Collaborate Disseminate
In RSA’s quest to build out a deeper pool of future Defenders of the Digital Universe I had the pleasure of having Meghan O’Connor as a summer intern on my team. During her exit interview I asked her what she didn’t realize about cybersecurity and fraud prevention prior to her internship and what advice she…
The post My Summer Defending the Digital Universe appeared first on Speaking of Security – The RSA Blog.
By Tim Norris Mobile and Cloud have raised the stakes for security in general and for identity-related security challenges in particular. But while identity-related risk has grown tremendously, in many ways, the risks themselves are ones we’ve long recognized – such as orphaned accounts, segregation of duties (SoD) violations and privileges following users to new…
The post Addressing Identity Risk Factors appeared first on Speaking of Security – The RSA Blog.
In the last couple of weeks, we’ve been talking in this space about the seven steps to building a risk management framework for information, starting with the first step of identifying information that needs to be protected and then going on to the second step, which is determining where that information exists inside your organization…
The post 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—3: ASSESS RISK appeared first on Speaking of Security – The RSA Blog.
Continue reading 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—3: ASSESS RISK
Nowadays, it is common to use machine learning to detect online fraud. In fact, machine learning is everywhere. Due to its independent nature and human-like intelligence qualities, machine learning does, at times, seem like an inexplicable “black box.” But truth be told, machine learning doesn’t have to be like that. Here is what you should…
The post Demystifying the Black Box of Machine Learning appeared first on Speaking of Security – The RSA Blog.
Continue reading Demystifying the Black Box of Machine Learning
Many organizations struggle to staff and maintain security operation teams due to a serious shortage of skilled security analysts. The struggle isn’t just about filling open roles; it is equally hard to drive the needed productivity of the resources already in house to make sure the alert that matters doesn’t go unnoticed. Both new and…
The post Skills Shortage: The Intelligent Application of Force Multipliers appeared first on Speaking of Security – The RSA Blog.
Continue reading Skills Shortage: The Intelligent Application of Force Multipliers
Standing up a complete enterprise Network Operations Center (NOC) in two days is no small feat, but doing so for one of the biggest security conferences – Black Hat 2017 – is truly daunting. But it’s not just setup, it’s also running the NOC and giving tours. Providing unified log management, network capture and dashboarding…
The post Enterprise Network Security at the Black Hat 2017 NOC appeared first on Speaking of Security – The RSA Blog.
Continue reading Enterprise Network Security at the Black Hat 2017 NOC
In our first post on the seven steps to building a GRC-based risk management framework for information, we talked about step 1: identifying information that is important enough to warrant protection. Once you’ve identified information important enough to be protected, within its business context, you can move on to determining whether you actually have any…
The post 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—2: LOCATE DATA appeared first on Speaking of Security – The RSA Blog.
Continue reading 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—2: LOCATE DATA
In 1860, Belgian inventor Jean Joseph Etienne Lenoir created a gas-fired internal combustion engine; it was the first internal combustion engine to be mass-produced in large numbers. The design wasn’t perfect by any means, but it was a large step forward, and countless engineers have continued to iterate on the concept even to this present…
The post Turbocharge your Threat Detection and Response with Endpoint Data appeared first on Speaking of Security – The RSA Blog.
Continue reading Turbocharge your Threat Detection and Response with Endpoint Data
Managing information risk can be a paralyzing challenge, given the amount of data and information that comes pouring in daily. It’s hard to know what information needs to be protected, let alone the most effective way to do it. RSA has developed a practical seven-step methodology for building a risk management framework for information. Derived…
The post 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—1: IDENTIFY INFORMATION appeared first on Speaking of Security – The RSA Blog.
Continue reading 7 STEPS TO A GRC RISK MANAGEMENT FRAMEWORK—1: IDENTIFY INFORMATION
Operational rhythm is the term for the nebulous flow of information between parts of a team that makes it so effective. Who needs what, and when to be successful? In the Black Hat NOC, we have very little time to establish such a rhythm. However, a process for distributing critical information isn’t more important than…
The post Operational Rhythm at the Black Hat 2017 NOC appeared first on Speaking of Security – The RSA Blog.
Continue reading Operational Rhythm at the Black Hat 2017 NOC