BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Posts Tagged ‘Compliance’

penny

5 steps to securing the small business (that don’t cost a penny)

For many small businesses there are considerable restraints on both budget and personnel that can make implementing a good security practice feel like an insurmountable challenge. Recent news gives us a constant reminder of the threats we all face from hactivists, electronic espionage, and good old fashioned script kiddies out to cause damage. These threats…

Post by Andy Clark May 1, 2013
Tags:
, , , , , , , , ,
security-people

It’s not about the security, it’s about the people

I’ve said it before and I’ll say it again, I’m a big fan of the Doctor Who series. I was watching a recent episode where they needed to hack into a computer system. The Doctor didn’t think Clara, the current leading lady, could do it because the security was too tight. She replied simply, “It’s…

Post by Jason Silva April 25, 2013
Tags:
, , , , , , , , ,
jpeg blog pic

Die Hard – Windows XP Against the World

Today marks the beginning of a significant year-long event in the worldwide computer industry – a year from today, Microsoft will end support for the Windows XP Operating System. Mainstream support had already ended in 2009  and this new milestone marks the end of security updates on the platform. Are you ready? According to a…

Post by Mike Puterbaugh April 8, 2013
Tags:
, , ,
MandiantAPT1report

Mandiant APT1 report, some unanswered questions.

For the last several years there has been an increasing number of accusations being made against China and its military as being behind the systematic targeting of organizations throughout the world in a sophisticated hacking campaign to steal data and access to further China’s economic, military and social agendas. These accusations come from a mass…

Post by Marc Maiffret February 21, 2013
Tags:
, , , ,
Hiding in plain sight

IT Security’s Best Kept Secret – Hiding in Plain Sight

This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight               There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true….

Post by Mike Puterbaugh January 22, 2013
Tags:
, , , , , ,
img31

CCOs: Let Threat Analyzer do the heavy lifting

In a recent article on Dark Reading, The Compliance Officer’s Dirty Little Secret, the topic of how Chief Compliance Officers (CCO) form their decision making process(es) around compliance was brought to light. One major decision CCOs are responsible for making is whether to pay the fines associated with non-compliance versus the cost of achieving compliance. …

Post by Jerome Diggs June 20, 2012
Tags:
, , , , , , ,
factormythimage-98x98

Don’t believe everything you hear when it comes to security

Our good friend Ellen Messmer, recently published Network World article “13 security myths you’ll hear — but should you believe?”  , which listed common security myths shared and commented on by some of security’s leading experts and practitioners. Working at a security company, I work (and also sit) closely with a stellar team of researchers….

Post by Sarah Lieber March 1, 2012
Tags:
, , , ,
ciso-up-at-night-98x98

5 Things That Keep a CISO up at Night

Recently I had the unique experience to attend a presentation given by the CISO of a major entertainment network which took place at eEye’s annual sales and marketing kickoff.  It was an excellent presentation, where he shared things like his past experiences, how he and his team select security products and which metrics matter most…

Post by Sarah Lieber January 20, 2012
Tags:
, , , , , , , , , ,
pillars

Top VM Reports for Government

In continuing the series on top reports for vertical markets, this blog will focus on reports that help government entities at the state, local, and federal levels. Like any vertical, having reports that are dedicated to the mandates and requirements that matter to the organization are critical. It is not only about which vulnerabilities are…

Post by Morey Haber March 21, 2011
Tags:
, , , ,
img-mobile

Referential Integrity When Performing a Vulnerability Assessment

James Thurber wrote back in 1959, “When all things are equal, translucence in writing is more effective than transparency, just as glow is more revealing than glare.” The critical aspect of his statement is based on equality. When using multiple distributed applications, regardless of technology, having the same version on all the systems is sometimes…

Post by Morey Haber January 25, 2011
Tags:
, ,