Tips
Tips
-
VM isolation technique considerations for enterprises
VM isolation techniques are good strategies to prevent infections from spreading to the entire cloud environment. Ed Moyle explains what enterprises need to know about isolation. Continue Reading
-
Information security risk management: Understanding the components
An enterprise has to know what risks it is facing. Expert Peter Sullivan explains why an information security risk management plan is crucial for cybersecurity readiness. Continue Reading
-
Cloud DDoS protection: What enterprises need to know
DDoS attacks are a continuing problem, and enterprises should consider using cloud DDoS protection services. Expert Frank Siemons discusses the cloud options. Continue Reading
-
Preventing privilege creep: How to keep access and roles aligned
Privilege creep can result in the abuse of user access and security incidents. Expert Michael Cobb explains how enterprises can keep user roles and privileges aligned. Continue Reading
-
Insider security threats: What CISOs can do to mitigate them
Dealing with insider security threats requires a combination of tactics. Expert Mike O. Villegas discusses the various aspects of insider threat mitigation strategies. Continue Reading
-
Planning for an IPv6 attack: DDoS, neighbor discovery threats and more
An IPv6 DDoS attacks are imminent, and your network security tools may not be configured for it. Expert Michael Cobb explains how enterprises can prepare its defenses. Continue Reading
-
Achieving cybersecurity readiness: What enterprises should know
Enterprises need to be ready to act in the face of security incidents and cyberattacks. Expert Peter Sullivan outlines seven elements of proper cybersecurity readiness. Continue Reading
-
How infosec professionals can improve their careers through writing
Writing can be one of the best ways to establish your reputation as an infosec professional. Expert Joshua Wright of the SANS Institute explains the best ways to do it. Continue Reading
-
Best practices for an information security assessment
Information security assessments can be effective for identifying and fixing issues in your enterprise's policies. Expert Kevin Beaver explains the key components of the process. Continue Reading
-
How tabletop exercises can help uncover hidden security risks
A regular tabletop exercise could help to identify security risks in scenarios relevant to your organization. Expert Bob Wood explains the steps in the process. Continue Reading
-
How CMMI models compare and map to the COBIT framework
Following ISACA's recent acquisition of the CMMI Institute, expert Judith Myerson takes a closer look at COBIT and CMMI models and how they compare to one another. Continue Reading
-
Why signature-based detection isn't enough for enterprises
Signature-based detection and machine learning algorithms identify malicious code and threats. Expert Michael Cobb explains how both techniques defend networks and endpoints. Continue Reading
-
How encryption legislation could affect enterprises
The legal battle between the FBI and Apple brought encryption legislation into the public eye, for better or worse. Expert Mike Chapple discusses the effect of this on enterprises. Continue Reading
-
Breaking down the DROWN attack and SSLv2 vulnerability
A DROWN attack can occur through more than a third of all HTTPS connections. Expert Michael Cobb explains how DROWN enables man-in-the-middle attacks and mitigation steps to take. Continue Reading
-
RSA Conference 2016 draws big crowds, strong encryption
RSA Conference 2016 was a densely-packed affair, with discussions ranging from strong encryption to skills shortage in the industry. Expert Nick Lewis gives a recap. Continue Reading
-
How to protect an origin IP address from attackers
Cloud security providers protect enterprises from DDoS attacks, but attackers can still find the origin IP addresses. Expert Rob Shapland explains why that's a significant threat. Continue Reading
-
What enterprises need to know about Internet traffic blocking
Traffic blocking by Internet carriers has stirred up some controversy in the security industry. Expert Kevin Beaver discusses the pros and cons of blocking network traffic. Continue Reading
-
Cybersecurity products: When is it time to change them?
