Welcome Guest. | Log In | Register | Membership Benefits

Overlook The Obvious And Risk Everything
Posted by Amy DeCarlo @ 10:08 AM ET | May 21, 2012

Failure to follow fundamental common-sense security policies can produce disastrous results, as the state of Utah discovered

Continue reading "Overlook The Obvious And Risk Everything"


Topics:   Security Services Tech Center : Security Views


Manage Risk As A Strategy, Comply With Regulations As A Tactic
Posted by Glenn S. Phillips @ 02:42 PM ET | May 17, 2012

Compliance alone should never be the only goal

Continue reading "Manage Risk As A Strategy, Comply With Regulations As A Tactic"


Topics:   Security Views : Compliance Tech Center


Screw Compliance, We're Trying to Survive
Posted by Glenn S. Phillips @ 09:13 AM ET | May 08, 2012

In tough times, compliance efforts may seem optional

Continue reading "Screw Compliance, We're Trying to Survive"


Topics:   Security Views : Compliance Tech Center


Effective Security Policy: Emphasis On Execution
Posted by Amy DeCarlo @ 09:12 AM ET | May 02, 2012

When it comes to mounting a successful defense in what is a fast-changing threat environment, best practices require consistent execution

Continue reading "Effective Security Policy: Emphasis On Execution"


Topics:   Security Services Tech Center : Security Views


What Works For One Does Not Work For Two
Posted by Glenn S. Phillips @ 08:29 AM ET | May 02, 2012

To remain compliant, your approach must grow in scale with your business

Continue reading "What Works For One Does Not Work For Two"


Topics:   Security Views : Compliance Tech Center


How Would You Architect A New Security Monitoring Product?
Posted by Andrew Hay @ 07:28 AM ET | Apr 30, 2012

Cloud, appliance, software? If you were planning on developing a security monitoring platform, which architecture would you use?

Continue reading "How Would You Architect A New Security Monitoring Product?"


Topics:   Security Monitoring Tech Center : Security Views


Security Bugs And Proofs Of Concept
Posted by Adrian Lane @ 02:50 PM ET | Apr 27, 2012

Oracle's recent patch contained exploit code

Continue reading "Security Bugs And Proofs Of Concept"


Topics:   Database Security Tech Center : Security Views


2012 U.S. Election And Targeted Attack Predictions
Posted by Tom Parker @ 06:38 PM ET | Apr 22, 2012

How the increased level and sophistication of of targeted attacks since 2008 may impact this year's U.S. Presidential election campaigns

Continue reading "2012 U.S. Election And Targeted Attack Predictions"


Topics:   Security Views : Advanced Threats Tech Center


You Need Help, Not An Accomplice
Posted by Glenn S. Phillips @ 09:35 AM ET | Apr 20, 2012

Compliance is about being better and not just proving you are right

Continue reading "You Need Help, Not An Accomplice"


Topics:   Security Views : Compliance Tech Center


Log Standards: Put Up, Shut Up, Give Up, Or Throw Up?
Posted by Andrew Hay @ 01:07 PM ET | Apr 16, 2012

Do we need logging standards, or should we just follow the leaders to help direct our logging efforts?

Continue reading "Log Standards: Put Up, Shut Up, Give Up, Or Throw Up?"


Topics:   Security Monitoring Tech Center : Security Views


Your Compliance Is Decaying Every Day
Posted by Glenn S. Phillips @ 11:26 AM ET | Apr 16, 2012

As soon as you train your colleagues about compliance, noncompliance is back in charge

Continue reading "Your Compliance Is Decaying Every Day"


Topics:   Security Views : Compliance Tech Center


Using Reverse Proxies To Secure Databases
Posted by Adrian Lane @ 01:21 PM ET | Apr 12, 2012

A look at database monitoring and reverse proxies

Continue reading "Using Reverse Proxies To Secure Databases"


Topics:   Database Security Tech Center : Security Views


Be Ready To Clean Up That Mess
Posted by Glenn S. Phillips @ 11:14 AM ET | Apr 11, 2012

Compliant systems do more than prevent problems -- they help solve problems that happen

Continue reading "Be Ready To Clean Up That Mess"


Topics:   Security Views : Compliance Tech Center


How Much Money Do You Need To Lose Before You Start Monitoring?
Posted by Andrew Hay @ 11:01 AM ET | Apr 09, 2012

At what point does turning a blind eye to the loss of revenue spark the inevitable conversation: 'Maybe we should be monitoring this infrastructure more closely?'

Continue reading "How Much Money Do You Need To Lose Before You Start Monitoring?"


