-
Spotlight article: Domain 9, Physical Security
Information security depends on the security and management of the physical space in which computer systems operate. Domain 9 of the Common Body of Knowledge addresses the challenges of securing the physical space, its systems and the people who work... Security School
-
Endpoint Security
Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network. chapter excerpt
-
Business continuity planning standards and guidelines
An excerpt from Chapter 1: Contingency and Continuity Planning of "Business Continuity and Disaster Recovery for InfoSec Managers," by John W. Rittinghouse and James F. Ransome. Book Chapter
-
Privacy Breach Impact Calculator
How much would a customer privacy breach impact your business? This calculator by information security and privacy expert Rebecca Herold, CISSP, CISM, provides an example of some of the items an organization should consider when estimating the potent... Privacy Breach Impact Cal
-
Incident response process brings ROI and peace of mind
In this excerpt of Chapter 2 from ISACA's Cybercrime: Incident Response and Digital Forensics, author Robert Schperberg looks at the benefits of instituting an incident response process. Reprint
-
Lesson/Domain 7 -- Security School: Training for CISSP Certification
Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge." School
-
Summer security quiz: Are you ready to go on vacation?
Take this short quiz to find out if you're really ready for the worst-case scenario. Quiz
-
Incident response policies and procedures
Learn how policies and procedures fit in incident response. Reprint
-
SIEM vendors make the case for extending SIEM product capabilities
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions. News | 01 Apr 2011
-
State CISOs lack authority to manage risks across agencies
Study finds the need for more oversight of state agencies and recommends new laws that hold agencies and third-party service providers accountable for their security programs. Article | 27 Sep 2010
-
Companies urged to share data breach information
Sharing breach data with law enforcement is necessary for fighting sophisticated online criminals, panelists say. Article | 03 Mar 2010
-
Enterprise botnets contain thousands of malware variants
Smaller and contained on company networks, enterprise botnets pose a greater danger because they are difficult to detect and remove, according to new research. Article | 15 Oct 2009
-
Senators hear call for federal cybersecurity restructuring
Congress is mulling over whether to give more authority on cybersecurity issues to the Department of Homeland Security or create a new office within the White House. Article | 28 Apr 2009
-
Firms muddle security breach response, expert says
Security incident handlers are at the core of the coordination problems during security incidents, says security expert and consultant Lenny Zeltser. Article | 18 Mar 2009
-
Microsoft Conficker worm offers attack prevention lesson
Though a payload hasn't been issued, the Conficker worm reminds security professionals to be actively protecting the network from attacks. Column | 24 Feb 2009
-
IT security pros face challenge during economic crisis
Steven Katz, widely recognized as one of the first CISOs in the security industry, has been keeping an eye on the current financial crisis and company information risk management processes. Katz, a former CISO at Citigroup, JP Morgan and Merrill Lync... Interview | 13 Oct 2008
-
Sound compliance policies, practices reduce legal costs
Results of a recent survey show that if large enterprises adhere to compliance best practices, they can significantly trim what they spend on legal fees. Article | 08 Sep 2008
-
Disaster recovery, security drive financial firm to Private IP
A financial firm picked Private IP to connect branch offices, build a disaster recovery site, and secure customer info. Also, the company will have fewer management headaches. Article | 17 Jan 2008
- See More: News on Information Security Incident Response-Detection and Analysis
-
How to create a problem management process flow to minimize incidents
Most organizations have an incident response team, but how many have a problem management team? Michael Cobb explains how problem management can prevent incidents. Tip
-
NMAP NSE tutorial: Network asset and vulnerability identification
In this screencast, expert Mike McLaughlin offers an NMAP NSE tutorial for enterprise network asset and vulnerability identification. Tip
-
Enterprise network forensic analysis: Reconstructing a breach
In the aftermath of a breach, what are the first steps security pros should take? Learn how to get started with enterprise network forensic analysis. Tip
-
Evolving IT security threats: Inside Web-based, social engineering attacks
Attackers have mixed a dangerous cocktail of social engineering, Web-based attacks and persistence. Lenny Zeltser explains how your organization can keep from drowning in malware. Tip
-
How to use the free eEye Retina scanner community edition
In this screencast, learn how to use the free community edition of the eEye Retina scanner. Tip
-
Incident response security plans for advanced persistent threat
Dealing with advanced persistent threat (APT) presents unique challenges. Learn how an incident repsonse program can save your enterprise from APT. Tip
-
McAfee update problem: Dealing with bad antivirus DAT files
While buggy antivirus DAT files are the exception rather than the rule, downloading them can cause just as much turmoil as a potential DDoS attack. In this tip from expert Ernie Hayden, learn how to prepare your enterprise network for any sort of maj... Tip
-
Create a data breach response plan in 10 easy steps
Having a solid data breach response plan in place can make the threat of a security breach less intimidating. In this tip, learn 10 steps to take that will lead to an effective data breach response plan. Tip
-
Defining an incident response process when short staffed
The incident response process can be difficult when short staffed. In this tip, learn how to put together a computer security incident response team by leveraging other departments in your organization. Tip
-
Creating a proactive enterprise security incident response program
Every organization should develop a proactive security incident response program to ensure that when an incident does occur, it can be handled quickly and efficiently. Contributor Marcos Christodonte II explains how. Tip
- See More: Tips on Information Security Incident Response-Detection and Analysis
-
Hacking detection: Using a Windows server comparison to find a hack
Find out what tools are the most useful for hacking detection, and if there is a way to conduct a Windows server comparison to find a hack. Ask the Expert
-
Detecting kernel intrusion attacks through network monitoring
Learn how to detect kernel intrusion attacks by monitoring your network closely and thoroughly. Ask the Expert
-
Smart card security: Disable a lost smart card and track with GPS?
Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation. Ask the Expert
-
Disaster recovery and business continuity tabletop exercises
When disaster strikes, will your enterprise be ready? In this security management expert response, David Mortman explains what questions to ask during disaster recovery and business continuity tabletop exercises. Ask the Expert
-
How to talk to executives after a data breach
In the wake of a data breach, how do you know when to talk to executives, and, more importantly, what to say? In this expert response, learn how to talk to executives after a data breach. Ask the Expert
-
A recovery point objective (RPO) vs. a recovery time objective (RTO)
When making business continuity and disaster recovery plans, it's essential to come up with a recovery point objective (RPO) and a recovery time objective (RTO), but what is the difference between the two? Find out more in this expert response. Ask the Expert
-
Data breach notification legislation: What info must be released?
In the wake of a credit card data breach, what customer data breach information must be released per data breach notification legislation? David Mortman addresses the question in this expert response. Ask the Expert
-
After a data breach, are there legal implications of sharing details?
After a data breach, it may be helpful to share the highs and lows of the experience with other companies to help prevent similiar breaches, but what are the legal implications of this? Learn how to share details without breaking the law or your ente... Ask the Expert
-
Boosting morale of the information security staff after a data breach
After a security breach, the morale of the security team can dwindle. Learn how to boost the morale of the information security staff, including strategies for improved security policy. Ask the Expert
-
Will the CERT security incident-response project benefit infosec pros?
Many security professionals lack a management-level understanding of incident response. Expert John Strand gives advice on how CERT security incident-response project can help. Ask the Expert
- See More: Expert Advice on Information Security Incident Response-Detection and Analysis
-
incident response
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. An in... Word
-
File integrity monitoring software benefits for the enterprise
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises. Video
-
Verizon VERIS: Wade Baker discusses incident sharing
In this video, Wade Baker discusses his company's incident sharing system, Verizon VERIS, and explains how they hope to improve the incident response process. Video
-
Jim Lewis on SCADA security threats, Stuxnet analysis
Jim Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, gives his analysis of the Stuxnet worm, and what he believes are the greatest threats to SCADA systems. Video
-
Incident response best practices
Do you know how to maximize your incident response management? Expert Lenny Zeltser discuses incident response best practices for policies, maturity and teams in this interivew. Video
-
How to be a Chief Information Security Officer (CISO)
If being a Chief Information Security Officer (CISO) is your dream job, this video is for you. Ernie Hayden, consultant and former CISO, gives advice on the essentials, including how to keep things running smoothly enough that you can take time off. Video
-
Incident response planning
Jack Phillips, managing partner of security research firm, IANS, talks about how companies can prepare to appropriately handle a security incident. Video
-
Security incident response 101
Even the best procedures fail to overcome the stresses in the initial throes of an incident. Security consultant Lenny Zeltser explains how to run a well coordinated response. Video
-
The challenges of incident response plans and procedures
Mandiant's Kevin Mandia reviews his top five incident response challenges. Video
-
File integrity monitoring software benefits for the enterprise
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises. Video
-
How to create a problem management process flow to minimize incidents
Most organizations have an incident response team, but how many have a problem management team? Michael Cobb explains how problem management can prevent incidents. Tip
-
NMAP NSE tutorial: Network asset and vulnerability identification
In this screencast, expert Mike McLaughlin offers an NMAP NSE tutorial for enterprise network asset and vulnerability identification. Tip
-
Enterprise network forensic analysis: Reconstructing a breach
In the aftermath of a breach, what are the first steps security pros should take? Learn how to get started with enterprise network forensic analysis. Tip
-
Verizon VERIS: Wade Baker discusses incident sharing
In this video, Wade Baker discusses his company's incident sharing system, Verizon VERIS, and explains how they hope to improve the incident response process. Video
-
Evolving IT security threats: Inside Web-based, social engineering attacks
Attackers have mixed a dangerous cocktail of social engineering, Web-based attacks and persistence. Lenny Zeltser explains how your organization can keep from drowning in malware. Tip
-
Jim Lewis on SCADA security threats, Stuxnet analysis
Jim Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, gives his analysis of the Stuxnet worm, and what he believes are the greatest threats to SCADA systems. Video
-
How to use the free eEye Retina scanner community edition
In this screencast, learn how to use the free community edition of the eEye Retina scanner. Tip
-
SIEM vendors make the case for extending SIEM product capabilities
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions. News
-
Incident response best practices
Do you know how to maximize your incident response management? Expert Lenny Zeltser discuses incident response best practices for policies, maturity and teams in this interivew. Video
- See More: All on Information Security Incident Response-Detection and Analysis
About Information Security Incident Response-Detection and Analysis
In this security incident response resource, learn what to do after a data security breach and how to handle a stolen laptop or data leakage incident. Get tips on developing an incident response plan, policy and training as well as managing the costs of a data security breach.