Security Management Strategies for the CIO
Email Alerts
-
Using SIM for threat monitoring
From a security perspective, it is challenging to keep ahead of the constantly evolving enterprise threat landscape. Security information and event management (SIEM) systems, however, can be a vital component of an enterprise’s threat mitigation arse... partOfGuideSeries
-
Quiz: Potential pitfalls in DNSSEC deployments
Test your knowledge of DNSSEC deployments in this five-question quiz. Quiz
-
Spotlight article: Domain 9, Physical Security
Information security depends on the security and management of the physical space in which computer systems operate. Domain 9 of the Common Body of Knowledge addresses the challenges of securing the physical space, its systems and the people who work... Security School
-
Endpoint Security
Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network. chapter excerpt
-
Business continuity planning standards and guidelines
An excerpt from Chapter 1: Contingency and Continuity Planning of "Business Continuity and Disaster Recovery for InfoSec Managers," by John W. Rittinghouse and James F. Ransome. Book Chapter
-
Privacy Breach Impact Calculator
How much would a customer privacy breach impact your business? This calculator by information security and privacy expert Rebecca Herold, CISSP, CISM, provides an example of some of the items an organization should consider when estimating the potent... Privacy Breach Impact Cal
-
Incident response process brings ROI and peace of mind
In this excerpt of Chapter 2 from ISACA's Cybercrime: Incident Response and Digital Forensics, author Robert Schperberg looks at the benefits of instituting an incident response process. Reprint
-
Lesson/Domain 7 -- Security School: Training for CISSP Certification
Security School webcasts are focused on CISSP training. Each lesson corresponds to a specific domain in the CISSP exam's "Common Body of Knowledge." School
-
Summer security quiz: Are you ready to go on vacation?
Take this short quiz to find out if you're really ready for the worst-case scenario. Quiz
-
Incident response policies and procedures
Learn how policies and procedures fit in incident response. Reprint
-
Targeted attackers often gain upper hand once inside, says Trend Micro
Once inside, skilled attackers can scout for exploitable flaws and set up private communication channels to support cyberespionage campaigns. News | 25 Sep 2012
-
Black Hat 2012: MITRE to detail STIX cyberthreat intelligence system
Sean Barnum of MITRE will describe Structured Threat Information eXpression (STIX), a new cyberthreat intelligence system for incident response teams. News | 23 Jul 2012
-
Shared philosophy aids FBI agent’s move to security startup CrowdStrike
Attackers are already in the network, so if companies aren’t monitoring activity, they’re not doing enough, said Shawn Henry of CrowdStrike. News | 23 Apr 2012
-
Industry is doomed by automation, misguided IT security strategy, experts warn
Blunt experts at InfoSec World said enterprise IT security strategy often misses the mark, but some attendees suggested the experts are out of touch. News | 04 Apr 2012
-
SIEM vendors make the case for extending SIEM product capabilities
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions. News | 01 Apr 2011
-
State CISOs lack authority to manage risks across agencies
Study finds the need for more oversight of state agencies and recommends new laws that hold agencies and third-party service providers accountable for their security programs. Article | 27 Sep 2010
-
Companies urged to share data breach information
Sharing breach data with law enforcement is necessary for fighting sophisticated online criminals, panelists say. Article | 03 Mar 2010
-
Enterprise botnets contain thousands of malware variants
Smaller and contained on company networks, enterprise botnets pose a greater danger because they are difficult to detect and remove, according to new research. Article | 15 Oct 2009
-
Senators hear call for federal cybersecurity restructuring
Congress is mulling over whether to give more authority on cybersecurity issues to the Department of Homeland Security or create a new office within the White House. Article | 28 Apr 2009
-
Firms muddle security breach response, expert says
Security incident handlers are at the core of the coordination problems during security incidents, says security expert and consultant Lenny Zeltser. Article | 18 Mar 2009
- See More: News on Information Security Incident Response-Detection and Analysis
-
How to comply with updated NIST incident response guidelines
