Security Management Strategies for the CIO-
WhatIs definition: COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.13 Sep 2013
-
CISO details PCI cloud process for service providers
On the heels of Echopass achieving PCI Level 1 certification, CISO Dennis Empey offers PCI guidance for other cloud providers navigating the process.13 Sep 2013
-
A decade later: SOX program management best practices
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.12 Sep 2013
-
Using a next-gen firewall to determine application access policies
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.11 Sep 2013
-
Patch Tuesday September 2013: Critical bulletins for Office, SharePoint, IE
The September 2013 Patch Tuesday releases included 13 bulletins from Microsoft, four deemed critical.10 Sep 2013
-
The 2013 OWASP Top 10 list: What's changed and how to respond
Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.10 Sep 2013
-
Does Content-Agnostic Malware Protection improve Chrome security?
Expert Michael Cobb explains how Content-Agnostic Malware Protection, or CAMP for Chrome, works and whether the feature improves Chrome security.10 Sep 2013
-
Do two-factor authentication vulnerabilities outweigh the benefits?
Two-factor authentication vulnerabilities are a real concern, but should they deter enterprises from deploying 2FA? Expert Michael Cobb discusses.10 Sep 2013
-
Opinion: Software [in]security -- software flaws in application architecture
Many defects aren't found with code review. Gary McGraw and Jim DelGrosso think architectural risk analysis is a must to uncover software flaws.10 Sep 2013
-
Can an unqualified domain name cause man-in-the-middle attacks?
An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.10 Sep 2013
-
Next-generation firewall products: Ready or not, here they come
Video: David Strom explains how to succeed with next-gen firewall products and avoid problems caused by bad documentation and conflicting products.10 Sep 2013
-
RC4 attack details: Can the RC4 encryption algorithm protect SSL/TLS?
Expert Michael Cobb provides background on the RC4 encryption algorithm and determines whether a recent RC4 attack signals trouble for SSL/TLS users.09 Sep 2013
-
COBIT
COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.06 Sep 2013
-
Damballa adds HTTP request profiling to its ATP platform
Damballa is adding HTTP request profiling to its advanced threat protection platform to detect malware that bypasses traditional security approaches.05 Sep 2013
-
IT security frameworks and standards: Choosing the right one
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.05 Sep 2013
-
Data-classification levels for compliance: Why simple is best
The best data-classification programs are simple and easy to use. Expert Mike Chapple outlines his four must-have data-classification categories.05 Sep 2013
-
How to change BAAs to comply with the HIPAA Omnibus Rule 2013
The 2013 HIPAA Omnibus Rule requires changes to HIPAA business associate agreements. Expert Mike Chapple explains how to comply.04 Sep 2013
-
Next-generation firewalls play by new rules EEL
We take a look at the key developments that define next-generation firewalls from application awareness to intrusion prevention techniques.04 Sep 2013
-
Member Exclusive Downloads on SearchSecurity.com
The increase of BYOD in the enterprise has forced IT security teams to find new ways to secure corporate and personal data while allowing flexible user access. In this Tech Guide, learn vital infor...03 Sep 2013
-
Cybersecurity: Global risk management moves beyond regulations
Global risk management based on the lowest common denominator may not ‘comply' with IP or trade secrets. Analysts see big changes ahead.03 Sep 2013
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central