Enterprises should assess their cybersecurity products to make sure they're as effective as possible. Expert Mike O. Villegas discusses how to evaluate cybersecurity tools. Continue Reading
-
Breaking down the risks of VM escapes
The Xen hypervisor flaw highlighted the risks of VM escapes, but expert Ed Moyle explains why the flaw should serve as a warning for virtual containers as well. Continue Reading
-
Microsoft Device Guard tackles Windows 10 malware
A new Microsoft security feature takes aim at Windows 10 malware. Expert Michael Cobb explains what enterprises should know about Device Guard. Continue Reading
-
Why relying on network perimeter security alone is a failure
A network perimeter security strategy alone can no longer protect enterprises. Expert Paul Henry explains why organizations must adapt. Continue Reading
-
Life after the Safe Harbor agreement: How to stay compliant
Now that the Safe Harbor agreement is invalid, U.S. and EU organizations need to find new ways to securely handle data so they can stay in business. Continue Reading
-
How to manage system logs using the ELK stack tool
Centrally managing system logs is an important practice for enterprise security. Expert Dejan Lukan explains how to set up cloud servers, such as ELK stack, for this purpose. Continue Reading
-
Secure Hash Algorithm-3: How SHA-3 is a next-gen security tool
Expert Michael Cobb details the changes in SHA-3, including how it differs from its predecessors and the additional security it offers, and what steps enterprises should take. Continue Reading
-
How to manage BYOD security policies and stay compliant
The best BYOD security policies help enterprises stay compliant with security and privacy regulations. Here's what BYOD policies should include and how best to manage them. Continue Reading
-
Is a security cloud service your best endpoint defense?
Cloud technologies often have a bad reputation when it comes to security, but that may be unfair. Is the cloud the best answer for securing the endpoints in your enterprise? Continue Reading
-
The malware lifecycle: Knowing when to analyze threats
Not responding to low-level threats can be perilous, yet enterprises can't always examine each issue. Expert Nick Lewis explains when an investigation is imperative. Continue Reading
-
Getting to the bottom of the software vulnerability disclosure debate
The vulnerability disclosure debate rages on: Enterprises should know they are at risk, but vendors need time to patch flaws. Which side should prevail? Expert Michael Cobb discusses. Continue Reading
-
How to perform a forensic acquisition of a virtual machine disk
Virtualization expert Paul Henry provides a step-by-step guide to imaging a virtual machine disk (*flat.vmdk) in a forensically sound manner. Continue Reading
-
Improve corporate data protection with foresight, action
Better corporate data protection demands foresight and concrete action. Learn why breach training, monitoring and early detection capabilities can minimize damage when hackers attack. Continue Reading
-
Managed security service providers: Weighing the pros and cons
Using a managed security service provider can be an appealing option to enterprises, but there are many factors to consider before making the move to outsourcing. Continue Reading
-
PCI DSS 3.1 marks the end of SSL/early TLS encryption for retailers
The early arrival of PCI DSS 3.1 could leave organizations scrambling. The biggest change to the standard -- and the top priority for organizations -- is the end of SSL and early TLS. Continue Reading
-
Certificate authorities are limited but new TLS versions can help
SSL/TLS, long the cornerstone of Web security, has become a security vulnerability due to problems with certificate authorities. Learn what solutions the industry is pursuing. Continue Reading
-
From SSL and early TLS to TLS 1.2: Creating a PCI DSS 3.1 migration plan
PCI DSS 3.1 requires enterprises to deplete SSL and early TLS use by June 30, 2016. Expert Michael Cobb offers advice for putting a migration plan to TLS 1.2 in place. Continue Reading
-
A new trend in cybersecurity regulations could mean tougher compliance
State cybersecurity regulations may mean compliance will get more complicated, and that has experts worried. Learn what's causing this trend and what organizations should prepare for. Continue Reading
-
State of the Network study: How security tasks are dominating IT staff
The majority of networking teams are regularly involved in enterprise security tasks. Expert Kevin Beaver explains the phenomena and how to embrace it. Continue Reading
-
Network anomaly detection: The essential antimalware tool
Traditional perimeter defenses are no longer enough; network anomaly detection tools are now essential in the battle against advanced malware. Continue Reading
-
Understanding and mitigating a FREAK vulnerability attack
After the discovery that the FREAK vulnerability can affect a wide variety of OSes, enterprises should amp up mitigation efforts. Here's some background on the attack and how to stop it. Continue Reading
-
The secrets of proper firewall maintenance and security testing techniques
The Verizon 2015 PCI Compliance Report cited a lack of firewall maintenance and security testing as major causes for compliances breaches. Expert Kevin Beaver offers tips to successfully manage these tasks. Continue Reading
-
Is the CISO job description getting out of hand?
