Security operations and management

Cybersecurity operations and management are vital to protect enterprises against cyber threats. Learn how to create and manage infosec programs and SOCs, perform incident response and automate security processes. Also read up on security laws and regulations, best practices for CISOs and more.

Top Stories

News 20 Mar 2023
FBI arrests suspected BreachForums owner in New York

The BreachForums arrest occurred days after DC Health Link's data went up for sale on the dark web message board, though the affidavit did not cite the breach in the arrest. Continue Reading
Guest Post 15 Mar 2023
6 principles for building engaged security governance

Security governance isn't enough. Enter engaged security governance -- an ongoing process that aligns business strategy with security across an organization. Continue Reading

News 03 Feb 2017

Experts debate effects of government cybersecurity executive order

A leaked version of a draft of a government cybersecurity executive order from President Trump has experts debating the effects such an order would have. Continue Reading
News 02 Feb 2017

Pentagon hack possible due to bad vulnerability management

A researcher finds unpatched flaws in DOD systems that may have already allowed a Pentagon hack, and the government is doing nothing to remediate the issue. Continue Reading
News 31 Jan 2017

RSA Conference 2017 "not impacted" by Trump's executive order

RSA Conference 2017 hasn't been affected by President Trump's recent executive order, but the travel ban has still send shockwaves through the tech industry. Continue Reading
News 31 Jan 2017

RSAC 2017 Innovation Sandbox highlights top 10 cyber startups

RSAC 2017: Innovation Sandbox competition pits this year's top 10 cybersecurity startups against each other in a bid to win top honors as most innovative. Continue Reading
Conference Coverage 30 Jan 2017

RSA 2017: Special conference coverage

Follow breaking news from the SearchSecurity team at RSA 2017 in San Francisco to learn the latest developments in the information security industry. Continue Reading
News 27 Jan 2017

Americans split on federal government security, encryption attitudes

News roundup: Half of Americans don't trust federal government security. Plus, a Kaspersky Lab manager was arrested; an internal DOD network was found vulnerable; and more. Continue Reading
Tip 26 Jan 2017

When not to renew a vendor contract due to security issues

Opting out of a vendor contract for security reasons can be a tough decision for CISOs. Expert Mike O. Villegas discusses how NASA handled the situation and what CISOs can do. Continue Reading
News 23 Jan 2017

SEC to investigate the Yahoo breach disclosures

The SEC has requested more information for potential cases concerning whether the Yahoo breach disclosures could have come sooner. Continue Reading
News 20 Jan 2017

Future of the federal CISO position in question as Touhill steps down

Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. Continue Reading
Answer 12 Jan 2017

What effect does FITARA have on U.S. government cybersecurity?

FITARA became a law in 2014, but government cybersecurity continues to struggle. Expert Mike O. Villegas discusses the effects of the law. Continue Reading
Podcast 12 Jan 2017

Risk & Repeat: CES Cybersecurity Forum tackles passwords, IoT

In this episode of SearchSecurity's Risk & Repeat podcast, editors highlight the topics discussed at the CES Cybersecurity Forum, as well as new technologies showcased at the event. Continue Reading
Answer 10 Jan 2017

What are the potential pros and cons of a Cyber National Guard?

A congressman proposed adding a Cyber National Guard to the military to protect the U.S. from cyber adversaries. Expert Mike O. Villegas examines the potential drawbacks of this branch. Continue Reading
Security School 10 Jan 2017

Privileged access management and security in the enterprise

This Security School explores the important steps enterprises need to take when managing privileged access accounts to prevent credential abuse and security incidents. Continue Reading
Answer 09 Jan 2017

Are investigations crucial to data breach protection?

SWIFT banking has a team dedicated to data breach investigations. Expert Mike O. Villegas discusses why this is necessary and whether other organizations should follow suit. Continue Reading
Tip 05 Jan 2017

The dangers of using security policy templates in the enterprise

Among other drawbacks, using security policy templates can make compliance audits and breach assessments harder for enterprises. Expert Joseph Granneman explains why they're risky. Continue Reading
Tip 04 Nov 2016

Information security risk management: Understanding the components

An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
Tip 02 Nov 2016

Cloud DDoS protection: What enterprises need to know

DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
Feature 01 Nov 2016

Want a board-level cybersecurity expert? They're hard to find

Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness. Continue Reading
Answer 05 Oct 2016

How would a cyberattack information database affect companies?

