the State of Security

IT Security

How To Deal with a Security Incident

How To Deal with a Security Incident

by Cindy Valladares

“Incidents are bound to happen, there’s no avoiding it!” Are you prepared to deal with a security breach? Infosec expert and ‘cynic’ Javvad Malik interviews Brian Honan (@BrianHonan on Twitter) internationally recognized information security expert, during Infosecurity Europe conference to offer tips on how to respond to security incidents. First tip? Identify if the problem [...]

Read More

Are your security people lying about the impacts? Probably, but not on purpose.

by Shawna Turner-Rice

Security is a complex, often nuanced, topic. Today there’s a lot of subjectivity in 100% security oriented discussions. Business people like non-squidgy objective numbers. To make security investment decisions, security people have to sell their area to the business; which means speaking their language. As a consequence, security people are often trying to make objective [...]

Read More
Challenges in placing information security teams in the right organizational structure

Challenges in placing information security teams in the right organizational structure

by Shawna Turner-Rice

I often write blogs based on what crosses my inbox during a week; and recently I saw just enough articles on who security should report to that I thought I’d select it as the topic du jour.  (Much like Adam, I rarely seem to get to writing these early. This isn’t a new topic, I [...]

Read More
Hardening your Systems is Job #1

Hardening your Systems is Job #1

by Crystal Miller

Hardening your security configurations is job #1 in preventing breaches and detecting and correcting any subsequent changes that weaken them. Yet in complex corporate IT settings, it’s easy to understand how basic steps to security are overlooked. Especially when everything you are doing is a #1 priority. In a 2011 June report entitled “Perceptions About Network Security,” [...]

Read More
Say it ain’t so! Risk Management isn’t a silver bullet with no problems?!

Say it ain’t so! Risk Management isn’t a silver bullet with no problems?!

by Shawna Turner-Rice

In a number of recent posts, Risk Management has been a hot topic. I’d hate to leave you with the impression that Risk Management is somehow a panacea for all security programs and problems. To address that, here’s a post dedicated to a specific wart on the complexion of risk management. Many people are data [...]

Read More
Friendly pwnage? Or just a public beat down?

Friendly pwnage? Or just a public beat down?

by Dwayne Melancon

It seems some hackers (known as “MalSec”) are going around to security companies, defacing their web sites, and leaving “polite warnings” that they’d better get their act together or they face the risk of being hacked in a more malicious fashion. Are these “helpful” hacks really helpful or not?

Read More

← Previous Entries