PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

Nov. 2012/Volume 14/No. 9

Information Security Decisions: From Dogma to Data

This article is part of the Information Security issue of Nov. 2012/Volume 14/No. 9

The information security field needs to overcome information sharing roadblocks to improve decision making.

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

PDF download: Information Security magazine November 2012
by Information Security magazine staff
In this issue, find out who won this year’s Security 7 Award, Also, we examine the pros and cons of the Metasploit penetration testing framework.
Old Application Vulnerabilities, Misconfigurations Continue to Haunt
by Robert Westervelt
Flaws in legacy applications and configuration blunders still plague organizations, experts say.
Information Security Decisions: From Dogma to Data
by Wade Baker
The information security field needs to overcome information sharing roadblocks to improve decision making.

Developing a BYOD Strategy: Weigh the Risks, Challenges and Benefits
by Krishnan Chellakari
Organizations need to consider benefits and risks as they embrace BYOD.
Security Warrior for Cloud Transparency
by Jim Reavis
Ron Knode, who passed away earlier this year, was a tireless advocate for cloud security transparency.
GRC Management and Critical Infrastructure Protection
by Doug Powell
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.

Security Risk Assessment Process a Team Effort at Notre Dame
by David Seidl
The university created a committee to tackle risk assessment on an ongoing basis.
FISMA Compliance and the Evolution to Continuous Monitoring
by John Streufert
The U.S. Department of State developed a system for improving federal cybersecurity.
The new era of big data security analytics
by Preston Wood
The information security industry needs to shift its focus to data-driven security.

Metasploit Review: Ten Years Later, Are We Any More Secure?
by George V. Hulme
Some say the pen testing framework is a critical tool for improving enterprise security, while others say it helps attackers.
Cloud Compliance: Tackling Compliance in the Cloud
by Davi Ottenheimer
Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.

Columns in this issue

Security 7 Award 2012: Seven Outstanding Information Security Pros
by Marcia Savage
Security 7 Award 2012 honors seven outstanding information security pros. Find out who won this year’s Security 7 Award.
Protecting Intellectual Property: Best Practices
by Peter J. Toren
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
Pros and Cons of Information Security Certifications
by Doug Jacobson and Julia A. Rursch
Educating the security professional requires far more than a certification exam.

Marcus Ranum chat: Next-generation SIEM
by Anton Chuvakin
Security expert Marcus Ranum goes one-on-one with Gartner’s Anton Chuvakin about SIEM technology and where it’s headed.

View Information Security Archives

SearchCloudSecurity

How to conduct proper AWS vulnerability scanning in 3 steps

Cloud vulnerability management can be complicated. Learn how to perform AWS vulnerability scans under the shared responsibility ...

Research shows cloud security vulnerabilities grow

Recent research shows the number of cloud security incidents are growing. Here are the biggest contributors to the complicated ...

4 necessary steps to evaluate public cloud security

The Capital One hack raised questions about public cloud security. Take these four steps to ensure your data is protected.

SearchNetworking

Gartner Hype Cycle deems software-defined networking obsolete

A Gartner report on enterprise networking has declared the definition of SDN and its architectural approach as deceased. Cause of...

The top 5 capabilities your edge infrastructure should have

The network edge plays a vital role in the future of networking and digital transformation. Make sure your infrastructure has ...

VMware acquisition of Veriflow to bolster vRealize platform

The VMware acquisition of Veriflow is expected to help vRealize users determine the integrity of a network design before it goes ...

SearchCIO

How to deal with the lack of chatbot standards

A lack of standards around chatbot development has created a situation in which enterprises are building and rebuilding bots. But...

RPA journey: Schneider Electric's global plan taps Blue Prism, UiPath

Schneider Electric, a multinational energy management company, has embarked on a robotic process automation journey, establishing...

Blurring the lines between RPA platforms and APIs

RPA is quickly making itself known in the automation market, but the real game changer is utilizing the technology in an API-rich...

SearchEnterpriseDesktop

New Windows vulnerabilities reveal there is no rest for weary IT

The two latest Windows security vulnerabilities reiterate the importance for IT admins to stay diligent when updating and ...

7 questions to ensure UEM supports a Windows 10 migration

The right UEM platform will go a long way in streamlining a Windows 10 migration. Ask these questions to ensure your ...

How to automate Windows 10 imaging with Packer

Windows 10 imaging isn't easy, especially with Microsoft's continuous release model. Here's how IT can use Packer and MDT to ...

SearchCloudComputing

Use modern cloud security best practices

Enterprises still worry about the security of cloud and if migrating will put data at risk. Explore modern methods, technologies ...

VMware acquisition of Intrinsic denotes bigger strategic plan

VMware has acquired Intrinsic, a maker of virtualization technology that secures Node.js applications on serverless environments ...

Oracle's IaaS, cloud database in the spotlight at OpenWorld

This year's Oracle OpenWorld should provide answers for customers eager to understand its plans for IaaS, cloud databases, AI and...

ComputerWeekly.com

Majority of organisations struggling with cloud security

The majority of organisations find securing the cloud difficult and more than a quarter feel the shared security responsibility ...

GoCo Group backs Microsoft Azure to deliver ‘savings-as-a-service’ customer acquisition strategy

GoCo Group technology director Kieron Nolan explains the firm’s plans to migrate most of its price comparison platforms to the ...

Kaspersky eyes enterprise business, opens APAC transparency hub

The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its ...