Directory —
Technology —
Blog Details for "RSA Security Blog: A Blog for Security Professiona"
RSA Security Blog: A Blog for Security ProfessionaRSA Security Blog: A Blog for Security ProfessionaThe RSA Security Blog, Speaking of Security, features a group of experts, each of whom has knowledge and interest in different areas of the industry: research, developer solutions, engineering and government policy. A Security Blog for anyone seriou Articles
Speaking of Security Podcast #102
2008-04-28 02:00:00 Click to listen or download (6:39) Paul Joyal interview's RSA's Paul Davilman on What is Sarbanes-Oxley & How is it Applicable to IT Security ? For additional information on SOX and IT Security, read more here. More About: Podcast , Speaking
U.S. Congress should pass cyber-crime legislation this year -- when will th
2008-04-23 02:00:00 As I mentioned in a blog post in late October 2007, the IT industry and other stakeholders have been calling for the U.S. Congress to pass legislation that would help empower law enforcement to more effectively investigate and prosecute cyber criminals -- while updating penalties in U.S. criminal code so that the punishment fits the crime. It's stunning to me that the Congress has not yet sent legislation to the President for his signature to address this important issue... More About: Crime , Cyber , Legislation , Pass
Speaking of Security Podcast #101
2008-04-22 02:00:00 Click here to download/listen (11:23). In a recent RSA Web Seminar, Juniper Networks' Smitha Murthy and RSA's John Masotta discussed the benefits of an SSL VPN and how best to secure its access with strong authentication. Hear a snippet in this week's podcast or check out the entire replay of the event. More About: Security , Podcast , Speaking
Older and wiser
2008-04-21 02:00:00 Today (the date I'm writing this entry) is my birthday. Birthdays are a time of quiet contemplation for me (and quiet desperation for my mother). As I think about the past year and the progress I've made (things are looking good for my long-term goal of spending my old age miserable and alone), I keep thinking of change and how people and things advance. The past year has shown much progress. Women have rejected me, technology products have been launched, iPhones were purchased and even the world of financial crime has not been silent. The Rock Phish group is a phishing gang believed to be based out of Russia -- and, by some accounts, is responsible for roughly 50% of phishing attacks by volume...
RSA Conference 2008 - A Week to Remember
2008-04-17 02:00:00 I have been attending RSA Conference s since early this decade. The U.S. version of the Conference has been around since 1991 and it's grown from 50 attendees (all cryptologists) to around 17,000 participants annually from the private and public sectors including security professionals, business executives, lawyers, academics, privacy advocates, regulators, and journalists. For the first-time attendee it can be absolutely overwhelming because there are so many speakers, so many issues, so many events during the week, and if you go to the show floor, literally hundreds of organizations showing their wares. Well, being a veteran RSA Conference attendee, I thought I was ready for another busy but ultimately manageable week despite the multiple commitments and responsibilities that I had to balance. Well, that theory was turned on its head, starting on Sunday... More About: Week , 2008
Speaking of Security Podcast #100!
2008-04-16 02:00:00 The Challenges of Identity Assurance with Marc Gaffan In Speaking of Security 's blockbuster 100th security podcast we talk to Marc Gaffan, Director Product Marketing, about Identity Assurance and its importance to enterprise-level security and compliance. More About: Podcast
Your Suggestions to Transform Security from a Roadblock to a Catalyst for B
2008-04-09 02:00:00 Yesterday at the RSA Conference Art Coviello addressed how security fears have stifled innovation at organizations large and small around the world. IDG Research reports that 80 percent of IT, security, and business executives surveyed admit that their organizations have shied away from business innovation opportunities because of information security concerns. RSA is committed to countering this trend by starting an industry-wide conversation about smart ways to manage information risk. As we mentioned in yesterday's blog posting, we were able to pick the brains of 10 top security executives from global enterprises in a variety of industries and get THEIR suggestions. But we'd like to hear from you... More About: Security , Catalyst
Secretary Michael Chertoff, Department of Homeland Security to Speak at RSA
2008-04-08 10:00:00 His keynote will begin at 11:30 AM. Let us know if you're going to be there and leave us your impressions. More About: Security , Department , Michael , Homeland Security , Speak
Art Coviello on "Thinking Security"
2008-04-08 02:00:00 This morning at Art Coviello, Executive Vice President, EMC Corporation and President, RSA, The Security Division of EMC, gave his yearly keynote at the RSA Conference in San Francisco. Art uses this venue each year to present a "state of the industry"--reviewing major security developments--and to share his ideas on where security is going in the coming year. Here is a transcript of the talk: http://www.rsa.com/innovation/docs/coviel lokeynote2008.pdf It's a good read, with a lot of interesting insights... More About: Thinking
Speaking of Security Podcast #99
2008-03-31 02:00:00 Click here to download/listen (11:15). Part 2: Paul Joyal speaks with award-winning USA Today journalists, Byron Acohido and Jon Swartz. They are the co-authors of Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity, which is scheduled for an April 2008 release. Byron and Jon talk about the inspiration for their book and more in part two of this two-part interview. See Byron, Jon and Paul next week at the RSA® Conference 2008, registrations are still being accepted! More About: Security , Podcast , Speaking