Topics:   Security Monitoring Tech Center : Security Views


Database Security On The Cheap
Posted by Adrian Lane @ 12:41 PM ET | Apr 04, 2012

A look at some free tools to help tackle database security

Continue reading "Database Security On The Cheap"


Topics:   Database Security Tech Center : Security Views


Someone Left The Keys In Your Compliance System
Posted by Glenn S. Phillips @ 11:37 AM ET | Mar 29, 2012

Information security is at the mercy of your entire staff's habits

Continue reading "Someone Left The Keys In Your Compliance System"


Topics:   Security Views : Compliance Tech Center


A Single 'Pain' Of Glass?
Posted by Andrew Hay @ 10:28 PM ET | Mar 27, 2012

Is the often-pitched 'single pane of glass' a benefit to security monitoring tools or yet another point of contention?

Continue reading "A Single 'Pain' Of Glass?"


Topics:   Security Monitoring Tech Center : Security Views


Technology Cannot Solve All Your People Problems
Posted by Glenn S. Phillips @ 03:58 PM ET | Mar 22, 2012

Too many in business assume compliance is primarily a technology issue

Continue reading "Technology Cannot Solve All Your People Problems"


Topics:   Security Views : Compliance Tech Center


Online And Physical User Identities
Posted by Taher Elgamal @ 09:10 AM ET | Mar 20, 2012

Some data-owning businesses are getting into the Internet authentication market -- and that's good news

Continue reading "Online And Physical User Identities"


Topics:   Authentication Tech Center : Security Views


Nobody Cares About HIPAA
Posted by Glenn S. Phillips @ 03:27 PM ET | Mar 15, 2012

Compliance in many organizations is seen as only a costly inconvenience

Continue reading "Nobody Cares About HIPAA"


Topics:   Security Views : Compliance Tech Center


Silent Authentication
Posted by Taher Elgamal @ 10:00 AM ET | Mar 14, 2012

Authenticating users without explicit login

Continue reading "Silent Authentication"


Topics:   Authentication Tech Center : Security Views


Ron Was Wrong, Whit Is Right, And What You Need To Know
Posted by Vincent Liu @ 08:48 AM ET | Mar 13, 2012

Clarifying the technical findings on a weakness in RSA crypto keys and some recommendations on how to prepare and protect your assets from the next inevitable crypto weakness discovery

Continue reading "Ron Was Wrong, Whit Is Right, And What You Need To Know"


Topics:   Security Views : Vulnerability Management Tech Center


Big Data Security Or SIEM Buzzword Parity?
Posted by Andrew Hay @ 04:31 PM ET | Mar 09, 2012

If you attended the 2012 RSA Security Conference, BSides San Francisco, or the America’s Growth Capital Summit, you no doubt noticed claims of SIEM vendors jumping on the 'big data security' bandwagon

Continue reading "Big Data Security Or SIEM Buzzword Parity?"


Topics:   Security Monitoring Tech Center : Security Views


Six Things Management Needs To Better Understand About Compliance
Posted by Glenn S. Phillips @ 02:24 PM ET | Mar 08, 2012

It may be boring or scary to management, but compliance is ultimately their burden to bear

Continue reading "Six Things Management Needs To Better Understand About Compliance"


Topics:   Security Views : Compliance Tech Center


It's True: Compliance Can Be Good For Your Business
Posted by Glenn S. Phillips @ 08:32 AM ET | Mar 01, 2012

The best insurance for your organization is often the processes required for compliance

Continue reading "It's True: Compliance Can Be Good For Your Business"


Topics:   Security Views : Compliance Tech Center



Go on to the weblog archives...






  1. Cookies, Social Media And FireSheep
  2. SMB Guide To Credit Card Regulations, Part 2: The Low-Hanging Fruit
  3. HP And The Scary Corporate Fifth Column Concept
  4. Taking USB Attacks To The Next Level
  5. NoSQL: Not Much, Anyway
  1. Taking Cybersecurity Lessons To The Bank
  2. Researchers See Real-Time Phishing Jump
  3. 'BlackSheep' Sniffs Out Firesheep WiFi-Hacking
  4. Slideshow: Ten Free Security Monitoring Tools
  5. A Different Spin On Sleuthing Stuxnet
  6. M&A Activity Muddles Database Security
  1. Secure Managed Web Hosting Saves 960.gs from Malicious Hackers
  2. Access Governance as a Business Service: An Integrated Strategy for Automation with ITSM
  3. Business Driven Access Management and Governance: Simplifying the Delivery and Governance of Access Throughout
 
 


 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
 
  May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
  June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
 
Featured Webcasts
Featured Whitepapers
Featured Reports