Get started

Data security strategies and governance

• Cybersecurity defense in depth means more than ticking boxes

  F-Secure's Tom Van de Wiele explains the realities of cybersecurity defense in depth, and why companies need to have the right attitude to defend against cyberattacks. Continue Reading

• How cybersecurity risk fits into enterprise risk management

  In security, perfection is impossible, but risk management frameworks plus a range of strategies can significantly reduce your organization’s risk. Continue Reading

• Cyber-risk strategies and models for a post-perimeter age

  Cyber-risky business: The notion of the security perimeter has grown quaint. If a firewall is insufficient, where does IT turn to answers on how to protect assets? Continue Reading

• National Security Agency (NSA)

  The National Security Agency is the official U.S. cryptologic organization of the United States Intelligence Community under the Department of Defense. Continue Reading

• Are you next-gen secure? Defense-in-depth security key to IT

  The notion of a defensible security perimeter is outmoded, but that doesn't mean the goal of IT security is unattainable. Laying on defenses is what's needed now. Continue Reading

• Definitions to Get Started

  • National Security Agency (NSA)
  • identity and access management (IAM)
  • physical security
  • information security (infosec)

  • user account provisioning
  • National Computer Security Center (NCSC)
  • data masking
  • deperimeterization

  View All Definitions

• identity and access management (IAM)

  Identity and access management (IAM) is a framework for business processes that facilitates the management of electronic or digital identities.Continue Reading

• The CISO job seems to be finally getting the credit it's due

  The CISO job has risen from the trenches of the IT department to a seat at the C-suite decision-makers' table. But time in the spotlight comes with great risk and responsibilities.Continue Reading

• The chief information security officer role grows in stature

  No longer do CISOs hunt for a seat at the decision-maker's table. But with increased recognition of their vital role comes vast responsibilities and need for a big skill set.Continue Reading

• What does a CISO do now? It's a changing, increasingly vital role

  What does a CISO do in this day and age? The responsibilities of a chief information security officer, the senior executive responsible for an organization's information security program, are growing dramatically. Once relegated to the IT department...Continue Reading

• CISSP Domain 3: Security systems engineering

  Planning to take the CISSP exam? Brush up on essential concepts and vocabulary in security systems engineering, covered in Domain 3, in this Security School.Continue Reading

• CISSP Domain 2 quiz: Data security control, asset protection

  Domain 2 of the CISSP exam, known as asset security, covers data security control, classification, ownership and more. Test your knowledge with this 10-question practice quiz.Continue Reading

• CISSP Domain 2: Asset security and data encryption methods

  This Security School will help prepare you for Domain 2 of the CISSP exam, providing overviews of data encryption methods, data ownership concepts and asset protection.Continue Reading

• Identify and maintain ownership of data: A guide for CISSPs

  CISSPs must lead the way in driving good data management, which begins with defining data ownership and access policies. Learn more in this video with infosec expert Adam Gordon.Continue Reading

• What you need to know about setting up a SOC

  Setting up a SOC is different for every enterprise, but there are some fundamental steps with which to start. Expert Steven Weil outlines the basics for a security operations center.Continue Reading

• Security analysis principles and techniques for IT pros

  The drive for greater security fuels IT more than ever, but fighting infosec threats depends on locating the right data sets and analyzing them efficiently.Continue Reading