CISO roles and responsibilities are built on impossible standards and unrealistic expecations. Expert Joseph Granneman explains this trend and why enterprises need to reverse it. Continue Reading
-
What Apple Pay tokenization means for PCI DSS compliance
Tokenization is a key technology underlying Apple Pay, promising to boost payment data security. Mike Chapple examines how Apple Pay's tokenization system works, and whether it will provide any PCI DSS compliance relief. Continue Reading
-
SIEM systems: Using analytics to reduce false positives
Combining data from a variety of sources with better analytics can reduce workloads. Continue Reading
-
Final five considerations when evaluating intrusion detection tools
Before making an investment in an intrusion detection and prevention system, be sure to read this list of five final considerations to keep in mind during intrusion detection system evaluation. Continue Reading
-
Introduction to intrusion detection and prevention technologies
Intrusion detection and preventions systems can be critical components to an enterprise's threat management strategy. Learn the history behind the technologies and why they are so important. Continue Reading
-
Evaluating enterprise intrusion detection system vendors
Selecting an intrusion detection and prevention system vendor can be a time-consuming task. Get help evaluating vendors and products with this list of must-ask questions. Plus, a comprehensive vendor list. Continue Reading
-
What the Community Health Systems breach can teach your organization
The Community Health Systems breach in 2014 provided a learning opportunity for organizations handling PHI. Expert Mike Chapple reviews the key takeaways from the breach. Continue Reading
-
Benefits of the Cisco OpenSOC security analytics framework
Cisco's open source security analytics framework aims to help enterprises address visibility and incident management challenges. Expert Kevin Beaver discusses OpenSOC and what to consider when integrating it into an enterprise security strategy. Continue Reading
-
SSL/TLS security: Addressing WinShock, the Schannel vulnerability
Schannel is the latest cryptographic library to encounter SSL/TLS security issues. Expert Michael Cobb discusses the WinShock vulnerability and how to mitigate enterprise risks. Continue Reading
-
How emerging threat intelligence tools affect network security
Up and coming threat intelligence tools aim to improve data security and even standardize threat intelligence across the industry. Expert Kevin Beaver explains how. Continue Reading
-
Getting to know the new GIAC certification: GCCC
The new GIAC certification, GCCC, is not a very specific certification, but it could prove useful in organizations. Expert Joseph Granneman explains why. Continue Reading
-
A CISO's introduction to enterprise data governance strategy
Every enterprise must have a viable strategy for protecting high-value data. See if your plan aligns with Francoise Gilbert's advice on top priorities to consider when defining data governance plans. Continue Reading
-
The POODLE vulnerability and its effect on SSL/TLS security
The POODLE vulnerability was patched in October, yet new vulnerabilities are causing concern. Expert Michael Cobb discusses how to maintain SSL/TLS security in the enterprise. Continue Reading
-
Lessons learned: Network security implications of Shellshock
Shellshock had a tremendous impact on network security, affecting many popular vendors and products. Expert Kevin Beaver discusses what Shellshock means to network security, and the lessons that can be learned from the vulnerability. Continue Reading
-
How to increase the importance of information security in enterprises
Expert Mike Villegas explains how to use the Three C's to emphasize the importance of information security within an organization. Continue Reading
-
What is endpoint security? What benefits does it offer?
The increased number of smartphones, laptops and other endpoints in the enterprise is a major security concern. Learn what endpoint security is and how it can help combat your enterprise security woes. Continue Reading
-
Detecting backdoors: The Apple backdoor that never was?
The debate over the purported Apple backdoor leaves enterprises asking, "When is a backdoor not a backdoor?" Application security expert Michael Cobb explains the difference. Continue Reading
-
Understanding security flaws in IPv6 addressing schemes
Expert Fernando Gont explains why underlying characteristics of IPv6 address-generation schemes may enable nodes to be targeted in IPv6 address-scanning attacks. Continue Reading
-
Inside the four main elements of DLP tools
Security expert Rich Mogull outlines the four elements of a DLP tool: the central management server, network monitoring, storage and endpoint DLP. Continue Reading
-
The 10 questions to ask during a mobile risk assessment
To both embrace the benefits of BYOD and shore up the security gaps created by it, ask these 10 questions when conducting a mobile risk assessment. Continue Reading
-
The three stages of the ISO 31000 risk management process
The ISO 31000 risk management process proposes three stages. Expert Mike Chapple reviews this alternative to the ISO 27001 framework. Continue Reading
-
Evaluating next-gen firewall vendors: Top 11 must-ask questions
Evaluating potential firewall vendors and choosing the one that best aligns with your enterprise's needs can be a tricky task. This tip offers 11 questions any organization should ask vendors prior to making a firewall purchase. Continue Reading
-
FAQ: Were executives held accountable after the Target data breach?
