RSA Conference 2015 special coverage: News, analysis and video

• 

  Article

  Despite benefits, skepticism surrounds bug bounty programs

  Some people think bug bounty programs are the answers to vulnerability woes, yet others remain skeptical of the negative impacts they present. RSA Conference panelists discussed both sides of one of today's hottest and most controversial IT topics. Read Now

• 

  Article

  Open source threat model aims to make enterprise safer with less work

  An open source threat model is aiming to be a repository for risk assessment with the aim of allowing enterprise to focus on creating the right security controls for each business. Read Now

• 

  Article

  Industry experts warn only cyberliability insurance covers breaches

  Cyberliability insurance gains popularity as industry experts warn that, contrary to popular belief, general insurance won't protect against cyberattacks. Read Now

• 

  Article

  Port monitoring critical to detecting, mitigating attacks using SSL

  As SSL traffic increases, so inevitably will the number of attacks using it to hide. A session at RSA Conference 2015 explained why hackers love SSL, and how enterprises can defend against them. Read Now

1IoT, threat intelligence and security analytics

As interest in threat intelligence and security analytics skyrockets, plenty of other emerging technologies related to the Internet of Things, cloud computing, big data and the consumerization of IT are having a tremendous effect on enterprise information security programs. Learn what experts and practitioners are doing to get ahead of the negative security implications of emerging technologies.

• Article

  Cloud visibility a top concern ahead of RSA Conference 2015

  In the cloud security realm, experts say improved cloud visibility and big data analytics are expected to be major themes at this year's RSA Conference.  Read Now

• Article

  CSA, (ISC)2 introduce new cloud security certification

  The Cloud Security Alliance and the International Information Systems Security Certification Consortium introduced a new, jointly developed cloud security certification. Read Now

• Article

  Waratek grabs RSA Innovation Sandbox honors

  Runtime application self-protection startup Waratek wins coveted RSA Innovation award. Read Now

• Article

  Threat intelligence programs maturing despite staffing, tech obstacles

  A Forrester analyst told RSA Conference 2015 attendees that enterprise threat intelligence programs are maturing, though obstacles like nascent technology and hard-to-find employees mean some firms may never reach full maturity.  Read Now

• Article

  Government cybersecurity experts push for better information sharing

  At RSA 2015, former federal officials called for better government cybersecurity cooperation between agencies and with the private sector.  Read Now

• Article

  IoT discovery and federation controls lacking

  IoT discovery and federation controls are lacking. Benjamin Jun says the answer is to build better IoT federation and trust protocols.  Read Now

• Article

  How WestJet Airlines nixed network complexity, boosted security

  At an RSA Conference session, attendees learned how WestJet Airlines' Security Architecture Made Simple with software-defined security and automation reduced network turbulence.  Read Now

2 Exploring enterprise security management issues

A CISO's life is rarely ever dull. Security policies, metrics and program management issues may not seem exciting, but each can be key to preventing a devastating data breach or security incident. Learn how to get ahead of these and other vexing enterprise information security management issues with advice from experts at RSA Conference 2015.

• Article

  IT security and compliance: Get leadership on board to find balance

  At an RSA Conference 2015 session, finance information security officer Steve Winterfeld explained why having complementary IT security and compliance strategies requires leadership buy-in and cooperation. Read Now

• Article

  Successful women in security tout need for mentoring, encouragement

  Female infosec pros say the industry needs to do more to not only encourage women to pursue infosec careers, but also help mentor them along the way. Read Now

• Article

  Hiring millennials key to reducing security workforce shortage

  At RSA Conference 2015, speakers at an (ISC)2 panel said attracting and hiring millennials is a huge key to alleviating the worsening information security workforce shortage. Read Now

• Article

  Qualys introduces new Web application firewall, cloud agent at RSA 2015

  Qualys introduced three new offerings at RSA Conference 2015, including an improved Web application firewall and a new cloud agent platform.  Read Now

• Article

  Amazon, Google highlight cloud provider security issues at RSAC 2015

  Amazon, Google, Microsoft and others discussed a range of cloud security issues during a panel discussion at RSA Conference 2015. Read Now

• Article

  Charney: Cloud computing transparency, control key to better security

  At RSA Conference 2015, Microsoft's Scott Charney said cloud security products are the future, but to gain the trust of enterprise customers, they need to offer better cloud computing transparency and control. Read Now

• Article

  Cloud privacy, security improving, but obstacles remain

  At RSA Conference 2015 security officials from Microsoft, Google and more discussed cloud security and privacy improvements and top threats today. Read Now

• Article

  Pescatore on security success: Breach prevention is possible

  At RSA Conference 2015, John Pescatore offered real-world case studies proving that information security technologies can help prevent data breaches. Read Now

• Article

  Effective data breach response plans hinge on human preparedness

  Experts at a Verizon event at RSA Conference 2015 say no data breach response plan is complete until certain human factors are considered. Read Now

• Article

  RSA attendees ponder how to trim bloated security portfolios

  At a roundtable discussion at RSA Conference 2015, security admins pondered what to do about bloated security portfolios. Read Now