A proposed cyberattack information database in the U.K. aims to improve cyberinsurance. Expert Mike Chapple explains what collecting data breach information means for U.S. companies. Continue Reading
Answer 20 Sep 2016

Is settling a data breach lawsuit the best option for enterprises?

In the unfortunate event of a data breach lawsuit, it's often better to settle before the case reaches court. Expert Mike O. Villegas explains why and how CISOs can help. Continue Reading
Answer 19 Sep 2016

Are new cybersecurity products the best investment for enterprises?

Having the latest cybersecurity products isn't always the best way to approach security. Expert Mike O. Villegas explains why and how to deal with pressure to buy new. Continue Reading
Tip 15 Aug 2016

Achieving cybersecurity readiness: What enterprises should know

Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
Feature 14 Jul 2016

Cybersecurity blind spots: Mitigating risks and vulnerabilities

Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge. Continue Reading
Tip 05 Jul 2016

How tabletop exercises can help uncover hidden security risks

A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process. Continue Reading
News 27 Jun 2016

Intel reportedly considering selling its security business

New reports suggest Intel may be looking into selling off its security business, and experts are unclear whether it means Intel's McAfee acquisition has gone sour. Continue Reading
News 17 Jun 2016

FBI facial recognition systems draw criticism over privacy, accuracy

GAO report blasts FBI facial recognition programs over privacy and accuracy concerns; FBI systems offer access to over 411 million photos from federal and state sources. Continue Reading
Tip 17 Jun 2016

How CMMI models compare and map to the COBIT framework

Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another. Continue Reading
Tip 16 May 2016

How encryption legislation could affect enterprises

The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises. Continue Reading
Tip 07 Apr 2016

RSA Conference 2016 draws big crowds, strong encryption

RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap. Continue Reading
Answer 04 Apr 2016

What are the differences between active boards and passive boards?

Both active and passive boards of directors have different approaches to handling cybersecurity within their organizations. Here's how to tell which type you have. Continue Reading
Feature 01 Apr 2016

Information Governance and Security: Protecting and Managing Your Company's Proprietary

In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business. Continue Reading
Feature 01 Apr 2016

Integrated Security Systems Design

In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design efforts. Continue Reading
News 18 Mar 2016

Apple court filing challenges iPhone backdoor as rhetoric heats up

The rhetoric about the iPhone backdoor from Apple and the FBI has gotten more intense as Apple challenged the FBI in court by calling its motion unconstitutional. Continue Reading
Feature 18 Mar 2016

Designing and Building Security Operations center

In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security. Continue Reading
News 02 Mar 2016

Bruce Schneier on IBM grabbing him up with Resilient Systems

Bruce Schneier chats with SearchSecurity during lunch at RSAC about IBM's plans to acquire Resilient Systems to complete their security offering. Continue Reading
Tip 24 Feb 2016

Cybersecurity products: When is it time to change them?

Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools. Continue Reading
Answer 23 Nov 2015

What data breach notification policy should enterprises follow?

A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best practices. Continue Reading
Answer 20 Oct 2015

Why did Anthem resist government vulnerability assessments?

Vulnerability assessments are often a requirement for organizations that have suffered a data breach and the assessors' results can be invaluable to protect a business. Continue Reading
Answer 01 Oct 2015

Should security funds be dedicated to hiring or tools?

Security funds can be tough to come by, so when managers get them should they focus on strengthening security through hiring or through purchasing tools? Continue Reading
Tip 26 Aug 2015

Managed security service providers: Weighing the pros and cons

Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing. Continue Reading
News 10 Jul 2015

Homeland Security chief calls for federal breach reporting law

The Homeland Security head wants federal laws requiring data breach reporting and information sharing, but one expert warns that government officials need better understanding of infosec technology before creating such laws. Continue Reading
Tip 19 Jun 2015

State of the Network study: How security tasks are dominating IT staff

The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it. Continue Reading
News 22 May 2015

Government backdoor security concerns prompt letter to president

As privacy and security concerns rise, President Obama is urged to dismiss the call for government backdoors. Continue Reading
Answer 04 May 2015

The CEO refuses cybersecurity best practices: Now what?

