When asked to describe the current cyber threat landscape, one of the more balanced and objective answers might be that threats are "hiding in plain sight." Today's advanced cyber threats use applications as their infiltration vector, exhibit application-like evasion tactics, and act as, or
use common network...
Moving to Amazon Web Services (AWS) can offload significant IT resource and cost burdens. However, you can't offload the ultimate responsibility for the security, privacy, and compliance of your data.
This whitepaper delves into an approach to migrate sensitive data into AWS environments while ensuring...
Unix systems face special identity and access management (IAM) challenges.
Read this informative white paper to:
Learn about those issues;
Find out how to overcome them with the right practices and tools;
Enhance security, achieve compliance and improve operational efficiency.
Much of the focus of identity and access management (IAM) is concerned with easy and unobstructed access to a large population of end users with minimal disruption to IT operations. But the forgotten arm of IAM remains privileged account management (PAM).
Read this e-book to:
Discover why PAM can be a prime...
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
A problem federal agencies face in deploying effective continuous monitoring is that there's just too much guidance, former federal chief information security officer Patrick Howard says.
President Obama's fiscal year 2015 budget outlines a set of priorities - a wish list - of programs the administration hopes to pursue, including a federal cyber campus.
Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity, equates the department's continuous diagnostics and mitigation initiative with a medical probe detecting an infection in the human body.
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Because of increasing cyber-attacks against government agencies, the inspector general says it's crucial for the State Department to address the continuing weaknesses in its information security program.
While preparing a speech to be delivered in Korea, NIST's Ron Ross wanted to convey the message of the importance of computer security. He hit on five themes - threat, assets, complexity, integration and trustworthiness - which form the acronym TACIT.
An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.
Jeh Johnson, the new secretary of Homeland Security, is expected to become one of the top advocates of the administration's cybersecurity policy as the White House shifts more IT security responsibilities to DHS.
The White House is intensifying its effort to get federal agencies to adopt continuous monitoring and move away from the paper-based checklist compliance they've followed for a decade under the Federal Information Security Management Act.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.