The New Wave In Virtual Private Network Authentication
2008-03-28 01:00:00 While RSA, The Security Division of EMC has evolved into a broad organization focusing on Information-Centric Security through Information Risk Management, securing Virtual Private Network s (VPNs) is still a significant portion of our business. The main use case for RSA SecurID, in its various forms, continues to be supporting the needs of the mobile workforce. As organizations mature, they are now extending beyond the VPN power user to additional (and often very large) populations ... More About: New Wave , Authentication
Speaking of Security Podcast #98
2008-03-24 01:00:00 Click here to download/listen (10:35). Paul Joyal speaks with award-winning USA Today journalists, Byron Acohido and Jon Swartz. They are the co-authors of Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity, which is scheduled for an April 2008 release. Byron and Jon talk about the inspiration for their book, the state of cybercrime, and more in part one of this two-part interview. Tune in next week for part two! More About: Security , Podcast , Speaking
Bush Administration to set up national cyber security center; taps Silicon
2008-03-20 01:00:00 Another announcement related to the Bush Administration 's Cyber Security Initiative is expected in the next day or so and it is likely that an entrepreneur from Silicon Valley will head a new interagency group that will coordinate cyber defenses across the federal government. As reported today by Brian Krebs of the Washington Post, "...Sources in the government contracting community said that the White House is expected to announce as early as today the selection of Rod A. Beckstrom as a top level adviser to be based in the Department of Homeland Security." View Krebs' entire article. The Bush Administration has been ratcheting up its focus on information security over the past year, but is starting to roll out its cyber security initiative... More About: National , Bush administration
Speaking of Security Podcast #97
2008-03-17 01:00:00 Click here to download/listen (04:13). Tim Mather, Chief Security Strategist for RSA Conferences, talks about the role of the Chief Security Officer and how that role might evolve in the years to come. RSA® Conference 2008 is where you can hear more from leading information security professionals at the world's largest industry conference and expo when it comes to San Francisco, CA, April 7-11. For a free RSA Conference 2008 Expo Pass, courtesy of RSA, The Security Division of EMC, email podcast@rsa.com with your request before April 4 and we'll send you a special registration code. More About: Podcast , Speaking
Speaking of Security Podcast #96
2008-03-10 01:00:00 Click here to download/listen (06:01). What's the Buzz? RSA® Conference 2008 is the world's largest information security industry conference and expo and it comes to San Francisco, CA, April 7-11. Paul Joyal talks to Sandra Toms LaPedis, Area Vice President and General Manager of RSA Conferences, about what makes this event so special and what's new for this year's attendees. AND for a free RSA Conference 2008 Expo Pass, courtesy of RSA, The Security Division of EMC, email podcast@rsa.com with your request before April 4 and we'll send you a special registration code. More About: Podcast , Speaking
Speaking of Security Podcast #91
2008-03-05 01:00:00 New Developments in Online Fraud with Joram Borenstein In Speaking of Security 's newest video podcast we talk to Joram Borenstein, Senior Product Manager, about the latest strategies of online fraudsters. More About: Podcast
Speaking of Security Podcast #94
2008-02-25 01:00:00 Click here to download/listen (07:52). RSA, The Security Division of EMC, RSA is pleased to invite you to our first global technical user conference hosted at EMC World 2008 in Las Vegas, May 19-22, 2008. RSA Xchange brings together a rich community of like-minded security professionals with an interest in learning from each other, partners and RSA product and engineering experts. Cathy Long joins Paul Joyal to talk about this new and unique opportunity. More About: Podcast , Speaking
Speaking of Security Podcast #93
2008-02-11 01:00:00 Click here to download/listen (07:54). UPEK® Inc., a leading brand of secure biometric fingerprint solutions, recently announced a joint technology solution combining the convenience and security of biometrics in millions of existing notebook computers with the market-leading strong authentication solution from RSA. Matt Buckley talks with Brian DeGonia from UPEK about this solution. Please note, we'll be taking a short winter break next week in honor of President's Day - but watch for our next episode on February 25. More About: Security , Podcast , Speaking
Speaking of Security Podcast #92
2008-02-05 01:00:00 RSA Channel Strategy with Joe Gabriel In Speaking of Security 's second video podcast we talk to Joe Gabriel, Manager, Channel Marketing, about RSA's strategy for channel enablement. More About: Podcast
Borderline Security
2008-01-29 01:00:00 The U.S. Passport card or PASS (People Access Security Service) card, a new travel document, is slated for issue by the federal government in the spring of this year. A poor cousin to the standard passport, it's more compact and less expensive, but valid only at land and sea points of border entry into the United States, not for air travel. The PASS card emerged as part of the Western Hemisphere Travel Initiative (WHTI), which phases out drivers' licenses as border-crossing documents for the U.S. I've heard two starkly contrasting opinions on the security of the PASS card...
