Security Management Strategies for the CIO
Email Alerts
-
cut-and-paste attack
A cut-and-paste attack is an assault on the integrity of a security system in which the attacker substitutes a section of ciphertext (encrypted text) with a different section that looks like (but is not the same as) the one removed. Definition
-
What is a logic bomb?
A logic bomb is a dangerous piece of software designed to damage a computer or network and cause massive data destruction. In this SearchSecurity.com Q&A, Ed Skoudis explains how an enterprise can prepare for a hacker's detonation. Ask the Expert
-
Are encryption products better than self-destructing data?
Although spy vs. spy shows may have made lost data deletion technologies a fun gimmick, information security threat expert Ed Skoudis explains the data protection problems that may arise when a tape "will destruct in five seconds." Ask the Expert
-
Two men plead guilty in supermarket data security breach
Two Los Angeles area men plead guilty to using devices to bilk debit and credit card data from Stop & Shop supermarkets in Massachusetts and Rhode Island. Article
-
Springing leaks: Getting smart about data loss prevention
Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined. Article
-
What should be done with a RAID-5 array's failed drives?
Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data. Ask the Expert
-
How secure are document scanners and other 'scan to email' appliances?
Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices. Ask the Expert
-
data splitting
Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers. Definition
-
What are the alternatives to RC4 and symmetric cryptography systems?
In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how RC4 encryption stacks up against public key cryptography. Ask the Expert
-
What are the best security practices to consider when developing a corporate blog?
Creating a corporate blog can sensitize your corporation to attacks or information theft. In this SearchSecurity.com Q&A, security expert Mike Rothman unveils the best practices to consider when developing a blog for your enterprise. Ask the Expert