Manage

Manage

Learn to apply best practices and optimize your operations.

• For enterprises, does attack attribution offer any value?

  What matters more: finding the source of an attack, or simply stopping it? Expert Nick Lewis details the potential benefits of attack attribution. Continue Reading

• Mobility bandwagon: Developing enterprise mobile applications

  Mobile security gaps stretch from distributed architecture to data leaks. Address security and privacy concerns before any coding starts. Continue Reading

• Mobile device policy: Tackling BYOD requires broad initiatives

  Before implementing containerization or other technologies, CISOs need to craft an enterprise strategy to secure employee-owned devices. Continue Reading

• Social engineering attacks: Is security focused on the wrong problem?

  To combat social engineering techniques, know thy data and how to protect it against exfiltration by malicious actors. Continue Reading

• IT salary survey: Security moving in the right direction

  Total compensation is up, and one-third of IT organizations are looking to make new hires, according to our annual information security salary survey. Continue Reading

• Ranum Q&A with Aaron Turner: Whitelisting is on enterprise blacklist

  An early proponent of Microsoft SRP, Aaron Turner says application whitelisting has finally taken hold in consumer app stores.Continue Reading

• IT security salary survey: What happened in 2013, forecast for 2014

  The value of information security professionals can outweigh security technology. Does your organization show you the money?Continue Reading

• Beat the security odds with a cloud risk equation

  Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their organization's cloud deployments and services. Cloud vendors often bypass IT and sell their services directly...Continue Reading

• Java patching: Lost cause, or an enterprise security necessity?

  After a plethora of Java and JRE security flaws, threats expert Nick Lewis weighs in on whether Java patching is now an exercise in futility.Continue Reading

• Attack obfuscation: How attackers thwart forensics investigations

  Expert Nick Lewis explains how attackers utilize offensive forensics techniques to thwart forensics investigations.Continue Reading

• Antimalware technologies and techniques to the rescue

  Not only is modern malware getting more prevalent and sophisticated, it's also now focusing on a broader array of targets. Attackers would still love to break into top-level enterprise systems, but now they're also aiming low, taking advantage of ...Continue Reading

• In 2014 DBIR preview, Verizon says data breach response gap widening

  Verizon is touting its largest-ever data set for the 2014 DBIR, but the gap is widening between when breaches happen and when they're discovered.Continue Reading

• Security data analysis behind the times, Verizon DBIR researchers say

  Security vendors often claim that attackers are unpredictable, but two Verizon DBIR researchers say better data can find recognizable patterns.Continue Reading

• RSA 2014: HP exec says security threat analysis should guide strategy

  At RSA Conference 2014, HP's Art Gilliland says enterprise security strategy must shift toward smarter spending based on security threat research.Continue Reading

• TrustyCon: Hypponen warns of government malware, loss of vendor trust

  At the inaugural TrustyCon event, F-Secure's Mikko Hypponen decried the lack of trust in security vendors like RSA and warned of government malware.Continue Reading

• SANS researchers warn RSA attendees about 2014 attack techniques

  Researchers delivered their 2014 outlook on cyberthreats at the RSA Conference, highlighting attack techniques and ways to defend against them.Continue Reading

• IT Decision Center: Unified Threat Management

  From servers to smartphones, enterprise devices are under attack. A unified threat management (UTM) product gives your company a fighting chance. Learn how UTM works and the business benefits it offers companies of all sizes.Continue Reading

• RSA 2014: Insider threat detection tools critical to detection success

  Even with a solid insider threat program in place, an RSA Conference 2014 speaker said good insider threat detection tools are key to success.Continue Reading

• RAM-scraping malware update: Enterprise defense against RAM scrapers

  As the Target breach proved, RAM-scraping malware is difficult to detect. Learn best practices to defend against RAM scrapers.Continue Reading

• Developing a continuous security monitoring program for 24/7 security

  Developing a continuous security monitoring program to ensure 24/7 security is no easy task. Michael Cobb offers key advice for completing the task.Continue Reading

• Unified threat management: What UTM product fits your organization?

  Companies are increasingly finding attractive the idea of unified threat management (UTM) systems, and vendors are responding with a range of products. Originally, smaller companies were the logical adopters of UTM technology, but now even giant ...Continue Reading

• AxCrypt tutorial: How to use AxCrypt for simple file encryption

  Video: In this AxCrypt tutorial, Keith Barker of CBT Nuggets shows how to use AxCrypt, a free, open source tool for quick, simple file encryption.Continue Reading

• CAMP technology: The key to thwarting socially engineered malware?

  Microsoft added CAMP technology to Windows 8.1 to defeat socially engineered malware. Is it effective? Michael Cobb explains how CAMP works.Continue Reading

• With its new security features, is Dropbox safe for enterprise use?