Target Corp. has made major executive changes in the months following its massive 2013 data breach as the company strives to reassure customers and rework digital information security processes. Continue Reading
-
Big data security analytics: Facebook's ThreatData framework
Expert Kevin Beaver explains how enterprises can take a page from Facebook's ThreatData framework security analytics to boost enterprise defense. Continue Reading
-
Are malicious mobile apps a mere inconvenience or a real threat?
How big a security threat are the malicious mobile apps riding into your enterprise on employees' mobile devices? Continue Reading
-
Stop attackers hacking with Metasploit
Metasploit attacks may not be sexy, but they can stab through enterprise defenses. Learn how basic security controls can thwart Metasploit hacking. Continue Reading
-
NSA TAO: What Tailored Access Operations unit means for enterprises
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses. Continue Reading
-
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks. Continue Reading
-
PCI DSS version 3.0: The five most important changes for merchants
PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later. Continue Reading
-
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk. Continue Reading
-
Security incident response procedures: When to do a system shutdown
At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown. Continue Reading
-
Amazon S3 encryption overview: How to secure data in the Amazon cloud
Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings. Continue Reading
-
How to configure a VLAN to achieve the benefits of VLAN security
Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks. Continue Reading
-
BYOD security: How to remotely wipe iPhone and Android devices
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data. Continue Reading
-
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Continue Reading
-
Security incident management in the cloud: Tackling the challenges
Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process. Continue Reading
-
With JOBS Act, Sarbanes-Oxley compliance likely won't get easier
While SMBs may benefit from the JOBS Act, Sarbanes-Oxley compliance for enterprises may remain largely unchanged. Expert Mike Chapple explains why. Continue Reading
-
Examining Kindle Fire security, Silk browser security in the enterprise
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains. Continue Reading
-
SEC disclosure rules: Public company reporting requirements explained
Learn the public company reporting requirements necessary to comply with CF Disclosure Guidance Topic No. 2, the SEC's cybersecurity reporting rules. Continue Reading
-
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons. Continue Reading
-
Securing a multi-tenant environment
Learn some of the key elements for secure multi-tenancy. Continue Reading
-
Identity and access management concepts and predictions to watch in 2011
Forrester's Andras Cser discusses the emerging identity and access management concepts and market predictions enterprises should be prepared for in 2011. Continue Reading
-
Log Parser examples: Using the free log analysis tool
Log analysis is an essential security function for almost all enterprises, and, with Log Parser, much of it can be done for free. Learn how to use Microsoft's free Log Parser in this expert tip. Continue Reading
-
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem. Continue Reading
-
PCI requirement 7: PCI compliance policy for access control procedures
Though PCI DSS is generally prescriptive, when it comes to requirement 7, organizations have more leeway -- and, thus, more potential for error -- than other sections of the standard. Learn how to handle PCI DSS requirement 7 in this expert tip. Continue Reading
-
The hypervisor security patch management process
Enterprises using virtualization must include hypervisor patching in their patch management process. Robbie Higgins explains why. Continue Reading
-
Digital forensic challenges in a cloud computing environment
Cloud computing creates difficulties for digital forensic investigators. Continue Reading
-
Cloud security standards provide assessment guidelines
The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls. Continue Reading
-
ngrep: Learn how to find new malware with ngrep examples
In this video, Peter Giannoulis of the AcademyPro.com uses several ngrep examples to show how to find new malware that antivirus or IPS might not pick up on with this free tool. Continue Reading
-
User provisioning best practices: Access recertification
User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ... Continue Reading
-
Outsourcing data center services: SMB security best practices
Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services. Continue Reading
-
Are you in compliance with the ISO 31000 risk management standard?
The ISO 31000 risk management standard is becoming an important development tool for shaping existing and new programs. Learn if your programs are in compliance with the standard. Continue Reading
-
Data classification best practices in financial services
Data classification is critical in the highly regulated financial industry. Learn key steps for data classification. Continue Reading
-
Self-service user identity management: Pitfalls and processes
While it might seem that self-service user identity management can save time and money, as well as keep information more current, there are a number of potential pitfalls. In this expert tip, Randall Gamby explains how to avoid these issues. Continue Reading
-
PAN truncation and PCI DSS compliance
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis. Continue Reading
-
How to avoid attacks that exploit a Web browser vulnerability
Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities. Continue Reading
-
Your USB port management options
When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options. Continue Reading
-
Enterprise PDF attack prevention best practices
Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics. Continue Reading
-
Performing a security risk analysis to assess acceptable level of risk
No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ... Continue Reading
-
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ... Continue Reading
-
Using Windows software restriction policies to stop executable code
Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network. Continue Reading