Some executives don't think cybersecurity best practices apply to them. Expert Mike O. Villegas explains how to handle that situation. Continue Reading
News 29 Apr 2015

RSA Conference 2015 recap: Record attendance, record stakes

This year's RSA Conference once again broke the previous year's attendance record. Is the show getting too big for San Francisco? Plus key takeaways and final words from our executive editor. Continue Reading
News 24 Apr 2015

NIST wants help building the one ID proofing system to rule them all

The U.S. government wants to solve the weaknesses in online ID proofing systems, but it needs the help of enterprise and security professionals in order to overcome privacy concerns and other issues. Continue Reading
Answer 20 Mar 2015

How should agencies prepare for federal security scanning?

What do agencies need to consider before going through the Department of Homeland Security's network security scanning? Expert Mike Chapple answers. Continue Reading
Tip 19 Mar 2015

Is the CISO job description getting out of hand?

CISO roles and responsibilities are built on impossible standards and unrealistic expecations. Expert Joseph Granneman explains this trend and why enterprises need to reverse it. Continue Reading
Opinion 02 Mar 2015

Q&A: Marcus Ranum chats with AT&T's CSO Ed Amoroso

There's no shortage of new security technology, but enterprise integration is still a major hang-up, says AT&T's chief of security. Continue Reading
Tip 13 Jan 2015

Lessons learned: Network security implications of Shellshock

Shellshock had a tremendous impact on network security, affecting many popular vendors and products. Expert Kevin Beaver discusses what Shellshock means to network security, and the lessons that can be learned from the vulnerability. Continue Reading
Tip 09 Jan 2015

How to increase the importance of information security in enterprises

Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization. Continue Reading
Video 13 May 2014

NIST cybersecurity framework: Assessing the strengths and weaknesses

Video: Securicon executive consultant Ernie Hayden discusses what the NIST cybersecurity framework got right, and how the document can be improved. Continue Reading
Feature 28 Apr 2014

Digital Forensics Processing and Procedures

In this excerpt from Digital Forensics Processing and Procedures, the authors provide insight on areas that will need to be considered when setting up a forensic laboratory. Continue Reading
Feature 14 Apr 2014

FISMA Compliance Handbook

In this excerpt from chapter 3 of the FISMA Compliance Handbook, author Laura P. Taylor discusses the five methodologies that agencies use as a basis to carry out FISMA compliance. Continue Reading
Tip 15 Aug 2013

Security incident response procedures: When to do a system shutdown

At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown. Continue Reading
Feature 01 Aug 2013

Third-party risk management: Horror stories? You are not alone

The majority of breaches occur as the result of third parties. MacDonnell Ulsch advises companies to safeguard third-party management agreements. Continue Reading
Feature 28 Jan 2013

The Huawei security risk: Factors to consider before buying Chinese IT

Cover story: The U.S. government says Chinese IT giants Huawei and ZTE pose too much risk. But do they? Joel Snyder offers his take. Continue Reading
Tip 25 Sep 2012

Security incident management in the cloud: Tackling the challenges

Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process. Continue Reading
Tip 02 Feb 2011

Digital forensic challenges in a cloud computing environment

Cloud computing creates difficulties for digital forensic investigators. Continue Reading
Answer 03 Feb 2010

Security report template: How to write an executive report

Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear. Continue Reading
Answer 03 Feb 2009

What are the ethical issues when consulting for two competing companies?

Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for handling consulting ethically. Continue Reading
Answer 06 Aug 2008

What vendors would you recommend for software write-blockers?

In a forensics investigation, a software write-blocker can be very helpful. But which vendors offer the best blockers? Security management expert Mike Rothman explains what to look for. Continue Reading
Feature 03 Jul 2008

Information Security Blueprint

Continue Reading
Feature 03 Jul 2008

Results Chain for Information Security and Assurance

Continue Reading
Tip 17 Jan 2008

Your physical security budget: Who pays and how much?

In many organizations, the cost of data center security is a shared expense -- or at least it should be. How much then should you be spending on security and how much of that should be picked up by other business units? Continue Reading
Tip 03 May 2007

Digital forensics tool Helix 'does no harm'

Forensics isn't just for the scientists. This month, contributor Scott Sidel recommends Helix, a digital forensics tool that can do some important detective work on your system. Continue Reading
Tip 25 Oct 2006

Steps in the information security program life cycle

This article from our series on information security governance describes the essential steps to take when developing a security program life cycle. Continue Reading
Answer 02 Jan 2002

The dangers of open port 139

Continue Reading