Directory —
Technology —
Blog Details for "RSA Security Blog: A Blog for Security Professiona"
RSA Security Blog: A Blog for Security ProfessionaRSA Security Blog: A Blog for Security ProfessionaThe RSA Security Blog, Speaking of Security, features a group of experts, each of whom has knowledge and interest in different areas of the industry: research, developer solutions, engineering and government policy. A Security Blog for anyone seriou Articles
The Security Apartheid: The beginning of the end?
2009-06-09 02:00:00 Security has been notably absent from earlier evolutions in the computing industry. For long, the industry has evolved through two parallel universes: 1) The IT infrastructure universe creating innovative techniques to compute, communicate and store information with little to no security consideration and 2) the IT security universe trying to solve the security problems newly created by IT innovators. More About: Security , The Beginning of the End
Speaking of Security Podcast #150
2009-06-09 02:00:00 Click to Download/Listen This week marks the 150th edition of the Speaking of Security podcast. We discuss the recent release of President Obama's 60- day cyber security review and the creation of a "cyber coordinator" position in his administration. We also have news on the 2009 Gartner Magic Quadrant for Security Information and Event Management. RSA/EMC is positioned in the leader's quadrant for the sixth consecutive year. More About: Podcast
The Security-aware Cloud
2009-06-05 02:00:00 To build security into the IT infrastructure demands much more than secure software. It is also about having the IT infrastructure products deliver intrinsic security value as a core capability of the product and fully integrated in terms of management and enforcement with the other non-security related capabilities of that product. More About: Security , Cloud , Aware
PCI Certified Products???
2009-06-02 02:00:00 Recently, I’ve been receiving inquiries from customers, asking if a certain product is PCI DSS “compliant,” “certified,” or “validated”. More About: Products
Generational Conflict, Security and an "Information Bill of Rights"
2009-06-01 02:00:00 In my college days, I would go into the wonderful old mills of UMass Lowell. I remember seeing signs on the walls that were old and, I suppose, historical pieces. One of them always struck me: it said “no singing, eating or dancing.” More About: Security , Information , Rights , Conflict , Bill of Rights
There Is No Spoon
2009-05-26 02:00:00 Over the last 12 months we’ve been hearing more and more from our customers about Governance, Risk, and Compliance (commonly known under the acronym “GRC”). Sam Curry began to dive into the subject with his blog entry Will the Real GRC Please Stand Up? and did a great job of summarizing the emerging attitudes from some of the market analysts. More About: Spoon
Speaking of Security Podcast #149
2009-05-26 02:00:00 Click to Download/Listen (11:05) This week's Speaking of Security podcast features a discussion on securing personally identifiable information with Jon Oltsik, Principal Analyst for Enterprise Strategy Group. More About: Podcast
Nothing Can Come of Nothing
2009-05-22 02:00:00 Two things amuse me when they are misunderstood in security, and they really are axioms of the industry. Folks involved in security should know and think about these two principles, and part of me is putting this out there in the hope that folks will take issue with this!
Conspiracy Theory
2009-05-20 02:00:00 Don't you just love conspiracy theories? Here's a new one for you. April 21, 2009: F35 Fighter Jet Program Breached The Wall Street Journal reported a data breach in the F35 Joint Strike Fighter Jet program. According to the report, someone allegedly hacked into one of the program's databases – perhaps run by a third party involved in the project – and siphoned off an unknown amount of sensitive information. The breach was apparently in an area connected to the Internet and databases segregated from the Web were not affected. More About: Theory , Conspiracy , Conspiracy Theory
Little Orange Line – Breaking Out of the Zero Sum Security Curve
2009-05-20 02:00:00 I went to Courion’s Converge conference, where they bring their customers together to share wisdom around Identity Management and tips-and-tricks and the like – this is a lot like the early spirit of the EMC World and in fact like many user groups. More About: Security , Orange , Curve , Line , Breaking
Speaking of Security Podcast #148
2009-05-18 02:00:00 Click to Download/Listen (7:15) This week's Speaking of Security podcast features a topical discussion on business continuity planning. Recent global concerns regarding a potential Swine Flu pandemic have organizations looking at possible operational and business disruptions. Sam Curry, VP of Product Management for RSA is our guest. More About: Podcast
A Security Engineering Training Framework
2009-05-12 02:00:00 If there is one topic on which most security practitioners agree, it is the fact that employee training must be part of your organization’s security strategy. More About: Security , Engineering , Training , Framework
Ground-Up SharePoint Governance
2009-05-11 02:00:00 In case you hadn't noticed, SharePoint is everywhere (a bit like pig flu hysteria). It's a great success story for Microsoft, and the release of MOSS 2007 added a ton of features that inspired businesses to either roll out the platform or upgrade. Once SharePoint is made available, there is no turning back... good luck wrestling a site out of the hands of a department that's come to rely on it. More About: Ground , Governance , Sharepoint
Mr. President, it's Time to Make Cyber Security a National Priority
2009-05-11 02:00:00 It is vitally important to national security and economic security that President Barak Obama fulfills a pledge that he made on the campaign trail concerning the security of our nation’s information infrastructure. During the 2008 presidential campaign, Mr. Obama compared cyber security threats with other 21st century national security challenges such as biological and nuclear weapons. He said at the time that he would declare the country’s critical infrastructure a national asset and that he would appoint a cyber advisor that would report directly to him. More About: Security , National , Time , Cyber
Speaking of Security Podcast #147
2009-05-11 02:00:00 Click to Download/Listen (14:00) This week's Speaking of Security podcast presents a lively conversation with Shannon Kellogg, Director of Information Security Policy for EMC's Office of Government Relations on security related activity in Washington, DC. More About: Podcast
Will the Real GRC Please Stand Up?
