All Blog Posts (1,012)

Why are cybercrimes NOT always white-collar crimes?

A generic definition of a crime would be an act that is in violation of the applicable laws. A crime / criminal offense may essentially hurt an individual or the community (city or a nation) at large. This concept has now been taken to the next level with rising popularity of cybercrimes. In recent years, there are several analyst reports on the increasing trends of cybercrimes. Of late; several interchangeable terms for cyber crimes such as, computer crime, cyber fraud, internet crime,…

Continue

Added by Dhananjay Rokde on June 18, 2013 at 10:00am — No Comments

Proactive Security Management - “The next BIG focus“

IT Trends and challenges:

World is becoming Instrumental, Interconnected and Intelligent. IT security teams in enterprises are faced with rapidly mutating threats at every possible point of entry. This is fuelled by the fast evolution of threat landscape and sea of changes in network and security architecture.

  • Changing network paradigm
  • Network has taken center stage – Wired or wire-free
  • Excitement starts from data center
  • BIG data – A true…
Continue

Added by Sharat AIRANI on June 16, 2013 at 5:00pm — No Comments

Disaster Recovery and Business Continuity Management

Today enterprises live in a world where natural or man made disasters can crumble a business to its knees. It is therefore critically important for these enterprises to recognise the fact that disasters are real and happen and it is essential they have a structured programme to protect the information from external and internal threats and disasters.

Common Disasters:

 …

Continue

Added by Ram Mohan C on June 6, 2013 at 12:00pm — 1 Comment

How to write a great article in less than 30 mins + Post Ideas

We all face difficulties in expressing our thoughts. Here are a few pointers which will help a person to write great articles in just 30 mins.

Step 1: Define the headline

When you write the articles ask yourself 3 questions:

  1. Are you saying something new?
  2. Are you saying something old but in a new way?
  3. Are you saying something which will help others to save time, money or effort?

If any…

Continue

Added by CISO Platform on June 5, 2013 at 5:30pm — No Comments

5 easy ways to build your personal brand !

How important is your personal brand in professional success?

Nobody can deny that personal reputation is critical in the path of professional success. Definitely the most important factor is "who you are?" but it is equally important "how others perceive you?".

In today's world due to online tools it is lot easier to build your personal brand. Here are the top steps:

 

Step 1:…

Continue

Added by CISO Platform on June 4, 2013 at 12:00pm — No Comments

How would you describe the CISO role on Twitter?

At a recent industry event discussing security, a question was rasised as to who needs to take ownership of security issues, the comment was made that it needs to be "someone senior enough to care, but junior enough to know what they are talking about"

This summarises a major issue in the cyber security industry. Security is a deeply complex issue, balancing threat, risk, business objectives, technology, process and people.

Senior business people tend to know about…

Continue

Added by Colin Robbins on May 29, 2013 at 3:00pm — 2 Comments

CISO is an acronym for Chief INFORMATION security officer not Chief INFORMATION TECHNOLOGY security officer

It disappoints me to see the huge focus on technology Not a criticism of the site or the people posting but a reflection of the, misguided, view that information is "owned" by technology because they are the people providing the mechanisms to process information. It's a bit like saying BMW are responsible if you have an accident driving a car that you bought from them!



I would like to see a move from technology solutions to information risk solutions which embrace all aspects of…

Continue

Added by Mike usher on May 24, 2013 at 3:30pm — No Comments

Vulnerabilities in Security Products increasing at 37% CAGR !

We use security products to secure our systems and our businesses. However, the very security products we use, can themselves have vulnerabilities which can leave us susceptible to attacks. We conducted a study recently to understand the vulnerability trends in security products.Read further to know more on what we discovered this time around.

How was the research conducted?

We started off with some survey on the internet to find something closely related to…

Continue

Added by bikash on May 24, 2013 at 1:00pm — No Comments

CISO Mantra on Data Sanitization

This is a fundamental principle of the data privacy jurisprudence that the organization cannot disclose personal information without having prior consent of the data subject unless it is required by law. Global data privacy laws imbibed this principle, and require the organizations, having data subject’s consent, to implement tools and techniques those assist in minimum disclosure of information only on need to know basis. Compliance with such global data privacy laws is significant for both…

Continue

Added by Rakshit Dhamija on May 23, 2013 at 7:30pm — No Comments

CISO Platform to acquire the rights of “Top 100 CISO Award”

 
CISO Platform today announces the initiative to acquire the rights of “Top 100 CISO Award”.  Top 100 CISO Award is the industry’s premier award to recognize the top Chief Information Security Officers and IT Security Professionals.
 
