Tips

Tips

• How Windows hardening techniques can improve Windows 10

  Windows 10 may be the most secure Windows ever, but expert Ed Tittel explains how to use Windows hardening techniques to make systems even more secure.  Continue Reading

• The consequences of removing PPTP support from iOS 10

  Apple's removal of PPTP support on iOS 10 and Mac OS Sierra leaves companies scrambling to implement other VPN protocols. Expert Michael Cobb explains enterprise options.  Continue Reading

• Preventing DoS attacks: The best ways to defend the enterprise

  Preventing DoS attacks may not always be possible, but with a strong defense, enterprises can reduce their impact and recover quickly. Expert Kevin Beaver explains the best approaches.  Continue Reading

• When not to renew a vendor contract due to security issues

  Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do.  Continue Reading

• Monitoring outbound traffic on your network: What to look for

  Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network.  Continue Reading

• How to develop a strategic security plan for enterprises

  Developing a strategic security plan for an enterprise can be a complicated task. Expert Ernie Hayden provides an overview to help CISOs make an effective plan.  Continue Reading

• Big data frameworks: Making their use in enterprises more secure

  Many enterprises apply big data techniques to their security systems. But are these methods secure? Expert John Burke explains some of the efforts to secure big data analysis.  Continue Reading

• Stop app attacks with a web application firewall

  Web application firewalls are more essential than ever when it comes to halting app attacks. Learn what features and functions you should look for when choosing a new WAF.  Continue Reading

• Managing vulnerable software: Using data to mitigate the biggest risks

  Three pieces of vulnerable software are most targeted by the exploit kits studied in a Digital Shadows report. Expert Nick Lewis explains how your enterprise can manage them.  Continue Reading

• Insider threat detection tools that sniff out dangers from within

  Learn about the insider threat detection tools that can zero-in on anomalous user behavior. Malicious or accidental, the insider threat is one of the most dangerous and costly to companies.  Continue Reading

• How to maintain digital privacy in an evolving world

  Protecting a user's digital privacy across different technologies requires a plethora of tools. Expert Matthew Pascucci explores the different ways to protect sensitive data.  Continue Reading

• The dangers of using security policy templates in the enterprise

  Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky.  Continue Reading

• FIDO authentication standard could signal the passing of passwords

  The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.  Continue Reading

• SWIFT network communications: How can bank security be improved?

  The SWIFT network has increasingly been abused by cybercriminals to carry out bank fraud and theft. Expert Michael Cobb explains possible ways to boost security.  Continue Reading

• Meet security goals by avoiding threat intel and analytics mistakes

  Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics.  Continue Reading

• Information security risk management: Understanding the components

  An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness.  Continue Reading

• Preventing privilege creep: How to keep access and roles aligned

  Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned.  Continue Reading

• Insider security threats: What CISOs can do to mitigate them

  Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies.  Continue Reading

• Planning for an IPv6 attack: DDoS, neighbor discovery threats and more

  An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses.  Continue Reading

• Achieving cybersecurity readiness: What enterprises should know

  Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness.  Continue Reading

• How infosec professionals can improve their careers through writing

  Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it.  Continue Reading

• Best practices for an information security assessment

  Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process.  Continue Reading

• How tabletop exercises can help uncover hidden security risks

  A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process.  Continue Reading

• How CMMI models compare and map to the COBIT framework

  Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another.  Continue Reading

• Why signature-based detection isn't enough for enterprises

  Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints.  Continue Reading

• How encryption legislation could affect enterprises

  The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises.  Continue Reading

• Software-defined network security: A 'no-touch' approach

  One way to achieve software-defined network security is to implement a no-touch approach to networking administration. Learn how it can be done, and what needs to change before it’s possible.  Continue Reading

• Breaking down the DROWN attack and SSLv2 vulnerability

  A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take.  Continue Reading

• RSA Conference 2016 draws big crowds, strong encryption

  RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap.  Continue Reading

• Why physical network security is a necessity for enterprises

  A basic practice like physical network security is often ignored by organizations already bogged down by security, but it should still be a high priority.  Continue Reading

• What enterprises need to know about Internet traffic blocking

  Traffic blocking by Internet carriers has stirred up some controversy in the security industry. Expert Kevin Beaver discusses the pros and cons of blocking network traffic.  Continue Reading

• Cybersecurity products: When is it time to change them?

  Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools.  Continue Reading

• Microsoft Device Guard tackles Windows 10 malware

  A new Microsoft security feature takes aim at Windows 10 malware. Expert Michael Cobb explains what enterprises should know about Device Guard.  Continue Reading

• Why relying on network perimeter security alone is a failure

  A network perimeter security strategy alone can no longer protect enterprises. Expert Paul Henry explains why organizations must adapt.  Continue Reading

• Life after the Safe Harbor agreement: How to stay compliant

  Now that the Safe Harbor agreement is invalid, U.S. and EU organizations need to find new ways to securely handle data so they can stay in business.  Continue Reading

• Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool

  Expert Michael Cobb details the changes in SHA-3, including how it differs from its predecessors and the additional security it offers, and what steps enterprises should take.  Continue Reading

• How to manage BYOD security policies and stay compliant

  The best BYOD security policies help enterprises stay compliant with security and privacy regulations. Here's what BYOD policies should include and how best to manage them.  Continue Reading

• Is a security cloud service your best endpoint defense?

  Cloud technologies often have a bad reputation when it comes to security, but that may be unfair. Is the cloud the best answer for securing the endpoints in your enterprise?  Continue Reading

• The malware lifecycle: Knowing when to analyze threats

  Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative.  Continue Reading

• Getting to the bottom of the software vulnerability disclosure debate

  The vulnerability disclosure debate rages on: Enterprises should know they are at risk, but vendors need time to patch flaws. Which side should prevail? Expert Michael Cobb discusses.  Continue Reading

• Improve corporate data protection with foresight, action

  Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack.  Continue Reading

• Managed security service providers: Weighing the pros and cons

  Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing.  Continue Reading

• PCI DSS 3.1 marks the end of SSL/early TLS encryption for retailers

  The early arrival of PCI DSS 3.1 could leave organizations scrambling. The biggest change to the standard -- and the top priority for organizations -- is the end of SSL and early TLS.  Continue Reading

• Certificate authorities are limited but new TLS versions can help

  SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing.  Continue Reading

• From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan

  PCI DSS 3.1 requires enterprises to deplete SSL and early TLS use by June 30, 2016. Expert Michael Cobb offers advice for putting a migration plan to TLS 1.2 in place.  Continue Reading

• A new trend in cybersecurity regulations could mean tougher compliance

  State cybersecurity regulations may mean compliance will get more complicated, and that has experts worried. Learn what's causing this trend and what organizations should prepare for.  Continue Reading

• State of the Network study: How security tasks are dominating IT staff

  The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it.  Continue Reading

• Network anomaly detection: The essential antimalware tool

  Traditional perimeter defenses are no longer enough; network anomaly detection tools are now essential in the battle against advanced malware.  Continue Reading

• Understanding and mitigating a FREAK vulnerability attack

  After the discovery that the FREAK vulnerability can affect a wide variety of OSes, enterprises should amp up mitigation efforts. Here's some background on the attack and how to stop it.  Continue Reading

• The secrets of proper firewall maintenance and security testing techniques

  The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks.  Continue Reading

• Is the CISO job description getting out of hand?

  CISO roles and responsibilities are built on impossible standards and unrealistic expecations. Expert Joseph Granneman explains this trend and why enterprises need to reverse it.  Continue Reading

• What Apple Pay tokenization means for PCI DSS compliance

  Tokenization is a key technology underlying Apple Pay, promising to boost payment data security. Mike Chapple examines how Apple Pay's tokenization system works, and whether it will provide any PCI DSS compliance relief.  Continue Reading

• SIEM systems: Using analytics to reduce false positives

  Combining data from a variety of sources with better analytics can reduce workloads.  Continue Reading

• Final five considerations when evaluating intrusion detection tools

  Before making an investment in an intrusion detection and prevention system, be sure to read this list of five final considerations to keep in mind during intrusion detection system evaluation.  Continue Reading

• Introduction to intrusion detection and prevention technologies

  Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important.  Continue Reading

• Evaluating enterprise intrusion detection system vendors

  Selecting an intrusion detection and prevention system vendor can be a time-consuming task. Get help evaluating vendors and products with this list of must-ask questions. Plus, a comprehensive vendor list.  Continue Reading

• What the Community Health Systems breach can teach your organization

  The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach.  Continue Reading

• Benefits of the Cisco OpenSOC security analytics framework

  Cisco's open source security analytics framework aims to help enterprises address visibility and incident management challenges. Expert Kevin Beaver discusses OpenSOC and what to consider when integrating it into an enterprise security strategy.  Continue Reading

• SSL/TLS security: Addressing WinShock, the Schannel vulnerability

  Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks.  Continue Reading

• How emerging threat intelligence tools affect network security

  Up and coming threat intelligence tools aim to improve data security and even standardize threat intelligence across the industry. Expert Kevin Beaver explains how.  Continue Reading

• Getting to know the new GIAC certification: GCCC

  The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why.  Continue Reading

• A CISO's introduction to enterprise data governance strategy

  Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans.  Continue Reading

• The POODLE vulnerability and its effect on SSL/TLS security

  The POODLE vulnerability was patched in October, yet new vulnerabilities are causing concern. Expert Michael Cobb discusses how to maintain SSL/TLS security in the enterprise.  Continue Reading

• Lessons learned: Network security implications of Shellshock

  Shellshock had a tremendous impact on network security, affecting many popular vendors and products. Expert Kevin Beaver discusses what Shellshock means to network security, and the lessons that can be learned from the vulnerability.  Continue Reading

• How to increase the importance of information security in enterprises

  Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization.  Continue Reading

• What is endpoint security? What benefits does it offer?