  Do Dropbox's new 'enterprise-grade' security features make it safe enough to leverage in the enterprise? Expert Michael Cobb offers his analysis.Continue Reading

• Enterprise firewall protection: Where it stands, where it's headed

  Get grounded on the state of the firewall, and explore the next generation of related Internet security devices.Continue Reading

• incident response plan (IRP)

  An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or ...Continue Reading

• Analyzing the risks of the D-Link router backdoor

  Even though a patch was released for a recently discovered D-Link router backdoor, the flaw highlights a product feature that poses unnecessary risk.Continue Reading

• How descoping measures can help reduce regulatory compliance burden

  Expert Mike Chapple explains how two descoping techniques can help many organizations reduce their regulatory compliance burden.Continue Reading

• Windows Error Reporting may provide intelligence to attackers

  Attackers may be able to use Windows crash data to find their targets' weaknesses, but enterprises can turn the tables via better anomaly detection.Continue Reading

• RSA 2014: News, analysis and video from RSA Conference 2014

  Get news, analysis and video from RSA Conference 2014.Continue Reading

• Security analytics: The key to reliable security data, effective action

  It's tough to get reliable security data. This Security School explains how to use security analytics to safeguard your network system's health.Continue Reading

• Making the case: Mobile IDS/IPS vs. traditional IDS/IPS

  What's the difference between mobile IDS/IPS and traditional IDS/IPS? Expert Brad Casey discusses the value proposition for enterprise deployment.Continue Reading

• The benefits of subscription-based penetration testing services

  Should an enterprise opt for subscription-based services or conduct their pen testing in-house? Network security expert Brad Casey discusses.Continue Reading

• Strategies to make your SIEM system sing

  Using and maintaining a security information and event management (SIEM) system can be a challenge for InfoSec professionals, but the effort is worthwhile if the system enables faster, better security data analysis and response. This TechGuide ...Continue Reading

• Ponemon offers grim picture of information security incident response

  Ponemon data shows security professionals are often stretched too thin to conduct thorough enterprise information security incident response efforts.Continue Reading

• Stave off infection: Assessing the best antimalware protection

  Malware continues to infect enterprises; here's the scoop on how to identify an effective antimalware product for your environment.Continue Reading

• Three ways to raise infosec awareness among non-security executives

  Low infosec awareness among C-level execs can hurt security funding. Expert Joseph Granneman details three ways that CISOs can raise that awareness.Continue Reading

• Network tap vulnerabilities: Network traffic security over the Internet

  Is there any viable way to mitigate the risks of a potential wide-area network tap and ensure network traffic security over the Internet?Continue Reading

• For international travelers, is basic business data security enough?

  NBC's report on hacking in Russia stretched the truth, experts said, but travelers who ignore business data security basics face risks everywhere.Continue Reading

• Why TCP traffic spikes with source port zero should sound an alarm

  Are spikes in TCP traffic with source port zero warning signs that future attacks are imminent? Discover why enterprises should be concerned.Continue Reading

• Best practices for implementing an enterprise network air gap system

  Learn best practices for implementing an enterprise network air gap system as a defense against advanced attacks.Continue Reading

• Using Wireshark: Reviewing four key Wireshark features

  Become familiar with four Wireshark features network security pros value in this packet-capturing analytics tool.Continue Reading

• How to build an effective corporate privacy compliance program

  Expert Mike Chapple reviews major data privacy laws and explains how to build a data privacy compliance program to meet regulatory requirements.Continue Reading

• Target breach details: Was the retailer PCI DSS compliant?

  Expert Mike Chapple says a key detail in the Target breach suggests that the Fortune 500 retailer likely wasn't PCI DSS compliant.Continue Reading

• Beyond the Page: Cyberthreats

  This February 2014 Information Security magazine supplement takes a deeper look into cyberthreats and examines advanced threat techniques including watering hole attacks and sophisticated spear phishing.Continue Reading

• Fixing the math in the wake of Snowden's NSA surveillance reveal

  Throwing a curve: Is there a potential weakening of security products and services courtesy of the NSA and RSA BSafe?Continue Reading

• Tor networks: Stop employees from touring the deep Web

  Are employees using Tor to view blocked Web sites, or mining Bitcoins on corporate resources? Sinister or not, it needs to stop.Continue Reading

• The changing face of advanced malware detection

  It's a new year of advanced threats, malicious code and holes to plug, but security teams are fighting back with help from global services.Continue Reading

• Mobile security report: Data on devices

  New survey shows the battle between corporate-issued devices versus personally owned smartphones and tablets is too close to call.Continue Reading

