Access "GRC Management and Critical Infrastructure Protection"
This article is part of the Nov. 2012/Volume 14/No. 9 issue of Seven Outstanding Security Pros in 2012
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure. Access >>>
Premium Content for Free.
PDF download: Information Security magazine November 2012
by Information Security magazine staff
In this issue, find out who won this year’s Security 7 Award, Also, we examine the pros and cons of the Metasploit penetration testing framework.
Information Security Decisions: From Dogma to Data
by Wade Baker
The information security field needs to overcome information sharing roadblocks to improve decision making.
Security Warrior for Cloud Transparency
by Jim Reavis
Ron Knode, who passed away earlier this year, was a tireless advocate for cloud security transparency.
Security Risk Assessment a Team Effort at Notre Dame
by David Seidl
The university created a committee to tackle risk assessment on an ongoing basis.
The new era of big data security analytics
by Preston Wood
The information security industry needs to shift its focus to data-driven security.
Cloud Compliance: Tackling Compliance in the cloud
by Davi Ottenheimer
Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.
- PDF download: Information Security magazine November 2012 by Information Security magazine staff
Old Application Vulnerabilities, Misconfigurations Continue to Haunt
by Robert Westervelt
Flaws in legacy applications and configuration blunders still plague organizations, experts say.
Developing a BYOD Strategy
by Krishnan Chellakari
Organizations need to consider benefits and risks as they embrace BYOD.
GRC Management and Critical Infrastructure Protection
by Doug Powell
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.
FISMA Compliance and the Evolution to Continuous Monitoring
by John Streufert
The U.S. Department of State developed a system for improving federal cybersecurity.
Metasploit Review: Ten Years Later, Are We Any More Secure?
by George V. Hulme, Contributor
Some say the pen testing framework is a critical tool for improving enterprise security, while others say it helps attackers.
- Old Application Vulnerabilities, Misconfigurations Continue to Haunt by Robert Westervelt
Security 7 Award 2012: Seven Outstanding Information Security Pros
by Marcia Savage
This year’s award recognizes talented pros in an industry that presents relentless challenges.
Protecting Intellectual Property: Best Practices
by Peter J. Toren
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
Pros and Cons of Information Security Certifications
by Doug Jacobson and Julia A. Rursch
Educating the security professional requires far more than a certification exam.
Marcus Ranum chat: Next-generation SIEM
by Anton Chuvakin
Security expert Marcus Ranum goes one-on-one with Gartner’s Anton Chuvakin about SIEM technology and where it’s headed.
- Security 7 Award 2012: Seven Outstanding Information Security Pros by Marcia Savage
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...