Security Management Strategies for the CIO-
Government cybersecurity: User-level security tools mitigate Fed insider risks
Taking on a new zero-trust model, many federal agencies are implementing insider threat controls at the user level.31 May 2011
-
Application log management: Enabling application security compliance
Expert Michael Cobb discusses how application audits and information and event management can save you time and energy with application security compliance.31 May 2011
-
IPv6 myths: Debunking misconceptions regarding IPv6 security features
Aggressive marketing has helped perpetuate a number of security-related IPv6 myths. Expert Fernando Gont helps separate myth from fact to ensure a secure IPv6 deployment.31 May 2011
-
Data breaches show enterprise need for better data security management
Sony and other data breaches suggest need for data accountability, better configuration management.27 May 2011
-
Mobility trend takes off in the enterprise but leaves out security
Banks and other businesses are rushing to jump on the mobility trend but leaving security behind.27 May 2011
-
Lack of SMB security opens door to online criminals
Online criminals have smaller targets firmly in their crosshairs.27 May 2011
-
Marcus Ranum and Bob Blakley discuss risk management failures
Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider.27 May 2011
-
Get actionable results from a security information management system
In order to get the best results, you need to limit your goals for SIM.27 May 2011
-
Revamped FISMA requirements aim to improve federal security
An automated tool and mandates for continuous monitoring try to improve federal information security efforts.27 May 2011
-
IT consumerization drives new security thinking
The influx of personal smartphones and other computing devices into the enterprise is forcing a shift in security strategy.27 May 2011
-
Eye On: Virtualization Security
SearchSecurity.com's "Eye On" series examines a security topic each month. In May, the series explores virtualization security and the technologies and methodologies available to reduce vulnerabili...25 May 2011
-
Reduce virtualization security risks by thinking physical, experts say
Firms reassessing their virtualized infrastructure should apply the same security best practices they’ve been using to secure their physical systems.25 May 2011
-
Smartphone theft, loss outweighs malware risk, McAfee report finds
Lost and stolen devices are seen as the greatest security concern for IT professionals, according to a new report by McAfee and Carnegie Mellon University.24 May 2011
-
tokenization
Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.23 May 2011
-
PCI DSS survey finds need for credit card tokenization guidance
Companies are considering tokenization as an alternative or in addition to encryption, a recent survey found.19 May 2011
-
IPv6 connectivity: Innovations address IPv6 security concerns
Researchers at Virginia Tech have created a tool called Moving Target IPv6 Defense in order to address looming IPv6 security issues.19 May 2011
-
Wikileaks insider threat: A lesson for government cybersecurity managers
The Wikileaks insider threat is not the first and will not be the last, however with the media hype Wikileaks has garnered, government cybersecurity managers are beginning to take different approac...18 May 2011
-
ICASI publishes new vulnerability reporting framework
A new Common Vulnerability Framework sets a standard so organizations can share vulnerability information in a common readable format.18 May 2011
-
IPSec VPN vs. SSL VPN: Comparing respective VPN security risks
When it comes to VPNs, which of the two most-used options -- IPSec or SSL -- presents the greater security threat? Expert Anand Sastry describes the pros and cons of each, as well as how to test yo...16 May 2011
-
VMware acquires Shavlik Technologies for vulnerability, configuration management
VMware adds to its portfolio of security services with Shavlik’s SaaS-based configuration and patch management software.16 May 2011
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central