2009-05-05 02:00:00 Ok – I have to say that I am getting pretty tired of GRC as an abused acronym. This is Governance, Risk and Compliance for the very few of you who haven't had the good fortune to see it actually spelled out; or "Grick" if you haven't had the opportunity of hearing someone pronounce an acronym without a vowel in it. More About: Real , Stand Up , Stand
Remote Access Critical in Contingency Planning
2009-05-04 02:00:00 I have seen an interesting phenomenon in the last 24 hours: a lot of folks are calling and asking for sudden, urgent help with remote access. The cause is apparently related to Swine Flu, but the root cause is both a fear for real people in our companies and a concern about maintaining business functions in a time of doubt, worry and fear. More About: Planning , Access , Remote Access , Remote
What is RSA Anyway?
2009-04-29 02:00:00 At the RSA Conference, I was asked a lot about what we “are” as the security division of EMC. I think I’ve come up with a pretty clean and clear way to answer that in a few simple statements.
Speaking of Security Podcast #146
2009-04-28 02:00:00 Click to Download/Listen (8:37) On this week's podcast, Forrester's Rob Koplowitz talks about the growth of Microsoft SharePoint in enterprises and the importance of putting governance around SharePoint as the platform becomes more strategic to companies. More About: Security , Podcast , Speaking
RSA Answers the Call To Arms
2009-04-27 02:00:00 In Art’s keynote last week at RSA Conference, he made a clear call to the industry. We have to be more organized, more coordinated and more collaborative than either the enemy or than the industry has a history of being. Art had three calls to action: Integrate and Interoperate Create and Adopt Standards Share Technology More About: Answers , Arms , Call
Who is the Man in the Middle?
2009-04-27 02:00:00 So, at RSA Conference, I think I met the actual Man-in-the-Middle . He was pretty tall and was smoking a cigar outside the Moscone center. He was hanging out with a sort of shady-looking guy with a nondescript accent, covered in tattoos. This man was the actual Man-in-the-Browser.
The Goby and the Shrimp
2009-04-23 02:00:00 What if virtualization makes security more effective and eficient? What if virtualization actually reduces the cost of security? The relationship between virtualization and security is indeed symbiotic. It reminds me of the endearing mutualism between the goby fish and the pistol shrimp. More About: Shrimp
What do RSA's Announcements at Conference mean for Europe?
2009-04-23 02:00:00 RSA Conference in San Francisco is unusually “hot” this week. With temperatures reaching record highs outdoors, in the second of my posts from Conference, I thought I’d take shelter inside and consider the announcements delivered by RSA at the show, and specifically my thoughts on their impact for us over in EMEA. More About: Europe
PCI Compliance and Virtualization: Feedback from QSAs
2009-04-22 02:00:00 So the RSA Conference is off to great start. It’s definitely one of my favorite times of the year given the tremendous amount of information security interest and expertise in one place. More About: Virtualization , Feedback , Compliance
RSA Conference 2009: An EMEA Perspective
2009-04-22 02:00:00 Greetings from RSA Conference 2009 in San Francisco. As the only RSA blogger currently based in Europe, I’ve given myself the challenge of trying to use my blog to bring a EMEA perspective to the thoughts, themes and announcements from this year’s show. More About: Perspective
Learning lessons (at RSA Conference) the easy way
2009-04-22 02:00:00 On Monday April 20th, I had the pleasure of speaking at and taking part in two forums: "Harnessing the Power of Digital Identity: 2009 and the Promising Road Ahead" sponsored by Project Concordia and the Liberty Alliance, and the RSA Conference eFraudNetwork Forum. More About: Learning , Easy , Lessons , Easy Way
Why is Risk-Based, Adaptive Authentication so Important in Providing Choice
2009-04-21 02:00:00 Consider two gunslingers – we’ve all seen this one on TV and in the movies. One has his gun drawn, the other has a gun in his holster. Some witty dialog ensues. Eventually, the one with his gun in his holster goes for the draw…and gets shot and dies. More About: Risk , Choice , Authentication
Speaking of Security Podcast #145
2009-04-21 02:00:00 Click to Download/Listen (7:06) The Speaking of Security Podcast is providing extensive coverage of RSA news during RSA Conference week. We will be presenting two podcasts. The first is an overview of all the product and solution announcements made by RSA this week. The second (featured here) is a podcast discussing an addition to the authentcation solution portfolio.
The RSA Share Project: A Software Security Developer Community
2009-04-21 02:00:00 This week, RSA, the Security Division of EMC, launched the RSA Share Project -- an important milestone for those of us interested in advancing the adoption of security practices across the software developer community. According to the press release, the project is “designed to bring world-class security tools within reach of corporate and independent software developers” and “features the launch of a new online community designed to provide support, answers and strategies from security experts as well as no-cost access to technology from RSA”. More About: Software , Community , Developer
The Downfall of Chao: Behind the Scenes of an Online Fraudster's Arrest
More articles from this author:2009-04-20 02:00:00 When Chao was arrested in September 2008, something in the veil of anonymity surrounding cyber crime was lifted. This blog will reveal previously undisclosed information regarding this case. More About: Arrest , Behind The Scenes , Online , Scenes 1, 2, 3, 4, 5, 6, 7 |