• New devices, new threats: How to evaluate the devices we love

  The influx of iPad and Android tablets and smartphones after the holidays can really challenge network security in organizations that support BYOD.Continue Reading

• Cyberthreats: Know thy enemy in 2014

  There's no place to hide as new cyberthreats and tried-and-true hacking techniques test security teams.Continue Reading

• New ways to navigate advanced security threats

  One month into the new year and we have already faced landmark data breaches. The advanced threats will keep on coming in 2014.Continue Reading

• Cyberthreats: Know thy enemy

  The complexity of emerging technologies and trends such as BYOD has security teams operating at full speed, and there's no sign of slowing down. In our inaugural issue of 2014, we look at the top cyberthreats that security professionals are likely ...Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.Continue Reading

• Does ISO 27001 certification make an enterprise Safe Harbor compliant?

  Expert Mike Chapple details the ISO 27001 certification and why achieving it may not make an organization Safe Harbor compliant.Continue Reading

• HIPAA Omnibus Rule 2013: New Notice of Privacy Practices requirements

  Expert Mike Chapple explains how Notice of Privacy Practices requirements have changed for covered entities under the HIPAA Omnibus Rule 2013.Continue Reading

• Microsoft Office 2003: Staying safe after the security support stops

  Worried about Microsoft Office 2003 security after support ends April 8, 2014? Michael Cobb offers some pointers.Continue Reading

• Preventing plaintext password problems in Google Chrome

  Plaintext passwords are risky business. Michael Cobb discusses what Google says about the Chrome password vulnerability and potential exploits.Continue Reading

• Smart defense is good offense: Rethink how you use your SIEM product

  Learn how to improve policies and enhance monitoring to make your security information and event management (SIEM) product more effective.Continue Reading

• DNS amplification, application-layer attacks drive DDoS attack trends

  Data from Arbor Networks shows an increase in DNS amplification attacks and application-layer DDoS attacks.Continue Reading

• McGraw: Software [in]security and scaling automated code review

  Gary McGraw and Jim Routh talk through the pitfalls of scaling static source code review and offer some potential process improvements.Continue Reading

• The Vobfus worm and Beebone Trojan: How malware downloads more malware

  The Vobfus worm downloads variants of the Beebone Trojan and vice versa. Discover how to defend your enterprise from malware that downloads malware.Continue Reading

• Keeping Web malware out of enterprise systems

  Web-borne malware is circling your system, looking for a way in. This Security School covers ways to keep your enterprise's perimeter secure.Continue Reading

• Femtocell security: Defending against a femtocell hack

  The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack.Continue Reading

• Countdown of the top seven bad habits victims of malware attacks share

  Learn the seven bad habits that leave you vulnerable to Web-borne malware attacks, and the changes you can make to secure your online life in 2014.Continue Reading

• Mac malware: Evasion techniques, enterprise detection best practices

  Mac malware is starting to use the evasion techniques of Windows malware. Enterprise threats expert Nick Lewis discusses the risks.Continue Reading

• Essential security analytics technology for advanced malware detection

  Josh Sokol reviews the security technologies needed to support a successful security analytics program focused on advanced malware detection.Continue Reading

• Pre-audit planning: Four keys to a successful IT security audit

  One QSA offers pre-audit planning advice to ensure a smooth, successful enterprise IT security audit for both the organization and the auditor.Continue Reading

• Advanced volatile threat detection: New term, old malware?

  The newly coined term 'advanced volatile threat' (AVT) describes a specific type of hard-to-detect attack. Nick Lewis debunks the AVT hype.Continue Reading

• Origins of the NIST cybersecurity framework, encryption standards

  Video: An expert says the NIST cybersecurity framework and encryption standards resulted from a thorough public vetting process.Continue Reading

• Why marketing principles can help a security awareness program succeed

  Veteran CISO Ernie Hayden offers ideas from the realm of marketing to help spread security awareness like a virus -- but in a good way.Continue Reading

• How to use the RACI matrix for a security risk assessment

  Expert Joseph Granneman explains how the RACI matrix can be used as part of an information security risk assessment.Continue Reading

• Securing endpoint devices with code-execution prevention

  A survey revealed 54% of enterprises don't know if they use code-execution prevention on networked endpoint devices. Does your organization?Continue Reading

• The backdoor threat of Trusted Platform Module and Windows 8

  Does the combination of the Trusted Platform Module and Windows 8 create the threat of a backdoor? Michael Cobb discusses.Continue Reading

• Elliptic curve cryptography: What ECC can do for the enterprise

  Is elliptic curve cryptography more effective than RSA or Diffie-Hellman? Security expert Michael Cobb details the pros and cons of ECC.Continue Reading

• Continuous security monitoring: What enterprises can learn from CDM

  Uncover key continuous security monitoring tips enterprises can take away from the federal government's Continuous Diagnostics and Mitigation program.Continue Reading

• What is the MEHARI risk management framework and how can it be used?

  Expert Joseph Granneman details the MEHARI risk management framework and compares it to the ISO 27000 and NIST 800 series.Continue Reading

• Separate but equal: Mitigating the risk of Web-borne malware infections

  The potential damage from Web-borne malware can be effectively limited through a process of separation.Continue Reading

• What are the top instant messaging security risks facing enterprises?

  Expert Michael Cobb explains the security risks of instant messaging (IM) and reveals why standardizing on one program can help mitigate them.Continue Reading

• Vulnerability management programs: A handbook for security pros

  Information security professionals need a multifaceted approach for managing and responding to known vulnerabilities, one that recognizes enterprises' finite resources for vulnerability remediation. This TechGuide will help you both identify and ...Continue Reading

• Bruce Schneier tackles incident response management as Co3 Systems CTO

  Following his departure from BT, prominent security expert Bruce Schneier will assume CTO position at Boston startup Co3.Continue Reading

• Windows XP upgrade planning: Preparing for Windows XP end of life

  The Windows XP end-of-life date, April 8, 2014, is approaching. Learn about the risk of delaying Windows XP upgrades and planning the transition.Continue Reading

• How to rank enterprise network security vulnerabilities

  Risk management programs yield massive data on network security vulnerabilities. Infosec pros must rank risks before prioritizing remediation efforts.Continue Reading

• BlackBerry backdoor: Do BlackBerry credential logs pose a threat?

  BlackBerry's email system logs user credentials and sends them in cleartext to BlackBerry servers. Is it a vendor backdoor? Michael Cobb discusses.Continue Reading

• How to identify and secure data egress points to prevent data loss

  Expert Michael Cobb discusses how to identify the data egress points in enterprise databases to prevent malicious data exfiltration.Continue Reading

• Windows 8.1 security overview: Enterprise features and tools

  Application security expert Michael Cobb takes a look at the noteworthy security features found in Windows 8.1 Enterprise.Continue Reading

• Beazley offers incident response to go with cybersecurity insurance

  Robert Wice, US focus group leader, Beazley Group, says the cyberinsurance company recently processed its 1,000th claim.Continue Reading

• Opinion: How infosec training is changing to stay ahead

  Dr. Lynne Williams of Kaplan University shares her view on how infosec education is changing to keep pace with evolving attacks.Continue Reading

• The risks of granting admin rights for Windows app management

  Brad Casey explores issues with giving Windows users admin rights to install and manage applications, and offers advice on mitigating inherent risks.Continue Reading

• McGraw: Software [in]security and scaling architecture risk analysis

  Software architecture risk analysis doesn't have to be hard. Gary McGraw and Jim DelGrosso discuss an easier, more scalable process.Continue Reading

• Information security 2013: SearchSecurity's top articles of the year

  For practitioners in information security, 2013 offered plenty of drama. Check out our most popular articles of 2013.Continue Reading

• Enterprise UTM: A new breed of unified threat management devices

  David Strom demonstrates the enterprise-grade features making unified threat management devices viable for large companies.Continue Reading

• Improve disaster preparedness with the National Mitigation Framework

  Businesses can use FEMA's National Mitigation Framework to improve disaster preparedness planning. Expert Joseph Granneman explains how.Continue Reading

• IE 11 security: Has Web browser security technology reached its peak?

  Internet Explorer 11 offers few new security features. So, has Web browser security technology reached its peak? Michael Cobb details IE 11 security.Continue Reading

• Using the Google Transparency Report to enhance website blacklisting

  Threats expert Nick Lewis explores whether Google's Transparency Report can be used to enhance blacklisting of malicious websites in the enterprise.Continue Reading

• Beyond the Page: Breach detection systems

  In the December 2013 Beyond the Page, John Pirc explains why breach detection systems are an essential security tool in a malware-infested world.Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.Continue Reading

• Breach detection systems: Deployment models that detect malware better

  Breach detection systems, a tier-two security technology, identify malware in transit and help you detect unknown breaches and side-channel attacks.Continue Reading

• How to protect corporate data after the NSA Bullrun revelations

  Expert Joe Granneman explains how to protect corporate data after leaks divulge information on NSA Bullrun and other government surveillance programs.Continue Reading

• BYOPC: Network security best practices for employee-owned computers

  Expert Brad Casey offers a number of best practices to help your organization ensure network and endpoint security in a BYOPC era.Continue Reading