Security Management Strategies for the CIO- Data Loss Prevention
- Data Analysis and Classification
- Data Security and Cloud Computing
- Identity Theft and Data Security Breaches
- Enterprise Data Governance
- Disk Encryption and File Encryption
- Database Security Management
Email Alerts
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Quiz: Database security issues
This 10-question quiz will test your knowledge of the key points we’ve covered in the webcast, podcast and tip in this database security school lesson.Quiz
-
Database security issues
The start of many data security issues is, of course, the database. In this security school, we'll examine the predominant database security vulnerabilities and offer best practices on how to monitor database access to detect potential security incidents.partOfGuideSeries
-
Case study: CDI launches aviation company DLP program on short runway
Technology services company CDI-Aerospace used a Verdasys DLP solution to manage third-party risk for a major aviation client.News | 24 May 2013
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.Tip
-
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Tip
-
DLP monitoring: Defining policies to monitor data
DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.Tip
-
Effective DLP products need data discovery and data fingerprinting
Effective DLP products must be able to handle data discovery to identify and monitor sensitive data. Learn why these features matter.Tip
- VIEW MORE ON : Data Loss Prevention
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Big data analytics: New patterns emerge for security
Will big data analytics make security better? With data scientists in short supply, solution providers rush to provide big data analytics tools.Feature
-
The rapid evolution of MDM solutions
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the rapid turnover in consumer mobile technology, have left many organizations grappling with MDM requirements.
Our June cover story provides insight into the mobility adoption trends, cross-industry issues, and MDM solutions best fit to varying requirements. Technology advances range from nascent network-based mobile device management (NMDM) to software-based approaches such as mobile application management (MAM), native container device management, and more. We also look at big data analytics and security this month, and how early adopters are expanding the definition of risk to all part of the business. Finally, we provide an update on FedRAMP. Does it go far enough, and how will the continuous monitoring of cloud service providers be handled?E-Zine -
Big data analytics: New patterns emerge for security
-
Using network flow analysis to improve network security visibility
To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.Tip
-
Bruce Schneier explains why there is no privacy on the Internet
Video: Bruce Schneier provides three examples to prove there is no privacy on the Internet. Is government regulation needed?Video
-
RSA 2013: More from Coviello on big data analytics in the security industry
RSA's Art Coviello explains why the shortcomings of current mainstream security products are part of what's driving enterprise interest in big data.News | 28 Feb 2013
-
Big data 2.0: CISOs push need to identify attack campaigns
CISOs at RSA Conference 2013 say identifying attack campaigns means taking security big data to the next level. The hard part? Finding data analysts.News | 27 Feb 2013
-
Managing big data privacy concerns: Tactics for proactive enterprises
The growing use of big data analytics has created big data privacy concerns, yet viable tactics exist for proactive enterprises to help enterprises get smarter while keeping consumers happy.Feature
- VIEW MORE ON : Data Analysis and Classification
-
What you need to know about containerized data center security
Part of the draw of containerized data centers is ease and speed of deployment, but these features also pose security risks.Answer
-
Readers' Choice Awards 2012
For the seventh consecutive year, Information Security readers voted to determine the best security products. More than 2,000 voters participated this year, rating products in 14 different categories.guideSeries
-
FFIEC statement on cloud risk misses the mark
Bank regulators provide few details on managing cloud risks.News | 26 Jul 2012
-
Do you need virtual firewalls? What to consider first
With virtual firewalls, you can avoid routing traffic out of the virtual environment to pass through a physical firewall. But there are challenges to consider in going virtual.Tip
-
Cloud endpoint security: Considerations for cloud security services
Mike Chapple details discuses considerations for using cloud security services, specifically cloud endpoint security.Answer
-
Monitor outbound traffic: Full-packet capture or only capture network flow data?
