Security Management Strategies for the CIOAccess "Interview: Chris Nickerson of TruTV's 'Tiger Team'"
This article is part of the October 2008 issue of Security 7 Award winners sound off on key information security issues
Chris Nickerson is your worst nightmare. He's the guy you never see coming, the one who can slip into your data center, install malware on any server he chooses and ease out without so much as a shadow on your security cameras. Nickerson, CEO of Lares Consulting and part of the Tiger Team television series on TruTV, talks about the fun of penetration tests and the risks of outsourcing. Chris Nickerson You get paid to break into companies' buildings and networks. Why is that level of assessment necessary? Everywhere I've worked where I've owned the security program, the biggest problem I've had is getting funding to do security the right way. I've found that the more you showed someone and proved what you could do, they have a total psychosomatic reaction to it. When I can hold their passwords in front of them and I can show them a picture of me in their data center at 2 a.m. when there is nothing on their security cameras, it does the job. How did the Tiger Team TV show come about? I have some friends in the movie business who have technical backgrounds, and... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Embedded smart card chips are open to hack attacks
Using power analysis attacks, including Simple Power Analysis, hackers can attack the embedded microchips inside smart cards.
-
Product Review: Application Security Inc.'s AppDetectivePro
Application Security Inc.'s AppDetectivePro does deep inspections of database configurations to identify security issues. It's ideal for internal and external auditors, security professionals, consultants and others who need to perform on-the-fly database vulnerability assessments.
-
Learn how to choose NAC services
Figure out the right questions to ask your network access control (NAC) service provider or vendor.
-
Encryption no longer an optional technology
Unravel the ins and outs of how your organization should deploy encryption.
-
Embedded smart card chips are open to hack attacks
-
-
Security 7 Award winners tackle important information security issues
The 2008 Security 7 Award winners have their say on information sharing, perimeter security, relationships, convergence, strategy, history and progress.
-
Product Review: Finjan Vital Security NG-5000
Finjan's Finjan Vital Security NG-5000's Web filtering engines provide strong detection of Web-based security threats.
-
LogRhythm product review
LogRhythm is a cross-platform log management that manages audit files and IT security management processes.
-
Product Review: Cymphonix's Network Composer
Cymphonix's Network Composer is a security and visibility appliance that controls and monitorstraffic passing through the network perimeter to the Internet.
-
Security 7 Award winners tackle important information security issues
-
Columns
-
Bruce Schenier, Marcus Ranum debate risk management
Experts Bruce Schneier and Marcus Ranum debate whether risk management is an appropriate strategic direction for information security professionals to follow.
-
Combat social engineering the 'Carnegie' way
Dale Carnegie's "How to Win Friends and Influence People" can be a valuable tool for CISOs who are up against social engineering issues.
-
Interview: Chris Nickerson of TruTV's 'Tiger Team'
Chris Nickerson of Lares Consulting explains best practices for penetration tests and the risks of outsourcing.
-
Information security professionals have their say
Information Security magazine's Security 7 Award winners write personal essays on topics ranging from perimeter security, information sharing, physical and logical security convergence and progress made in the industry.
-
Bruce Schenier, Marcus Ranum debate risk management
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...