Issue OverviewInformation Security magazine - Nov. 2012/Volume 14/No. 9
Find out who won this year’s Security 7 Award, which honors outstanding security professionals in seven vertical markets. Also in this issue, we examine the pros and cons of the Metasploit penetration testing framework, and ways to overcome cloud compliance challenges. Access >>>
Premium Content for Free.
PDF download: Information Security magazine November 2012
by Information Security magazine staff
In this issue, find out who won this year’s Security 7 Award, Also, we examine the pros and cons of the Metasploit penetration testing framework.
Information Security Decisions: From Dogma to Data
by Wade Baker
The information security field needs to overcome information sharing roadblocks to improve decision making.
Security Warrior for Cloud Transparency
by Jim Reavis
Ron Knode, who passed away earlier this year, was a tireless advocate for cloud security transparency.
Security Risk Assessment a Team Effort at Notre Dame
by David Seidl
The university created a committee to tackle risk assessment on an ongoing basis.
The new era of big data security analytics
by Preston Wood
The information security industry needs to shift its focus to data-driven security.
Cloud Compliance: Tackling Compliance in the cloud
by Davi Ottenheimer
Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.
- PDF download: Information Security magazine November 2012 by Information Security magazine staff
Old Application Vulnerabilities, Misconfigurations Continue to Haunt
by Robert Westervelt
Flaws in legacy applications and configuration blunders still plague organizations, experts say.
Developing a BYOD Strategy
by Krishnan Chellakari
Organizations need to consider benefits and risks as they embrace BYOD.
GRC Management and Critical Infrastructure Protection
by Doug Powell
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.
FISMA Compliance and the Evolution to Continuous Monitoring
by John Streufert
The U.S. Department of State developed a system for improving federal cybersecurity.
Metasploit Review: Ten Years Later, Are We Any More Secure?
by George V. Hulme, Contributor
Some say the pen testing framework is a critical tool for improving enterprise security, while others say it helps attackers.
- Old Application Vulnerabilities, Misconfigurations Continue to Haunt by Robert Westervelt
Security 7 Award 2012: Seven Outstanding Information Security Pros
by Marcia Savage
This year’s award recognizes talented pros in an industry that presents relentless challenges.
Protecting Intellectual Property: Best Practices
by Peter J. Toren
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
Pros and Cons of Information Security Certifications
by Doug Jacobson and Julia A. Rursch
Educating the security professional requires far more than a certification exam.
Marcus Ranum chat: Next-generation SIEM
by Anton Chuvakin
Security expert Marcus Ranum goes one-on-one with Gartner’s Anton Chuvakin about SIEM technology and where it’s headed.
- Security 7 Award 2012: Seven Outstanding Information Security Pros by Marcia Savage
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...