Information Security

The good, bad and ugly

The good, bad and ugly

While some instances of Stuxnet and Duqu found their way into seemingly unplanned locations, the majority of occurrences were localized to targeted systems.

Company news: ISSA elects a new president

By

Personnel announcements, acquisitions and other news from Information Systems Security Association, Tenable Network Security, PhishMe, eIQnetworks, McAfee and several other companies.

Threat of the month: Anti-virtualization malware

Threat of the month: Anti-virtualization malware

This month's threat of the month is anti-virtualization malware which automatically activates on a system boot-up.

Company News: Personnel announcements from Sophos, PwC, and others

Personnel announcements and M&A activity from Sophos, PwC US, NetSecurity, and others.

Me and my job: David Balcar, Novacoast

Me and my job: David Balcar, Novacoast

David Balcar, security adviser practice manager at Novacoast discusses various aspects of his job.

10 steps toward eliminating insider threats

10 steps toward eliminating insider threats

If there's one threat in information security that's difficult to prevent, it's the insider threat. But there are ways in which your organization can minimize the risks.

Insider threat behavior not just actions: Part two of a series

Insider threat behavior not just actions: Part two of a series

When it comes to insider threats, we often focus on implementing technologies and auditing at the endpoint, but it's the user behavior that we have to get a better grasp of.

Countering insider threats: Part One of a series

Countering insider threats: Part One of a series

There may be no silver bullet to detect or prevent insider threats, but there are sophisticated technological solutions that can help.

Never trust a stranger: Secure social networking

Never trust a stranger: Secure social networking

The personally identifiable information found on social networks are a gateway for hackers to get access to the heart of the information they truly desire.

Centrify for Best Customer Service

Centrify for Best Customer Service

When it comes to customer service in the industry, Centrify believes they're the best, and hope to prove it with a win at the SC Awards.

Axway for Best Email Security Solution

Axway for Best Email Security Solution

Phishing is at an all time high, but Axway believes its email security solution is the answer. They're looking to take home a big award at the upcoming SC Awards.

Lancope for Best Computer Forensic Tool & Best Enterprise Security Solution

Lancope for Best Computer Forensic Tool & Best Enterprise Security Solution

At the upcoming awards show in San Francisco, Lancope hopes to take home a big award.

Porticor for Best Cloud Computing Security

Porticor for Best Cloud Computing Security

At the upcoming 2013 SC Awards US, Porticor hopes to take home the Best Cloud Computing Security award.

Technology to strategy: Today's CISO

Technology to strategy: Today's CISO

By

With breaches grabbing headlines and cash funneling toward infosec budgets, the role of the security executive is shifting from tech and compliance wonk to savvy businessperson.

News briefs: Breaking security news from the Cybersecurity Act to Gauss

News briefs: Breaking security news from the Cybersecurity Act to Gauss

The Cybersecurity Act of 2012 was defeated in the Senate, FinFisher spyware analyzed, nation-state-created espionage malware Gauss, and other breaking security news

Reducing "MAX-TTR" and why it matters to your network

Reducing "MAX-TTR" and why it matters to your network

The status quo can be managed, but it requires a different capital investment profile than the one that most organizations are using today.

Why doesn't your VPN work on the road?

Why doesn't your VPN work on the road?

Connecting to a host of different networks across the country could result in potential security vulnerabilities, but closing security loopholes too often results in slow or blocked connections.

RSA finds phishing led to $687m in worldwide loses

By

Tried-and-true phishing scams continue to win a psychological game with victims, and have hit Canada particularly hard.

Industrial crimeware sets a blistering pace

Industrial crimeware sets a blistering pace

Industrialization is a key factor driving the rate at which criminals are turning to malicious software to make serious money.

Data breach costs LinkedIn up to $1 million

By

LinkedIn's 2Q earnings call reveals that the company spent between $500,000 to $1 million on forensic work surrounding a recent data compromise.

Sponsored Video: Philippe Courtot, chairman and CEO, Qualys

By

SC Magazine catches up with Qualys chairman and CEO, Philippe Courtot, at this year's Black Hat conference in Las Vegas to discuss the challenges industry professionals face today.

Video: Legal guidance for security researchers

By

SC Magazine catches up with Marcia Hofmann, senior staff attorney at the Electronic Frontier Foundation, who provides some legal guidance for researchers in the industry.

Black Hat: Security pros must evolve their defensive strategy

By

Industry professionals must update and continue to adapt their security tactics, according to an expert at this year's Black Hat conference in Las Vegas.

America's privacy and security enforcer

America's privacy and security enforcer

The FTC has made major moves this year in its fight against cyber crime, and if enterprises and organizations aren't careful, they may be facing a team of the agency's investigators.

GRC

GRC

Global companies facing a slew of regional laws, as well as small and midsized companies required to meet regulatory demands, need governance, risk and compliance solutions.

Privacy

Privacy

Companies tout their privacy measures, but ensuring protection requires more than lip service.

The state of SIEM

The state of SIEM

The technology is capable of providing all of the data organizations need for compliance, but managing the log activity to make sense of it can be a challenge.

Virtualization

Virtualization

While cost reductions are a leading factor in the migration to cloud environments, security in virtualized implementations is still a concern.

The insider threat

The insider threat

The theft or misuse of corporate assets and customer data poses challenges, but there are strategies and tools to put in place to help mitigate the possibility.

APTs

APTs

Exposing and defeating cyber criminal campaigns out for financial gain or trade secrets is the challenge of the day, but there are strategies and tools available to help.

Sign up to our newsletters

POLL