Speaking of Security Podcast #91
2008-01-28 01:00:00 Click here to download/listen (07:55).Speaking of Security Blogger Sean Kline talks with Paul Joyal about his top 5 intriguing ideas for authentication for 2008. More About: Podcast
How to fraudulently elect a president
2008-01-23 01:00:00 As most know, the United States is in the midst of primary elections for presidential candidates. I live in New Hampshire, so woke at around 5:00am a couple of Tuesdays ago eager to participate in the democratic process (I went early because I had a flight the same day to Germany...more on that later). After getting to the front of the line, the pleasant elderly volunteer proceeded to authenticate me so that I could vote. The authentication method she used was name and address. She had a three ring binder with everyone's name printed in an easily readable large font size. The only problem was that she exposed the credential type, the name and the address for me to misuse as I pleased! Now I know that I am not the first to bring this up or write about it. Even so, it boggles my mind that after having to go to the Supreme Court the last time we went through this exercise to select our president, we would not take more care with the voting process... More About: President
Speaking of Security Podcast #90
2008-01-21 01:00:00 Click here to download/listen (08:52). Matt Buckley interviews Jon Oltsik, Senior Analyst, Enterprise Strategy Group, about his paper and thoughts on an information-centric security architecture. More About: Security , Podcast , Speaking
Speaking of Security Podcast #89
2008-01-14 01:00:00 Click here to listen/download (09:40).Speaking of Security Blogger Shannon Kellogg talks with Matt Buckley about the state of information security from a Washington, D.C. point of view. More About: Podcast
Speaking of Security Podcast #88
2008-01-07 01:00:00 Please Install Flash 8 or higher // Welcome to a new year of RSA's Speaking of Security Podcast . Today we introduce our first Video Podcast! This week RSA Compliance Specialist, Dave Howell, offers his view on the future of the Payment Card Industry Data Security Standard and the evolution of online fraud.
Speaking of Security Podcast #87
2007-12-19 01:00:00 Click here to listen/download (11:15).This is our final broadcast for 2007. This week's topic is Information Risk Management, an information-centric strategy that provides the most effective means of recognizing, assessing and mitigating the risk that information is exposed to throughout its lifecycle. Hear from a recent RSA Web Seminar conducted in collaboration with TowerGroup, on how financial institutions can leverage a sound IRM strategy. A companion white paper on the subject is also available. More About: Security , Podcast , Speaking
Federal Information Security and Management Act -- Five Years On
2007-12-18 03:00:00 An anniversary recently passed amid a heightened focus in Washington, D.C. on the status of federal information security: the Federal Information Security and Management Act (FISMA) just completed its fifth year on the books as a federal law. As the follow up to the Government Information Security Act of 2000, FISMA established an updated legal framework for federal information security, including baseline security standards for federal agencies. I remember that the information security community was excited about FISMA and its promise. So, what's the verdict five years later? In my opinion it's a mixed bag. On one hand, FISMA has arguably increased awareness of, and focus on, federal information security... More About: Years
She could totally be mine...
2007-12-18 01:00:00 I was sitting with my friend R. in a bar. My friend was completely ignoring me (a rather stimulating treatise on how my failure with women is caused by millions of years of human evolution. I've entitled this thesis "Nature or nurture, culture or genes: Pick any one -- or all of the above"), and was focusing on a girl on the other side of the bar. "She could be your daughter," I told R. He continued ignoring me, and said, "She could totally be mine..." "Perhaps, but she won't," I said. "You're 38, you have a girlfriend and you were telling me the other day you were thinking of proposing to her."... More About: Mine , Be Mine
In response to "Soft tokens aren't tokens at all"
2007-12-11 01:00:00 This blog entry is in response to this post in the Securology blog. You raise some interesting points on which I would like to comment. First, RSA believes that there are always tradeoffs between strength of security, cost and ease of use. The key (no pun intended) is matching the right means of authentication to the right level of risk. This is why we have such a broad range of authentication types and form factors. To some of your specific points, RSA SecurID hardware and software authenticators are both forms of multi-factor authentication. In the case of hardware authenticators, they are based on something you have (the physical authenticator) and something you know (your password or Personal Identification Number). Soft ware authenticators work the same way depending on the form factor and can include other factors.... More About: Tokens , Token , Response
Speaking of Security Podcast #86
More articles from this author:2007-12-10 18:00:00 Click here to listen/download (08:39). This week Paul Joyal speaks with Tom Corn, Vice President of Data Security Products for RSA, about Data Loss/Leakage Prevention (DLP) and RSA's approach to the issue along with how it differs from other players. More About: Podcast , Speaking 1, 2, 3, 4, 5, 6, 7 |
|