“Top 100 CISO Awards strategically fits the vision of CISO Platform to help top IT Security professionals to position themselves as a thought leader, network, share and learn from the industry peers. We are excited to build…
Continue

Added by CISO Platform on May 20, 2013 at 11:00am — 1 Comment

Phishers Target Social Media, Are you the Victim?

Social Media has been the buzz word recently. While I am writing this post, there are more than 500 million active users accessing Facebook and 50% of active users log on to Facebook at least once a day from their office, home , coffee-shop , school, or while on the move. Today most of the…

Continue

Added by Jaykishan Nirmal on May 17, 2013 at 1:00pm — No Comments

Should Organizations be concerned about Open Source Software Compliance?

Gone are the days when Open Source software (OSS) was only being used in educational institutions like universities, research organizations etc. Today most organizations use open source for a variety of reasons such as accelerating time-to-Market, reducing cost of development, dynamic integration etc. There are many software development organizations that work closely with their customers to determine open source strategy before making them a part of product / application development. By…

Continue

Added by Jaykishan Nirmal on May 17, 2013 at 1:00pm — 1 Comment

Announcing CISO Handbook: A Call to Authors

Why do we need a CISO Handbook?

  • There is no single consolidated source of comprehensive and precise operational knowledge that a CISO would need.
  • CISOs need to browse through a sea of information to find what is relevant to them.
  • CISOs  feel the need to have more insights from their peers, and learn from each others experiences.

Vision of the CISO…

Continue

Added by CISO Platform on May 17, 2013 at 1:00am — No Comments

NIST and Web Application Security:Is Your Organization Really Considering All of the Risks in the Enterprise?

Writing not only functional but secure applications is not a new concept or idea that has taken the Industry by storm. However, many Government and Commercial Organizations are still not adhering to or requiring their Organizations to adopt, implement, and build in security into the Systems Development Life Cycle process. Instead, Organizations are continuing to focus on the functional aspects of software, only to be surprised when a weakness or vulnerability in the…

Continue

Added by Mark Wireman on May 16, 2013 at 7:00pm — No Comments

7 Key Lessons from the LinkedIn Breach

You must have heard about recent breach at LinkedIn, which led to exposure of 6.5 million hashed passwords available for download at hacker site. Many of such passwords were decoded and published on an un-authorized website. Feds are involved in investigation to find out possible perpetrator(s) behind this criminal activity but I see there are certain takeaways from this incident and probably which would make us better prepared for possible future breaches.…

Continue

Added by Jaykishan Nirmal on May 16, 2013 at 1:30pm — No Comments

Tackling the Cyber Security challenges faced by SMEs

There is a common misconception that cyber criminals and hacktivists only target large enterprises to reap a bumper. The reality is actually very different, recently published surveys reveal that

  • 84% of Small and Medium Businesses had a security breach in the last year
  • 48% of them suffered staff related (internal employees) breaches

What is evident from these reports are that SMEs are spending less time on assessing and understanding their security…

Continue

Added by Satish Narayanan on May 16, 2013 at 11:30am — No Comments

Risk of Residual passwords

Our dependence on E-services has increased tremendously. All such services have the usernames and Passwords. This is main gateway for entry in to systems. Apart from that, transactional passwords. Even the password with secured and digital certified access portal. Portal was accessed by only the browsers. when we log in for the first time, browsers have an option to save passwords.Due to lack of awareness of the security implications users intend to say 'Yes' to save the password. One simple…

Continue

Added by TAMILVEL NATARAJAN on May 16, 2013 at 10:30am — No Comments

Top 5 Emerging Application Security Technology Trends

 1.    Run Time Application Security Protection (RASP)

Today applications mostly rely on external protection like IPS (Intrusion Prevention Systems), WAF (Web Application Firewall)etc and there is a great scope for a lot of these security features being built into the application so that it can protect itself during run time.

RASP is an integral part of an application run time environment and can be implemented as an extension of the…

Continue

Added by bikash on May 14, 2013 at 6:30pm — No Comments

How to choose your Security / Penetration Testing Vendor?

 

A common question is why should we get a third party penetration testing company? Why not choose a team from your current technical group to handle the network security test? For one, security audits like traditional financial audits are better done by outside companies with no bias and partiality to anyone or anything within your organization. Another reason to hire a security testing company is that one may find it difficult to hire and retain Penetration…

Continue

Added by bikash on May 14, 2013 at 6:00pm — No Comments

SAST vs DAST: How should you choose ?

What is SAST?

SAST or Static Application Security Testing is the process of testing the source code, binary or byte code of an application. In SAST you do not need a running system.

 

What is DAST?

DAST or Dynamic Application Security Testing is the process of testing an application during its running state.  In…

Continue

Added by bikash on May 14, 2013 at 4:00pm — No Comments

Monthly Archives

2019

2018

2017

2016

2015

2014

2013

2012

1999

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service