Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Lockheed Martin will acquire a privately held Industrial Defender, a provider of cyber security solutions for control systems in the oil and gas, utility and chemical industries.
When it comes to securing a Linux machine, the answer is not installing an antivirus or some other security software. The key lies in hardening the operating system.
At the Cybertech Conference, Lockheed Martin and IBM both announced they would invest in CyberSpark R&D facilities, joining other cybersecurity leaders.
China's Internet suffered a massive breakdown as traffic was routed to an overseas site linked to the banned religious group Falun Gong -- a fiasco a cyber-monitoring group Wednesday blamed on the country's own censors.
Industry-wide cyber attack exercises (CyberRX) will examine broad and segment-specific threats targeting information systems, medical devices and other essential technology resources of the healthcare industry.
Keeping to tradition, SecurityWeek invited security experts to weigh in on New Year's resolutions for improving information security and how organizations can better develop new habits in 2014.
Venafi has launched a new product that the company describes as a mobile device "kill switch" which gives IT security teams the ability to instantly cut off mobile access to applications and networks when suspicious activity is detected.
Please join Trend Micro and SecurityWeek on Thursday, Dec. 5th at Ruth's Chris Steakhouse in Bellevue, WA for an interactive security event with great food and open bar!
Please join Trend Micro and SecurityWeek on Thursday, Dec. 5th at Ruth's Chris Steakhouse in Bellevue, WA for an interactive security event with great food and open bar!
The Department of Defense will require defense contractors to incorporate established information security standards on their unclassified networks and to report cyber-intrusion incidents that result in the loss of unclassified controlled technical information.

FEATURES, INSIGHTS // Security Architecture

rss icon

Joshua Goldfarb's picture
An organization that keeps records of its security incidents should be able to study that data to understand the top ways in which it is generally becoming compromised.
Marcus Ranum's picture
There are two ways to start establishing security metrics. One is what I think of as the “bottom up” approach and the other being “top down”. For best results you might want to try a bit of both.
Marcus Ranum's picture
When you start your metrics program, you'll find that a great deal of information can be gleaned from existing data that gets stored in various places – most likely in your system logs.
Marcus Ranum's picture
There are many important and useful tools related to the metrics landscape; let's take a look at some of them and how they fit together.
Jon-Louis Heimerl's picture
The concepts of defense in depth have been with us for years -- hundreds of years, if not thousands. Maybe we can learn something from those architects of warfare from the Middle Ages?
Danelle Au's picture
Zero Trust advocates for a segmented network, and security built into the architecture rather than an afterthought. It also advocates for some key principles built around the concept of “never trust, always verify”.
Jeff Hudson's picture
Making decisions based on anomalies is predicated by one very important assumption—you must understand what “normal” looks like.
Mark Hatton's picture
Just like football, security is a tough game and not for the faint of heart. There are threats lurking around every corner and it’s when you think you are in the clear that a blindside hit is most likely to happen.
Chris Coleman's picture
The threat intelligence space is early and still evolving and enterprise customers are still learning how best to use and action this intelligence.
Nimmy Reichenberg's picture
A sound network security perimeter architecture requires multiple layers of defense, up-to-date and hardened policies and controls and segmentation.