NIST recently updated its incident response guidelines. Find out how to comply with these changes and incorporate them into an incident response plan. Tip
-
Diagram outside firm role early in security incident response process
Expert Nick Lewis provides criteria for selecting outside incident response firms and how to define security incident response process needs early on. Tip
-
Information security intelligence demands network traffic visibility
Use the network and host data at your disposal to create business-focused information security intelligence policies and strategies. Tip
-
How to create a problem management process flow to minimize incidents
Most organizations have an incident response team, but how many have a problem management team? Michael Cobb explains how problem management can prevent incidents. Tip
-
NMAP NSE tutorial: Network asset and vulnerability identification
In this screencast, expert Mike McLaughlin offers an NMAP NSE tutorial for enterprise network asset and vulnerability identification. Tip
-
Enterprise network forensic analysis: Reconstructing a breach
In the aftermath of a breach, what are the first steps security pros should take? Learn how to get started with enterprise network forensic analysis. Tip
-
Evolving IT security threats: Inside Web-based, social engineering attacks
Attackers have mixed a dangerous cocktail of social engineering, Web-based attacks and persistence. Lenny Zeltser explains how your organization can keep from drowning in malware. Tip
-
How to use the free eEye Retina scanner community edition
In this screencast, learn how to use the free community edition of the eEye Retina scanner. Tip
-
Incident response security plans for advanced persistent threat
Dealing with advanced persistent threat (APT) presents unique challenges. Learn how an incident repsonse program can save your enterprise from APT. Tip
-
McAfee update problem: Dealing with bad antivirus DAT files
While buggy antivirus DAT files are the exception rather than the rule, downloading them can cause just as much turmoil as a potential DDoS attack. In this tip from expert Ernie Hayden, learn how to prepare your enterprise network for any sort of maj... Tip
- See More: Tips on Information Security Incident Response-Detection and Analysis
-
Hacking detection: Using a Windows server comparison to find a hack
Find out what tools are the most useful for hacking detection, and if there is a way to conduct a Windows server comparison to find a hack. Ask the Expert
-
Detecting kernel intrusion attacks through network monitoring
Learn how to detect kernel intrusion attacks by monitoring your network closely and thoroughly. Ask the Expert
-
Smart card security: Disable a lost smart card and track with GPS?
Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation. Ask the Expert
-
Disaster recovery and business continuity tabletop exercises
When disaster strikes, will your enterprise be ready? In this security management expert response, David Mortman explains what questions to ask during disaster recovery and business continuity tabletop exercises. Ask the Expert
-
How to talk to executives after a data breach
In the wake of a data breach, how do you know when to talk to executives, and, more importantly, what to say? In this expert response, learn how to talk to executives after a data breach. Ask the Expert
-
A recovery point objective (RPO) vs. a recovery time objective (RTO)
When making business continuity and disaster recovery plans, it's essential to come up with a recovery point objective (RPO) and a recovery time objective (RTO), but what is the difference between the two? Find out more in this expert response. Ask the Expert
-
Data breach notification legislation: What info must be released?
In the wake of a credit card data breach, what customer data breach information must be released per data breach notification legislation? David Mortman addresses the question in this expert response. Ask the Expert
-
After a data breach, are there legal implications of sharing details?
After a data breach, it may be helpful to share the highs and lows of the experience with other companies to help prevent similiar breaches, but what are the legal implications of this? Learn how to share details without breaking the law or your ente... Ask the Expert
-
Boosting morale of the information security staff after a data breach
After a security breach, the morale of the security team can dwindle. Learn how to boost the morale of the information security staff, including strategies for improved security policy. Ask the Expert
-
Will the CERT security incident-response project benefit infosec pros?
