Security and Vulnerability Management

Security and vulnerability management

hole brick wall

police car in rear view mirror 000000773431

Using third-party vendors? Keep a close eye on them

Infosecurity is only as strong as the weakest link, and these days all eyes are on third-party vendor risk management.

Toward Omniscient Cybersecurity Systems

CISOs need an all-knowing central system to truly address their cybersecurity monitoring, diagnostics, and operations needs

Valuable Federal Cybersecurity Training for Critical Infrastructure Organizations

Little known ICS-CERT program provides free cybersecurity training for infosec professionals and gets rave reviews

Federal Cybersecurity Carrots and Sticks

Critical infrastructure cybersecurity professionals want to see more government incentives and harsher penalties.

Cybersecurity, Critical Infrastructure, and the Federal Government

Security professionals working at critical infrastructure organizations are unclear about US government’s cybersecurity strategy and want to see more federal participation

cutcaster 901483111 anti terror police force small

What can the military teach us about cybersecurity?

Teaching the workforce to create a heightened state of awareness.

estonia lead image

An entire country's data is getting backed up

The country of Estonia is backing up its entire government dataset, and also devising ways to operate through the cloud in the event of an attack by a foreign nation. Its neighbor is Russia.

RSA Conference Should Push For Technology Integration

Since cybersecurity software architecture has become an enterprise requirement, the RSA Conference should take a more proactive role in promoting technology integration

Threat Intelligence Sharing Momentum and Needs

Government and infosec industry should build upon threat intelligence energy by focusing on education, standards use-cases, and best practices

wordpress 265132 1280

How to avoid getting hacked due to vulnerable WordPress plugins

If you’re running a WordPress site and given the number of potentially show-stopping problems that exist, get fixed, and are replaced with new problems that are just as bad then you need to be on top of what plugins you’re using and...

Anticipating RSA 2015

Focus on threat detection/response, endpoints, threat intelligence, IAM, cloud, and SDN

A Security Intelligence reference model to assess your security posture

While Business Intelligence helps you identify business opportunities, SI helps you do much the same thing with threat information

Massive Enterprise Endpoint Security Opportunity

Next-generation endpoint security suite could be a billion dollar play

The Increasing Cybersecurity Attack Surface

New technology deployment opens cyber-threat vectors and makes security operations more complex

privacy policy 510733 1920

Qwerty Card: A lo-tech solution to managing hi-tech passwords

For a few years I’ve used a password system that’s been really successful and it's based on a simple formula ... but if that's too much for you check out Qwerty Card ...

password 397655 1280

Users plus passwords equals disaster

Lost productivity, lousy security, and serious financial risk are the results of poor password management. Do you really need any more reasons to do something about your users and their passwords?

Will Public/Private Threat Intelligence Sharing Work?

Past examples point to a mixed record of success and failure.

pci security compliance

Verizon report: Security testing compliance down from last year

Compliance rates between audits increased substantially across all PCI DSS requirements except for security testing, according to a report released Wednesday by Verizon. In particular, the ratio of companies compliant on Requirement...

Load More