Security Management Strategies for the CIO-
Evaluating embedded systems security in the enterprise
Recent high-profile printer vulnerabilities illustrate why enterprises need to be aware of embedded systems security. Expert Nick Lewis discusses.
-
Inside PCI DSS Risk Assessment Guidelines
Mike Chapple outlines the recommendations in the PCI DSS Risk Assessment Guidelines and explains how they can make a compliance program stronger.
-
Analysis: What Gigabit Wi-Fi means for network security
Will Gigabit Wi-Fi significantly alter network security, or will it mean business as usual? Expert Brad Casey discusses the new 802.11ac standard.
-
Patch management on a budget? Try virtual patching
Struggling to bring the cost of the patch management process down? Expert Michael Cobb suggests virtual patching and automated tools can play a role.
-
Concerned about business logic abuse? Improve the SDLC
Expert Nick Lewis details the threat posed by business logic attacks and how stressing the importance of security in the SDLC can reduce that threat.
-
Ensuring an ultra-redundant network security posture
Matthew Pascucci discusses layered security, explaining how to apply defense-in-depth principles toward an ultra-redundant network security posture.
-
How to prepare for the eventual arrival of SHA-3
Expert Michael Cobb digs into Keccak, the winner of NIST's SHA-3 algorithm competition, to guide infosec teams on how to prepare for its arrival.
-
SSL certificate management: Avoiding mistakes
Errors are bound to occur when SSL certificate management is handled manually. Learn how to avoid these common mistakes.
-
The case for an iOS and Android BYOD program
All BYOD platform options come with cost and risk. Craig Mathias explains why an iOS and Android BYOD program is viable for most organizations.
-
Assessing the security of Adobe's certificates
After a recent attack on Adobe, what mitigations should be put in place to avoid security issues with Adobe certificates? Expert Nick Lewis advises.
-
Explained: How a NGFW prevents application attacks
Next-generation firewalls can block common yet dangerous SQL-injection and buffer-overflow attacks. Learn how an NGFW stops application-layer attacks.
-
Complying with new COPPA regulations
After 15 years, the FTC announced updated COPPA regulations effective July 2013. Learn how to deal with this updated child Internet privacy mandate.
-
Top five free network intrusion detection tools
Snort is one of the industry's top network intrusion-detection tools, but there are plenty of free alternatives. Matthew Pascucci discusses.
-
How to implement and supplement remote wipe for BYOD
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.
-
Windows Server 2012 security: What to expect
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.
-
The Stored Communications Act and workplace privacy
A state supreme court decision addressing webmail hacking under the Stored Communications Act affects email privacy and the ability to sue hackers.
-
Analysis of new PCI mobile payment security guidelines
The PCI SSC recently released mobile application development security guidelines. Mike Chapple outlines the document and highlights key takeaways.
-
Learn to manage VPN leaks on dual-stack networks
The ongoing transition to IPv6 has revealed security issues with VPN leaks on dual-stack networks. Fernando Gont explains and offers mitigations.
-
Why having a CISO can reduce data breach costs
Filling the CISO position with the right person can reduce the costs a company will experience from a data breach. Expert Ernest Hayden explains why.
-
The Java security crisis: Using the JRE safely
Constant Java security vulnerabilities plague Oracle and enterprises alike. Expert Nick Lewis offers tips on how to use Java and the JRE securely.
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.