Many security professionals lack a management-level understanding of incident response. Expert John Strand gives advice on how CERT security incident-response project can help. Ask the Expert
- See More: Expert Advice on Information Security Incident Response-Detection and Analysis
-
data breach response plan
A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur. Definition
-
incident response
Incident response is an organized approach to addressing and managing the aftermath of a security breach or attack (also known as an incident). The goal is to handle the situation in a way that limits damage and reduces recovery time and costs. An in... Definition
-
Formulate a more effective information security incident response plan
In this Hot Type podcast, author Neal McCarthy discusses how enterprises should create and maintain an information security incident response plan. Hot Type
-
DNSSEC deployments: The top 5 concerns and how to avoid them
A DNSSEC deployment is possibly the best mitigation for cache poisoning attacks. Learn how to avoid the top five concerns in DNSSEC deployments. Podcast
-
File integrity monitoring software benefits for the enterprise
In this video, Spryo Malaspinas offers a primer on file integrity software basics and file integrity monitoring software benefits for enterprises. Video
-
Verizon VERIS: Wade Baker discusses incident sharing
In this video, Wade Baker discusses his company's incident sharing system, Verizon VERIS, and explains how they hope to improve the incident response process. Video
-
Jim Lewis on SCADA security threats, Stuxnet analysis
Jim Lewis, Director and Senior Fellow at the Center for Strategic and International Studies, gives his analysis of the Stuxnet worm, and what he believes are the greatest threats to SCADA systems. Video
-
Incident response team best practices
Do you know how to maximize your incident response management? Expert Lenny Zeltser discuses incident response best practices for policies, maturity and teams in this interivew. Video
-
How to be a Chief Information Security Officer (CISO)
If being a Chief Information Security Officer (CISO) is your dream job, this video is for you. Ernie Hayden, consultant and former CISO, gives advice on the essentials, including how to keep things running smoothly enough that you can take time off. Video
-
Incident response planning
Jack Phillips, managing partner of security research firm, IANS, talks about how companies can prepare to appropriately handle a security incident. Video
-
Security incident response 101
Even the best procedures fail to overcome the stresses in the initial throes of an incident. Security consultant Lenny Zeltser explains how to run a well coordinated response. Video
-
The challenges of incident response plans and procedures
Mandiant's Kevin Mandia reviews his top five incident response challenges. Video
-
How to comply with updated NIST incident response guidelines
NIST recently updated its incident response guidelines. Find out how to comply with these changes and incorporate them into an incident response plan. Tip
-
Targeted attackers often gain upper hand once inside, says Trend Micro
Once inside, skilled attackers can scout for exploitable flaws and set up private communication channels to support cyberespionage campaigns. News
-
Formulate a more effective information security incident response plan
In this Hot Type podcast, author Neal McCarthy discusses how enterprises should create and maintain an information security incident response plan. Hot Type
-
Using SIM for threat monitoring
From a security perspective, it is challenging to keep ahead of the constantly evolving enterprise threat landscape. Security information and event management (SIEM) systems, however, can be a vital component of an enterprise’s threat mitigation arse... partOfGuideSeries
-
Black Hat 2012: MITRE to detail STIX cyberthreat intelligence system
Sean Barnum of MITRE will describe Structured Threat Information eXpression (STIX), a new cyberthreat intelligence system for incident response teams. News
-
data breach response plan
A data breach response plan is a course of action intended to reduce the risk of unauthorized data access and to mitigate the damage caused if a breach does occur. Definition
-
Diagram outside firm role early in security incident response process
Expert Nick Lewis provides criteria for selecting outside incident response firms and how to define security incident response process needs early on. Tip
-
Quiz: Potential pitfalls in DNSSEC deployments
Test your knowledge of DNSSEC deployments in this five-question quiz. Quiz
-
DNSSEC deployments: The top 5 concerns and how to avoid them
A DNSSEC deployment is possibly the best mitigation for cache poisoning attacks. Learn how to avoid the top five concerns in DNSSEC deployments. Podcast
-
Shared philosophy aids FBI agent’s move to security startup CrowdStrike
Attackers are already in the network, so if companies aren’t monitoring activity, they’re not doing enough, said Shawn Henry of CrowdStrike. News
- See More: All on Information Security Incident Response-Detection and Analysis
About Information Security Incident Response-Detection and Analysis
In this security incident response resource, learn what to do after a data security breach and how to handle a stolen laptop or data leakage incident. Get tips on developing an incident response plan, policy and training as well as managing the costs of a data security breach.