Security Management Strategies for the CIOTOP STORIES:
RSA Conference 2012 keynote prescribes intelligence-driven security
RSA’s Arthur Coviello urged security pros to break down silos and intelligence-driven security programs, or face a tough year.
Dan Kaminsky offers unconventional wisdom on security innovation
Luminary Dan Kaminsky, known for his DNS research, pushed RSA Conference 2012 attendees toward security innovation by upending conventional wisdom.Research into cryptographic system limitations crucial, RSA panel says
Researchers testing some of the most relied upon cryptographic algorithms are making progress in breaking them, according to experts on the 2012 RSA Conference Cryptographer’s Panel.Follow our coverage on Twitter: @searchsecurity, @mike_mimoso, @rwestervelt, @marciasavage
Table of contents:
RSA 2012: Threat Detection and Prevention News
To get help with secure software development issues, find your own flaws
RSA Conference 2012 experts say finding and sharing real internal secure software development issues is the best motivator for change.Joe Security is pwned: Are security defense technologies working?
With the evolution of malware and threats, are security industry technologies like signature-based antivirus, and intrusion protection and detection working? Or, are we losing the battle?More threat detection and prevention stories from RSA:
- How to manage the compliance cycle to improve your compliance strategy
- Forget about hacktivists, say security experts
- Hacking back puts security on the offensive
- More than hype: Security big data helps bank to boost security program
- Rationalize compliance obligations to save time, money
- Study: Senior executives lack awareness of IT security and privacy
- Can SMBs sue their bank and recover losses from a hacked bank account?
RSA 2012: Mobile Device Security News
Smartphones and tablet devices are posing major challenges at enterprises. The bring your own device (BYOD) phenomena has strained corporate security policies and become a security quagmire for CISOs and IT teams. Learn about emerging best practices and common strategies shared at RSA 2012.
Experts say Android malware research can help Android app security
Android malware research experts at RSA Conference 2012 say using free tools to spot Android malware trends can help foster greater Android app security.
Copycat apps, runaway coding a growing threat, RSA panel says
Despite application store controls set by Apple and Google, a panel of mobile application security experts say the potential exists for weaponized applications.More mobile security stories from RSA:
- Mobile device attacks to enable more enterprise network intrusions
- CISOs fear lack of mobile device control, visibility, survey finds
- Developers must improve mobile app security or face backlash
- Mobile security, BYOD policy issues to trend at RSA 2012, analysts say
- PODCAST: RSA Preview - The Erosion of Digital Trust
RSA 2012: Cloud Security News
Companies continue to grapple with complex data management and networking security challenges introduced by the use of cloud computing services. This news section highlights the cloud computing security best practices and guidance for enterprises from RSA 2012 and the Cloud Security Alliance summit.
Security pros need to get in front of cloud computing trend, RSA panel says
Cloud computing is an inevitable shift in IT that security teams can’t stop, but innovative security pros can figure out ways to ensure it’s adopted safely.That was the message conveyed by a panel of security executives at the RSA Conference 2012 on Wednesday. The cloud computing trend is accelerating and security teams need to adapt, panelists said.
More cloud computing stories from RSA:
- Microsoft's Charney warns of big data privacy, security challenges
- Plan ahead for cloud computing breaches in cloud contracts
- Study shows cloud provider security better than on-premise
- CSA at RSA 2012: International cloud computing security standards needed
- Cloud computing security issues on tap at RSA 2012
- Cloud computing contracts: Tread carefully
- RSA attendees skeptical about cloud service provider security
- Cloud computing compliance: Visibility key
RSA 2012: Policy and Government News
Learn some of the ongoing compliance challenges faced by enterprises. Read about the regulatory landscape and how federal officials are addressing cyberwarfare, critical infrastructure protection and threat intelligence sharing. This news section explores the governmental and policy decisions that are discussed at RSA 2012.
FBI Director Mueller: For U.S., cybersecurity threats will surpass terrorism
At RSA Conference 2012, FBI Director Robert Mueller said the bureau is ramping up to fight cybersecurity threats and boost information-sharing efforts.Struggling to maintain compliance amidst conflicting priorities
Government and businesses – and individuals – often have competing priorities when it comes to information security and privacy, and those competing priorities are reflected in the multitude of ever-expanding compliance regulations in the U.S. IT pros are struggling to maintain compliance in light of these competing priorities and, from my vantage point sitting in on GRC sessions at RSA Conference 2012 this week, they are pretty stressed out.More policy and government stories from RSA:
RSA 2012: Security Product Announcements
Security vendors typically release major product updates or new security technologies and capabilities at RSA Conference. This section briefly covers some of the vendor product news showcased on the exposition floor at RSA 2012.
New Web app firewall added to Cyberoam’s UTM appliance range
Cyberoam introduced a new feature to its existing UTM appliance range at RSA Conference 2012 that detects illegitimate behavior from applications.LockPath updates Keylight risk management software tool
LockPath announced the release of version 2.2 of its Keylight risk management software tool at RSA 2012.More product announcements from RSA:
- HP releases new SIRM platform for risk management
- Lumeta releases IPsonar with enhanced network perimeter defense
- Lieberman Software introduces expansion of password manager, ERMP
- Latest version of Secunia Software Inspector launched at RSA 2012
- FireEye adds File Malware Protection System to existing platform
- Cisco SecureX strategy gets boost with application-aware firewall
- WatchGuard announces new unified threat management appliances at RSA
- Symantec to release the first layer of O3 cloud security gateway
- McAfee adds mobile security suite Enterprise Mobility Management 10.0
- IronKey releases cloud service, virtual desktop applications at RSA
- Trustwave announces new firewall, SIEM and intelligence program
- Prolexic to introduce DDoS mitigation service plan PLXconnect
- Akamai releases Web security monitoring platform Kona Site Defender
RSA 2012: Notable keynotes and panel discussions
RSA 2012: Trustworthy computing more important than ever, says Microsoft
Information security is becoming increasingly challenging rather than easier, according to Microsoft's Trustworthy Computing group.RSA 2012: SSL certificate authority security takes a beating
Researcher Moxie Marlinspike came down on certificate authority security at RSA Conference 2012, calling for trusted notary servers as an alternative.More notable keynotes and panel discussions:
- RSA takes market-leader position seriously, says Heiser
- OpenDNS hires away Websense CTO to guide enterprise DNS security services
- CrowdStrike to make RSA 2012 debut with Android attack via Webkit
- Cyberespionage attacks shine harsh light on security technology failures
- RSA 2012 talk to offer help understanding IPv6 security issues
- RSA Conference 2012 to highlight digital trust
- Security startups to unveil new security technology at RSA 2012