If an enterprise can't afford to implement full-packet capture, expert Mike Chapple recommends trying to capture network flow data instead.Answer
-
DHS cloud computing: Homeland Security’s model private cloud strategy
Using private cloud at separate data centers has allowed the Department of Homeland Security to strike a balance between security and cost savings.News | 05 Oct 2011
-
Breach fears push federal cloud computing initiative to private cloud
Trapped between budget constraints and security fears, government agencies are increasingly opting for private clouds.News | 20 Sep 2011
-
XACML tutorial: Using XACML as a foundation for entitlement management
Learn how to use XACML to externalize fine-grained authorization from application logic and support cloud-based IAM initiatives.Tip
-
homomorphic encryption
Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Homomorphic encryptions allow complex mathematical operations to be performed on encrypted data without compromising the encryption.Definition
- VIEW MORE ON : Data Security and Cloud Computing
-
To improve breach detection, revisit intrusion detection techniques
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis.Tip
-
Feds catch hackers behind worldwide data breaches
Feds indict, unmask hackers behind largest known data breach conspiracy targeting worldwide financial institutes, payment processors and retailers.News | 26 Jul 2013
-
Turkish researcher claims responsibility for Apple dev site hack
Turkish researcher Ibrahim Balic says he found multiple vulnerabilities at Apple's developer website, but did not intend to bring the site down.News | 22 Jul 2013
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
California data breach report: 2.5M residents at risk of identity theft
In 2012, data breaches in California put 2.5 million residents at risk of identity theft.News | 08 Jul 2013
-
Aligning business and IT security: Learning from South Carolina breach
Ernie Hayden details how South Carolina's Department of Revenue breach proves business and IT security are often out of alignment, and how to fix it.Tip
-
BSIMM4 measures and advances secure application development
The fourth iteration of the Building Security In Maturity Model project is a tool you can use as a measuring stick for software security initiatives.Feature
-
Data breach protection requires new barriers
Assumption of breach is the new norm. Can this shift help organizations build better levels of data breach protection?Feature
-
Data breach protection requires new barriers
- VIEW MORE ON : Identity Theft and Data Security Breaches
-
The advantages of digital watermarking in enterprise data protection
Expert Michael Cobb explains the advantages of digital watermarking and analyzes whether improved data security is one of them.Answer
-
No firewall? How disabling the firewall can improve network security
Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.Tip
-
Gary McGraw: NSA data collection programs demand discussion, scrutiny
Opinion: Gary McGraw details the various and sundry NSA data collection programs and explains why all its efforts demand new discussion and scrutiny.Opinion
-
For CISOs, California Right to Know Act would raise privacy emphasis
The proposed California Right to Know Act may compel CISOs to develop additional privacy policies or create new privacy officer roles.News | 09 Apr 2013
-
ISM January 2003 Konstantaras
-
enhanced driver's license (EDL)
An enhanced driver's license (EDL) is a government-issued permit that, in addition to the standard features of a driver's license, includes an RFID tag that allows officials to pull up the owner's biographical and biometric data.Definition
-
Logging in the cloud: Assessing the options and key considerations
Expert Dave Shackleford considers a variety of options for logging in the cloud and determines which choice works best for enterprises.Tip
-
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.Column
-
Protecting Intellectual Property: Best Practices
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
-
E-discovery forces security organizations to prepare for eventual litigation
- VIEW MORE ON : Enterprise Data Governance
-
How to protect data from ransomware malware
It can be difficult to recover data that is encrypted by ransomware malware -- unless you have expert Nick Lewis' recommendations in place.Answer
-
evil maid attack
An evil maid attack is a security exploit that targets a computing device that has been shut down and left unattended. An evil maid attack is characterized by the attacker's ability to physically access the target multiple times without the owner's knowledge. Definition
-
Gary McGraw: NSA data collection programs demand discussion, scrutiny
Opinion: Gary McGraw details the various and sundry NSA data collection programs and explains why all its efforts demand new discussion and scrutiny.Opinion
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.Tip
-
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Tip
-
DLP monitoring: Defining policies to monitor data
DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.Tip
-
Effective DLP products need data discovery and data fingerprinting
Effective DLP products must be able to handle data discovery to identify and monitor sensitive data. Learn why these features matter.Tip
-
Choosing security products: DLP technology
Data loss prevention technology remains critical in preventing data leakage. In this guide, learn what to consider when evaluating DLP products.guide
-
Certain Cisco IOS, IOS XE devices susceptible to brute-force attacks
Cisco has issued a security advisory after Hashcat researchers disclosed a password flaw in IOS and IOS XE devices that enable brute-force attacks.News | 20 Mar 2013
- VIEW MORE ON : Disk Encryption and File Encryption
-
Practical advice for managing DLP technology effectively
In this podcast, Kevin Beaver provides advice for managing DLP technology in your environment to ensure a successful data loss prevention program.Podcast
-
Data loss prevention tools: Understanding your options
Video: Kevin Beaver uses real-life experiences with data loss prevention tools to help you with your technology choices, rollout and management.Video
-
Microsoft SQL Server security best practices checklist
Authentication, complex passwords and limiting permissions are three of the top bullet points on this SQL Server security best practices checklist.Tip
-
Understanding database security issues
This presentation takes a look at vulnerabilities that directly affect database security and what enterprises should do to monitor database access to detect potential security incidents.Video
-
Database security issues
The start of many data security issues is, of course, the database. In this security school, we'll examine the predominant database security vulnerabilities and offer best practices on how to monitor database access to detect potential security incidents.partOfGuideSeries
-
engine-level encryption
Engine-level encryption is cryptographic encoding and decoding of data that is executed within a database engine.Definition
-
Privileged user management a must for DBAs
Trust, but verify. Ronald Reagan made it popular, and it's certainly relevant for DBAs in today's consolidated, virtualized IT world.Oracle Revelations | 15 May 2013
-
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Tip
-
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.Tip
-
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Tip
- VIEW MORE ON : Database Security Management