Directory —
Technology —
Blog Details for "RSA Security Blog: A Blog for Security Professiona"
RSA Security Blog: A Blog for Security ProfessionaRSA Security Blog: A Blog for Security ProfessionaThe RSA Security Blog, Speaking of Security, features a group of experts, each of whom has knowledge and interest in different areas of the industry: research, developer solutions, engineering and government policy. A Security Blog for anyone seriou Articles
The Real Cost of a Pizza - and a Social Security Number
2010-05-13 02:00:00 A good friend of mine who lives in New York engaged me in a conversation about identity theft recently where he said, “I don’t care if they steal my credit card information. For that, I’m covered. What I am worried about is my Social Security number. If that ever gets stolen – I’d be in serious trouble!” More About: Social Security , Pizza , Cost
Speaking of Security Podcast #187
2010-05-12 02:00:00 Click to Download/Listen RSA continues to expand its Speaking of Security blog team. Meet one of our newest bloggers on this week's Speaking of Security podcast. More About: Podcast
The Security Education Gap
2010-05-07 02:00:00 One of the best parts of my jobs is getting to present on online threats. I get to speak at conferences, on webinars and in front of customers about the dangers that we all face when we are on the Internet due to the sophistication of cybercriminals. After giving these presentations, no matter who is in the audience, I always get someone that asks, “What about education…does it work?” These days, I’m not convinced it does. More About: Security , Education
Would the Real Cost of PCI Please Stand Up?
2010-05-07 02:00:00 This week at NACStech, I spoke with several people from a large retail chain - people who are hip-deep in the PCI compliance efforts within their organization. So as we were talking, one senior person made the comment that, “PCI compliance only costs us around $30,000 a year”. More About: Cost , Real
Birds of a Feather...
2010-05-06 02:00:00 Brian Krebs has a great piece on the Mariposa (Spanish for butterfly) botnet that is really worth reading. I won't spoil it, but essentially it is about two criminals trying to get a job with Panda Security. There are some interesting take aways here, but what struck me most is... More About: Birds
Speaking of Security Podcast #186
2010-05-05 02:00:00 Click to Download/Listen Cyberklix is a leader in the field of Log Management and Security Event Management. Hear about some of its current business challenges on this week's Speaking of Security podcast. More About: Podcast
Trumpet Your (Security) Achievements Loudly!
2010-04-28 02:00:00 The Lockheed Martin Cyber Security Alliance today announced a critical survey and data related to US government adoption of cloud services. Most importantly, it issued a related white paper on "Awareness, Trust, and Security to Shape Cloud Adoption" that address full-on the perception (as opposed to the realities) of the cloud with respect to the government.
Speaking of Security Podcast #185
2010-04-28 02:00:00 Click to Download/Listen New research commissioned by RSA reveals that despite known online threats, young adults seem to be choosing convenience over security when it comes to their online activity. We discuss on this week's Speaking of Security podcast. More About: Podcast
Innovating for Profits Fraudster Style
2010-04-27 02:00:00 It would come as no surprise to anyone that every fraudster attempts to maximize his profits, and there are several ways to do so. First, a fraudster could increase the amount of credentials he obtains, either by using more sophisticated tools or by simply using existing tools more often. More About: Style , Profits
Security by Obscurity Never Works...
