the State of Security

Infosec

How To Deal with a Security Incident

How To Deal with a Security Incident

by Cindy Valladares

“Incidents are bound to happen, there’s no avoiding it!” Are you prepared to deal with a security breach? Infosec expert and ‘cynic’ Javvad Malik interviews Brian Honan (@BrianHonan on Twitter) internationally recognized information security expert, during Infosecurity Europe conference to offer tips on how to respond to security incidents. First tip? Identify if the problem [...]

Read More
The Best Information Security Advice (European Flavor)

The Best Information Security Advice (European Flavor)

by Cindy Valladares

As hundreds of security professionals gathered for the 2012 Infosecurity Europe conference in London, infosec expert and ‘cynic’ Javvad Malik surveyed the pros with a simple question: “What is the best security advice you have ever been given?” A surprising handful of answers revolve around items as simple as passwords. Check out this video to see [...]

Read More

Are your security people lying about the impacts? Probably, but not on purpose.

by Shawna Turner-Rice

Security is a complex, often nuanced, topic. Today there’s a lot of subjectivity in 100% security oriented discussions. Business people like non-squidgy objective numbers. To make security investment decisions, security people have to sell their area to the business; which means speaking their language. As a consequence, security people are often trying to make objective [...]

Read More
Challenges in placing information security teams in the right organizational structure

Challenges in placing information security teams in the right organizational structure

by Shawna Turner-Rice

I often write blogs based on what crosses my inbox during a week; and recently I saw just enough articles on who security should report to that I thought I’d select it as the topic du jour.  (Much like Adam, I rarely seem to get to writing these early. This isn’t a new topic, I [...]

Read More
Say it ain’t so! Risk Management isn’t a silver bullet with no problems?!

Say it ain’t so! Risk Management isn’t a silver bullet with no problems?!

by Shawna Turner-Rice

In a number of recent posts, Risk Management has been a hot topic. I’d hate to leave you with the impression that Risk Management is somehow a panacea for all security programs and problems. To address that, here’s a post dedicated to a specific wart on the complexion of risk management. Many people are data [...]

Read More
Friendly pwnage? Or just a public beat down?

Friendly pwnage? Or just a public beat down?

by Dwayne Melancon

It seems some hackers (known as “MalSec”) are going around to security companies, defacing their web sites, and leaving “polite warnings” that they’d better get their act together or they face the risk of being hacked in a more malicious fashion. Are these “helpful” hacks really helpful or not?

Read More

← Previous Entries