Get started

Data Security and Cloud Computing

• What a data protection officer can offer enterprises subject to GDPR

  The EU GDPR requires that organizations appoint a data protection officer, but is that really necessary for security? Expert Francoise Gilbert examines the compliance requirement. Continue Reading

• Application containers: What are the major risks?

  NIST recently issued guidance on mitigating the security risks of application containers. Expert Judith Myerson outlines some of the risks and fixes highlighted in the guide. Continue Reading

• The OSI model layers explained: Get to know the network

  Do you know what each layer of the OSI model represents? Infosec expert Adam Gordon helps you get up to speed in preparation for Domain 4 of the CISSP exam. Continue Reading

• CISSP Domain 3 quiz: Security engineering

  In preparing for Domain 3, Security Engineering, CISSP candidates should review a wide range of concepts, from security models to cryptography systems. Continue Reading

• Cybersecurity engineering: CISSP demands broad IT knowledge

  Boost your CISSP exam prep with this video reviewing key concepts covered in Domain 3 of the CISSP exam, Security Engineering. Continue Reading

• Definitions to Get Started

  • computer worm
  • Single Sign-On (SSO)
  • Certified Information Systems Auditor (CISA)
  • cybersecurity

  • asymmetric cryptography (public key cryptography)
  • digital signature
  • Trojan horse (computing)
  • time-based one-time password (TOTP)

  View All Definitions

• CISSP Domain 3: Security systems engineering

  Planning to take the CISSP exam? Brush up on essential concepts and vocabulary in security systems engineering, covered in Domain 3, in this Security School.Continue Reading

• insider threat

  Insider threat is a generic term for a threat to an organization's security or data that comes from within.Continue Reading

• Secure DevOps brings better, faster, safer software

  When it comes to creating apps and other software, the need for security is increasingly clear. But how to implement DevSecOps, not so much.Continue Reading

• Meet the new government CISO for the nation's capital

  With years of cybersecurity and military IT experience, the District of Columbia's first information security officer brings a well-developed toolkit to the job.Continue Reading

• Interception threatens TLS security; now what?

  As global cyberattacks have exploded in recent months, the speed of infection is causing damage, not only to targeted industries and nation states, but to corporate valuations. In June, FedEx warned that the Petya cyberattack, which disrupted ...Continue Reading

• Computer and Information Security Handbook

  In this excerpt from chapter three of Computer and Information Security Handbook, author John R. Vacca reviews the basics of cryptography.Continue Reading

• How to craft an application security strategy that's airtight

  A solid application security strategy today must include varieties like cloud apps and mobile. Learn how to set application security policies and practices that keep hackers out.Continue Reading

• hacker

  A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.Continue Reading

• antivirus software (antivirus program)

  Antivirus software is a class of program designed to prevent, detect and remove malware infections on individual computing devices, networks and IT systems.Continue Reading

• backdoor (computing)

  A backdoor is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.Continue Reading