Security Management Strategies for the CIO-
Are Kindle Fire, Silk browser too risky for businesses?
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains.
-
The role of IAM systems in enterprise compliance
Learn about the identity management and compliance relationship and how IAM should and shouldn't support good enterprise compliance processes.
-
Exposed WPS flaw affects enterprise wireless security
The recent WPS flaw isn't just a consumer issue. Nick Lewis explains the effect on enterprise wireless security and how to avoid security issues.
-
The four vulnerable DNS components that enable attacks
DNS attack prevention demands an understanding of the four core DNS components attackers often target. Expert Char Sample explains.
-
Types of DNS attacks reveal DNS defense tactics
A thorough understanding of the types of DNS attacks, including DoS, reflector attacks and DNS cache poisoning, reveal key DNS defense tactics.
-
Will HTML5 security be better than Flash?
Will HTML5 replace Flash? Expert Michael Cobb discusses whether HTML5 security is better than Flash, and why HTML5 traffic can be harder to secure.
-
How to deal with antimalware overload
Enterprise antimalware has a way of spreading everywhere. Get Diana Kelley's advice on managing antimalware security products efficiently.
-
Planning for a DoS attack: What you need from an ISP
Expert Nick Lewis says an effective DoS attack responses demand better business continuity plans, including pre-negotiating with providers.
-
How should enterprises react to Google privacy changes?
Google’s tentacles reach deep into most enterprises, but should enterprises worry about the new Google privacy policy? Expert Michael Cobb discusses.
-
NSTIC: The future of online identity protection?
The new NSTIC identity proposal would have identity brokers handling enterprise merchant customer authentication. But can it work?
-
Testing firewalls: A three-step guide
There are three steps when testing firewalls for your organization. Expert Joel Snyder explains how to test a firewall.
-
Mitigating threats to customer-centric Web apps
New, interactive Web-facing applications are popping up all the time, but expert Nick Lewis advises enterprises on how to be vigilant against Web application threats.
-
PCI compliance: Who can perform the SAQ?
Expert Mike Chapple clarifies whether a PCI Level 2 merchant can carry out an annual PCI self-assessment questionnaire.
-
How to start a network security intelligence program
Use the network and host data at your disposal to create business-focused information security intelligence policies and strategies.
-
Set up your own secure enterprise Android app store
Reduce the risk posed by smartphones and mobile applications by setting up a corporate app store for users that helps ensure Android application security.
-
SIEM technology primer
After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses.
-
Career advice: Demand growing for security specialists
Recruiter Peter Rendall sees information security career paths leading toward security specialist jobs; SIEM, DLP and analysis are especially hot.
-
Primer: EU cookie compliance for U.S. enterprises
With recent changes to European data privacy laws, U.S. enterprises must make website changes to meet EU cookie compliance deadlines.
-
The case for integrating search, log analysis
Search is a key discipline for security log management. John Burke explains how to better search log files to improve security event log management.
-
SIEM system security: Protect the security nerve center
The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center.
-
Three simple rules for talking compliance with execs
Expert Mike Chapple explains how to communicate the status of a corporate compliance program to the board, including both successes and shortcomings.
-
Advanced malware and threat-detection products emerge
Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.
-
How to deploy network security devices the right way
John Burke offers advice on effectively deploying network security devices to protect sensitive data and manage the mobility boom in the enterprise.
-
Breach crisis: How to get better at intrusion detection
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis.