PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

Nov. 2012/Volume 14/No. 9

Information Security Decisions: From Dogma to Data

This article is part of the Information Security issue of Nov. 2012/Volume 14/No. 9

The information security field needs to overcome information sharing roadblocks to improve decision making.

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

PDF download: Information Security magazine November 2012
by Information Security magazine staff
In this issue, find out who won this year’s Security 7 Award, Also, we examine the pros and cons of the Metasploit penetration testing framework.
Old Application Vulnerabilities, Misconfigurations Continue to Haunt
by Robert Westervelt
Flaws in legacy applications and configuration blunders still plague organizations, experts say.
Information Security Decisions: From Dogma to Data
by Wade Baker
The information security field needs to overcome information sharing roadblocks to improve decision making.

Developing a BYOD Strategy: Weigh the Risks, Challenges and Benefits
by Krishnan Chellakari
Organizations need to consider benefits and risks as they embrace BYOD.
Security Warrior for Cloud Transparency
by Jim Reavis
Ron Knode, who passed away earlier this year, was a tireless advocate for cloud security transparency.
GRC Management and Critical Infrastructure Protection
by Doug Powell
GRC needs to adapt to become a truly effective risk management tool for critical infrastructure.

Security Risk Assessment Process a Team Effort at Notre Dame
by David Seidl
The university created a committee to tackle risk assessment on an ongoing basis.
FISMA Compliance and the Evolution to Continuous Monitoring
by John Streufert
The U.S. Department of State developed a system for improving federal cybersecurity.
The new era of big data security analytics
by Preston Wood
The information security industry needs to shift its focus to data-driven security.

Metasploit Review: Ten Years Later, Are We Any More Secure?
by George V. Hulme
Some say the pen testing framework is a critical tool for improving enterprise security, while others say it helps attackers.
Cloud Compliance: Tackling Compliance in the Cloud
by Davi Ottenheimer
Moving to a cloud environment brings compliance challenges, but they’re not insurmountable.

Columns in this issue

Security 7 Award 2012: Seven Outstanding Information Security Pros
by Marcia Savage
Security 7 Award 2012 honors seven outstanding information security pros. Find out who won this year’s Security 7 Award.
Protecting Intellectual Property: Best Practices
by Peter J. Toren
Organizations need to implement best practices to protect their trade secrets from both internal and external threats.
Pros and Cons of Information Security Certifications
by Doug Jacobson and Julia A. Rursch
Educating the security professional requires far more than a certification exam.

Marcus Ranum chat: Next-generation SIEM
by Anton Chuvakin
Security expert Marcus Ranum goes one-on-one with Gartner’s Anton Chuvakin about SIEM technology and where it’s headed.

View Information Security Archives

SearchCloudSecurity

How the Microsoft Authenticator app integrates with Azure AD

Microsoft expanded the Microsoft Authenticator app to integrate with tens of thousands of Azure AD apps. Expert Dave Shackleford ...

What Microsoft's InPrivate Desktop feature could mean for enterprises

Microsoft's secretive, potential new feature InPrivate Desktop could give security teams access to disposable sandboxes. Expert ...

CCSP Domain 6: Cloud computing regulations and legal issues

This Security School will help you prepare for Domain 6 of the CCSP exam, "Legal and Compliance," which covers cloud computing ...

SearchNetworking

How 3 benefits of SDN can help small businesses

As SDN matures and evolves from its original definition, it's getting harder for small businesses to ignore the benefits of SDN, ...

NetOps, SecOps, DevOps concepts merge to automate security testing

By adopting DevOps concepts, network teams can automate security testing. But, as development, network and security tasks mingle,...

Cisco layoffs mark Customer Experience restructuring

Cisco is laying off hundreds of employees as it restructures its Customer Experience unit led by new-hire Maria Martinez. The ...

SearchCIO

Improving customer experience strategy with digital tweaks vs. transformation

Improving the customer experience with digital technologies doesn't have to entail full-blown transformation. Here are three ...

How automating feature engineering can help data scientists

Feature Labs CEO Max Kanter explains how automating feature engineering for machine learning can help data scientists and why ...

5 'technology enablers' key to Travelport's digital transformation plan

Travelport CIO Matt Minetola details the five 'technology enablers' key to the success of the company's digital transformation ...

SearchEnterpriseDesktop

Microsoft reissues Windows 10 October Update, Server 2019

Windows Server 2019 and the Windows 10 October Update are back in IT admins' hands, six weeks after the company pulled them from ...

Settle the debate on how to deploy Windows 10 desktops

IT pros have a decision to make when delivering and managing Windows 10. They can use a DaaS provider, manage the desktops with ...

Use IT help desk tools to track, resolve and prevent IT incidents

The software that manages the IT help desk must allow admins to track, monitor and resolve incidents to optimize the benefits ...

SearchCloudComputing

Cloud-based quantum computing inches slowly toward enterprise

A lot of questions -- and complexity -- still surround quantum computing. But as enterprises eventually ramp up with the ...

Cloud cost management tools heat up with Apptio sale

Why does private equity firm Vista Equity Partners want to pay nearly $2 billion for IT spend analytics vendor Apptio? Here's a ...

Break down the main features of Azure DevOps Services

DevOps continues to influence how vendors shape their cloud offerings, and this was the case behind Microsoft's recent rebranding...

ComputerWeekly.com

UK leads the way in multi-cloud deployments

Public cloud users in the UK are happy with the service they get, but a hybrid approach may offer greater flexibility, according ...

Why Kubernetes is driving a groundswell in containerisation

Kubernetes is fast becoming a de facto standard, but CIOs may be unaware of its footprint in their businesses

Enterprises lack capability against persistent cyber attacks

A report urges organisations to strengthen their cyber defence capabilities to pre-empt, detect and respond to post-breach attacks