2010-04-27 02:00:00 Every now and then something comes up that is, strangely, humorous. Having seen the Haiti exploits (see post on Non Illegitimi Carborundum) and the cease-fire opportunism (see Cease Fire post), I scratched my head and wondered…so where are the Eyjafjallajökull hoaxes? More About: Security , Works
Silver bullets
2010-04-26 02:00:00 In my last post, I talked about performing encryption in hardware vs. software, and why RSA and First Data made the business decisions that we did for our payment security solution, TransArmor. Since then, I have heard from... More About: Silver
Putting Dogma in Front of Karma
2010-04-23 02:00:00 For those of you who were around in security then, you are probably chuckling. For those who weren't: the Furby was a toy that could "learn." Unfortunately, it was feared that it could learn too much...and that if it were in a work environment, or worse in a classified or sensitive area, that it might be a foreign spy or a cute-looking insider. More About: Karma , Putting , Front
Never Give An Order You Know Won't Be Obeyed*
2010-04-22 02:00:00 The dust has settled...the worst has blown over; but what an article and what a response! Kudos to Mark Pothier at the Boston Globe for his "Please do Not Change Your Password" article that stirred up our industry like a bee's nest kicked over by a bear covered in honey! More About: Give
STOP! Don't Post That! What happens on Spring Break is about to be posted
2010-04-20 02:00:00 How much of what Gen Y is going through is unique to this generation and how much of it is the standard process of growing up and maturing with the added leavening of technology thrown into the mix? I remember as a Gen X-er... More About: Post , Break , Spring , Stop
Speaking of Security Podcast #184
2010-04-20 02:00:00 Click to Download/Listen Learn about RSA CyberCrime Intelligence, a new service designed to better understand the risks of malware to the enterprise on this Speaking of Security podcast. More About: Podcast
Avoiding Castles in the Swamp, Part 4
2010-04-16 02:00:00 In this on-going series on Security Operations, I've discussed basic foundational requirements including goals, roles and responsibilities, monitoring plans, etc. There's one final area that I'd like to cover... More About: Part
A Cybercrime Self-Confession
2010-04-15 02:00:00 Yes, I am one of those Users. I am one of those Users that I spend a significant part of my job working to educate customers and the industry about. You see, as part of my job, I am issued a laptop by EMC, the parent company of RSA. I am in fact working from that laptop right now. It should also be noted... More About: Confession
Speaking of Security Podcast #183
2010-04-14 02:00:00 Click to Download/Listen KPMG provides audit, tax and advisory services as part of a global network spanning over 140 countries. Hear about their commitment to security on this week's Speaking of Security podcast. More About: Podcast
Avoiding Castles in the Swamp, Part 3
2010-04-14 02:00:00 In this blog series, I have been exploring some of the foundational requirements necessary for effectively implementing an advanced Security Operations function within an organization. We've looked at the basic... More About: Part
Avoiding Castles in the Swamp, Part 2
2010-04-12 02:00:00 In my last entry, I started discussing some of the foundational requirements necessary to implement a successful Security Operations (SecOps) program. I'd like to drill down a bit more into some of the most critical ones, and, ironically... More About: Part
Software- vs. Hardware-based Encryption in the POS
2010-04-09 02:00:00 A few years ago, I saw a video on the Internet about ‘lock bumping’ and ‘bump keys’. For those that don’t know, lock bumping is a frightening technique... More About: Hardware , Software , Encryption
Avoiding Castles in the Swamp, Part 1
2010-04-08 02:00:00 Here's a quote from Monty Python's, " The Holy Grail," that frequently comes to mind when I discuss Security Operations with customers... More About: Part
Matching the Last Four Keeps the Bad Guys Away
2010-04-06 02:00:00 Have you ever bought something at the store with your debit or credit card and the clerk hands you the card back without checking to make sure the signature matches? Or better yet... More About: Guys
Speaking of Security Podcast #182
2010-04-06 02:00:00 Click to Download/Listen RSA is hiring to fill key positions in its global product organization. Learn more about the 90 Hires in 90 Days program on this week's Speaking of Security podcast. More About: Podcast
To Each According To His Needs*
2010-04-05 02:00:00 Please forgive my using a slogan popularized by Karl Marx, but it seemed appropriate in this context: Forrester just published a fascinating paper on the Value of Corporate Secrets.
The Security Alphabet: a primer for April learning
2010-03-30 02:00:00 I was watching some children's television with my 4 year old nephew this weekend (after playing with a rubber-band powered glider I bought for him in Asia in the yard – we had nice weather this weekend), and I thought... More About: Security , April , Learning
Why protecting payment card data is different – and the unique opport
2010-03-26 01:00:00 In the years I have been focusing on data security (as opposed to general ‘information security’), I have spoken to hundreds of companies about the types of data they find valuable. Invariably... More About: Card , Data , Unique , Payment
Speaking of Security Podcast #181
2010-03-23 01:00:00 Click to Download/Listen The 2010 Archer GRC Summit, the premiere networking event for governance, risk and compliance programs is fast approaching. Hear all about it on this week's Speaking of Security podcast. More About: Podcast
The Connection between Age and Credit Card Fraud – and Can the EMV St
2010-03-19 01:00:00 In my last post, I discussed how fraudsters take advantage of the fact that some financial institutions still are not authenticating the CVV on credit cards. This is allowing fraudsters to... More About: Credit Card Fraud , Card , Credit , Fraud , Connection
AS-Troyak Exposes a Large Cybercrime Infrastructure
More articles from this author:2010-03-17 01:00:00 Last week, RSA and other security professionals noticed a sudden halt in the activity of an upstream Internet connectivity provider named “AS-Troyak”, thus causing... More About: Infrastructure 1, 2, 3, 4, 5, 6, 7 |
