Valladares

We’ve all said it before: “When it comes to data breaches, it’s not a matter of IF but WHEN.” As we accept that eventually we’re going to have to respond to incidents, it just makes sense to focus our attention to detecting them earlier and effectively. I’ve recently had the pleasure of working with Brian Honan, [...]

Read More
Verizon’s latest breach delivery

Verizon’s latest breach delivery

by Dwayne Melancon

I was catching up on my backlog of podcasts last week, and listened to Episode 271 of the Network Security Podcast (part of my balanced diet of security fiber). If you’re not familiar with this podcast, it consists of Rich Mogull, Zach Lanier, and Martin McKeay shooting the breeze about security topics. It is very casual, and very informative – I recommend you subscribe if you haven’t already.

Read More
Check your doors and windows

Check your doors and windows

by Dwayne Melancon

Yesterday, I was reading about the Utah Department of Health’s recent breach, in which 500,000 patient records and 280,000 social security numbers were stolen. One of the things that jumped out at me was how insufficient configuration hardening played a role, based on a statement by the Utah Department of Technology Services (DTS).

Read More
Good resource on logging and retention practices – a legal perspective

Good resource on logging and retention practices – a legal perspective

by Dwayne Melancon

In the event of a data breach, law enforcement, regulators, payment card auditors, clients and others will ask about your log file management and your alerting protocols. Don’t be caught unaware.

Read More

← Previous Entries