• Article

  Clarity needed to cultivate next-gen cybersecurity workforce

  Millennials are hesitant to pursue a career in cybersecurity, mainly because they aren't sure exactly what the job entails -- and if they have the proper training for it. Read Now

• Article

  On healthcare data security, not all security pros see unique challenges

  At an RSA Conference 2015 discussion on healthcare data security, experts with decades of experience perceive a unique challenge, while security pros see similarities with other verticals. Read Now

• Article

  DevOps explained: Why experts call DevOps and security a perfect match

  At RSA Conference 2015, a pair of DevOps proponents explained why the nascent movement to integrate development and IT operations staff pays security dividends. Read Now

3RSA 2015 video

Our editors and reporters talk with security experts on the hottest topics emerging from this year's RSA Conference.

• Video

  Watters: 'Cyber officers' are now risk officers for businesses

  More data is thought to be a good thing in terms of threat intelligence, but iSight CEO John Watters says enterprises need to be aware of the quality and context of the data when assessing risk. Watch Now

• Video

  Growing threats make security vulnerability management essential

  At RSA Conference 2015, Qualys CTO Wolfgang Kandek said enterprises need to be smart about how they tackle security vulnerabilities because there are simply too many for organizations to handle. Watch Now

• Video

  Haven't suffered a network security breach recently? Think again

  If you think your organization hasn't suffered a network security breach in the last six months, you're just not looking closely enough, according to Eric Cole at RSA Conference 2015. Watch Now

• Video

  Advice to help today's CISOs succeed at security leadership

  Renee Guttmann, vice president of the Office of the CISO at Accuvant, talks to SearchSecurity about security leadership, and offers advice to today's aspiring CISOs. Watch Now

• Video

  Why Web browser security is a goldmine for attackers

  Video: Robert 'RSnake' Hansen of WhiteHat Security discusses Web browser security, third-party software vulnerabilities and the sad state of browser security throughout the industry. Watch Now

• Video

  Too much emphasis on threat intelligence sharing, Gula says

  Tenable founder Ron Gula says sharing information to detect threats is great, but getting the security posture properly designed is the better option.  Watch Now

• Video

  Security information sharing, visibility a missed opportunity

  Video: Security information sharing and visibility platforms are being overlooked, according to Cisco's Martin Roesch, and that's a mistake. Watch Now

• Video

  IT consultants leading edge of Internet of Everything security

  Cisco security services SVP Bryan Palma discusses how Cisco's consulting teams have an early view of how the Internet of Everything will roll out. Watch Now

• Video

  Want to increase IT security budget dollars? Get in your CEO's head

  John Dickson, principal at Denim Group, talks to SearchSecurity at RSA Conference 2015 about tried and true ways security admins have been able to attain security dollars despite tight resources. Watch Now

• Video

  Inside the WhiteHat Aviator Web browser controversy

  Robert 'Rsnake' Hansen of WhiteHat Security discusses the Aviator Web browser, why Google lashed out against it, the challenges of browser security and lessons learned for developing secure software. Watch Now

• Video

  Schneier: Incident response management key to surviving a data breach

  Video: Bruce Schneier, CTO of Resilient Systems, talks to SearchSecurity about the importance of strong incident response management in reaction to the 'year of the data breach.' Watch Now

• Video

  Google's Adrian Ludwig talks about fighting Android threats

  Google is fighting a constant battle against Android malware and vulnerabilities, and Adrian Ludwig, Google's lead for Android security, talks to SearchSecurity about how protections are getting better. Watch Now

• Video

  McGraw: IEEE helps find software development design flaws

  Secure software expert Gary McGraw says the IEEE Center for Secure Design can help companies find patterns in their software security flaws. Watch Now

• Video

  Shadow cloud problem growing, SkyHigh Networks says

  Kamal Shah of SkyHigh Networks talks with SearchSecurity about the rapid adoption of shadow cloud apps and services in the enterprise. Watch Now

• Video

  (ISC)2 responds to criticism with global academic program

  (ISC)2 executive director David Shearer responds to criticisms about the organization's lack of introductory certifications within its global academic program. Watch Now

• Video

  McGraw: Software security testing is increasingly automated

  Security software expert Gary McGraw says testing for security flaws must be automated if everything is going to be checked. Watch Now

• Video

  Cisco Security Services set for 2x product growth in 2015

  Cisco's Bryan Palma discusses Cisco's strategy for security services and talks about the recent Neohapsis acquisition. Watch Now

• Video

  Network security improved by Cisco data mining

  Cisco network security involves numerous users and products; Martin Roesch explains why the huge amount of data that results from this is a good thing. Watch Now

• Video

  From the frontlines: Horror stories on information breach response

  Video: KPMG's Ronald Plesco has seen some crazy things in his time helping organizations in security incident response, and he shares some of them with SearchSecurity. Watch Now

• Video

  Stale, dead apps emerging as serious mobile security risks

  At RSA 2015, Appthority president and co-founder Domingo Guerra outlines emerging mobile security risks enterprises must be aware of -- and the issues aren't limited to just bring your own devices (BYOD). Watch Now