  The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes.  Continue Reading

• Detecting backdoors: The Apple backdoor that never was?

  The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference.  Continue Reading

• IPv6 extension headers and security: Analyzing the risk

  IPv6 security expert Fernando Gont explains why IPv6 extension headers can inadvertently subvert security controls or foster denial-of-service conditions.  Continue Reading

• Malware defense: How to detect and mitigate advanced evasion techniques

  Expert Nick Lewis explores a number of techniques used by advanced malware to evade detection and explains how to detect and mitigate the threats.  Continue Reading

• Understanding security flaws in IPv6 addressing schemes

  Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks.  Continue Reading

• Inside the four main elements of DLP tools

  Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP.  Continue Reading

• Does your enterprise need a data loss prevention system?

  Not every business needs a data loss prevention system. Security expert Rich Mogull offers clues to help your organization decide if DLP will suit its business needs.  Continue Reading

• The three stages of the ISO 31000 risk management process

  The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework.  Continue Reading

• Exploring the top four DLP benefits for enterprises

  Data loss prevention products can vary greatly, yet they all offer the same four core advantages. Rich Mogull explains the top ways DLP can benefit your enterprise.  Continue Reading

• How to take a measured approach to automated penetration testing

  Automated penetration testing can play a pivotal role in improving the pen testing process while reducing the resources required, yet without the proper approach it may be a complete waste of time. Expert Kevin Beaver explains.  Continue Reading

• NIST SP800-82: The evolution of the ICS guide

  Expert Ernie Hayden takes an in-depth look at the development of NIST SP800-82 since its birth, and what the standard includes in the most recent revision.  Continue Reading

• Mainframe security best practices for compliance with PCI DSS

  Mainframe security is a largely overlooked topic by QSAs assessing compliance with PCI DSS, but expert Mike Villegas explains why enterprises can't ignore the key security controls to ensure mainframe compliance.  Continue Reading

• Continuous monitoring: Start with basic data collection techniques

  Organizations pursue various approaches to continuous monitoring, but the first question is always what to monitor.  Continue Reading

• Evaluating next-gen firewall vendors: Top 11 must-ask questions

  Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase.  Continue Reading

• Amazon Fire Phone security features and pitfalls

  The Amazon Fire Phone has the potential to ignite interest among enterprise users, but are security issues lurking beneath its shiny façade? Expert Lisa Phifer reviews the Fire Phone's security features and shortcomings.  Continue Reading

• GICSP: Deconstructing SANS Institute's new ICS security cert

  A new SANS Institute certification, GICSP, could prove useful to industrial control system (ICS) security professionals. Expert Ernie Hayden explains the certification and how to prepare for the exam.  Continue Reading

• Developing a compliance awareness training program

  Developing a compliance awareness training program is key to preventing accidental internal compliance breaches. Expert Mike Chapple explains the steps to follow when starting such a program.  Continue Reading

• Big data security analytics: Facebook's ThreatData framework

  Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense.  Continue Reading

• Open source PCI DSS: A strategy for cheaper, easier PCI compliance

  Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs.  Continue Reading

• Are malicious mobile apps a mere inconvenience or a real threat?

  How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices?  Continue Reading

• Benefits of using a UTM appliance to reduce security incidents

  Unified threat management, or UTM, appliances offer four major enterprise benefits. Learn how this key tool can help reduce security incidents.  Continue Reading

• Scoping out the UTM market: UTM vendors at a glance

  This comprehensive list of UTM vendors aims to help enterprises evaluate who's who in the UTM market.  Continue Reading

• Stop attackers hacking with Metasploit

  Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking.  Continue Reading

• Snort OpenAppID introduction: Open source application control

  The OpenAppID engine for Snort promises to enable organizations to create an open source application firewall. Kevin Beaver explores how it works.  Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.  Continue Reading

• SHA-1 to SHA-2: The future of SSL and enterprise application security

  The future of SSL is SHA-2. Security expert Michael Cobb explains why SHA-1 poses an increasing danger and what the transition entails.  Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.  Continue Reading

• Identifying and preventing router, switch and firewall vulnerabilities

  Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure.  Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.  Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.  Continue Reading

• VDI security: The benefits and pitfalls of virtualizing endpoints

  With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details.  Continue Reading

• Keys to a successful network-based malware detection deployment

  Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises.  Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.  Continue Reading

• CASP certification: Does CompTIA's security certification offer value?

  The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group.  Continue Reading

• Two-factor authentication options, use cases and best practices

  It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer.  Continue Reading