Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

US and South Korea to Host First Examinations in Global Effort from (ISC)² to Establish Professional Standards for Advanced Cyber Forensics Competency London, UK, June 10, 2013 — (ISC)²® ("ISC-squared"), the world's largest not-for-profit information security professional body and administrators of the CISSP® and CSSLP®, today announced it has developed a new certification, the Certified Cyber Forensics Professional (CCFPSM), as the first global standard for assessing experienced digital forensics professionals' mastery and professionalism. The credential, initially available for the U.S. and South Korea beginning September 25, 2013, is designed to provide digital forensics employers and the legal community with validation that a digital forensics professional can lead digital investigations that yield complete, accurate and reliable results. The CCFP sp... (more)

BigMachines Announces Okta as Platinum Sponsor of BigIdeas 2012

CHICAGO, IL -- (Marketwire) -- 10/08/12 -- BigMachines, the global leader in configuration, pricing and quoting, today announced that Okta, the market leading on-demand identity and access management service, will be a Platinum sponsor of BigIdeas Las Vegas 2012. BigIdeas, the annual BigMachines customer and cloud conference for B2B professionals, will be held on November 11-13, 2012 at the Cosmopolitan of Las Vegas. Okta enables enterprises to accelerate the secure adoption of their web-based applications, both in the cloud and behind the firewall so work gets done from any device, anywhere. With more than 1,500 pre-integrated applications in the Okta Application Network, including BigMachines, and free Microsoft Active Directory integration for a growing number of cloud ISVs and application developers, Okta provides IT centralized user provisioning, access manage... (more)

BIA to Offer Best Practices at LegalTech to Manage the eDiscovery problem of over-collecting data for lawsuits and regulatory matters

NEW YORK, Jan. 23, 2013 /PRNewswire/ -- Gathering more data than needed ("over-collecting" for lawsuits and regulatory matters) is a common problem among companies involved in legal matters.  It is costly, inefficient and complicated. Over-collecting happens when companies respond to eDiscovery requests by capturing too much data, including imaging full systems and whole hard drives, collecting non-relevant files and identifying ancillary systems. This data must then be reviewed by attorneys at a typical cost of between $2 to $7 per document. Business Intelligence Associates (BIA), an eDiscovery software and services leader and sponsor of the upcoming LegalTech tradeshow (January 29-31 at the Hilton New York), will provide solutions to minimize over-collection and reduce related liability, at Booth 1301 during the conference. "As we work with clients to implement m... (more)

DocWallet -- The secure documents manager for iPad and PC

BONN, Germany, Feb. 24, 2013 /PRNewswire/ -- DocWallet is the name of Deutsche Post's solution for anyone requiring extra document security when using mobile devices. Word of the system's reliability and user-friendliness has already spread throughout the world. In the first five weeks since its release the app recorded just under 30,000 downloads. Increasing demand is being seen, especially in the US. What's the reason for DocWallet's rapid success? DocWallet is a user-specific electronic document map for iPad and Windows PCs. Document confidentiality is ensured via end-to-end document encryption (AES/RSA) using dedicated DocWallet servers in Germany. Data is also encrypted when synchronising with your PC. These files can be viewed on authorized devices only. Tablets and smartphones have become a permanent fixture of everyday work and private life. The iPad in par... (more)

UANI Continues Social Media Campaign, Calls on Twitter to Suspend Ayatollah Khamenei’s Account

On Wednesday, United Against Nuclear Iran (UANI) continued its Social Media Campaign, by calling on Twitter, Inc. to suspend the account of Iranian Supreme Leader Ayatollah Ali Khamenei. The Iranian regime misuses Twitter as a platform to spread hateful content and propaganda, while blocking citizens’ access to the site. Following the fraudulent June 2009 presidential elections in Iran, Twitter was a vital protest tool in what was initially dubbed the “Twitter Revolution.” During the post-election crackdown, however, Iranian authorities blocked access to Twitter and prosecuted a number of protesters for their activities on the site. Iranians that use Twitter today risk arrest, torture and even death, particularly when expressing political views. At the same time, the regime hypocritically operates an account for Khamenei himself, @khamenei_ir, which regularly featur... (more)

‘Art’ or ‘Science’? Security Professionals Split on Which Best Describes Risk-Based Security Management

Tripwire, Inc., a leading global provider of risk-based security and compliance management solutions, sponsored an extensive survey on the state of risk-based security management with the Ponemon Institute. The survey respondents included 749 U.S. and 571 U.K. professionals in the following areas: IT security, IT operations, IT risk management, business operations, compliance/internal audit and enterprise risk management. Respondents were asked: “In your opinion, is information security risk management an ‘art’ or ‘science’?” For the purposes of the survey, ‘art’ was defined as analysis and decision-making based on intuition, expertise and a holistic view of the organization. ‘Science’ refers to risk analysis and decision-making based on objective, quantitative measures. “Business operations and risk managers tend to view risk management as more of an art because th... (more)

Securonix Announces the Release of Data Exfiltration Intelligence; Application Delivers the Industry's First Proactive Detection and Prevention Against Insider and External Data Exfiltration Attacks

LOS ANGELES, CA and SAN FRANCISCO, CA -- (Marketwired) -- 02/25/14 -- Securonix today announced release 4.6 of its Data Exfiltration Intelligence application. The release introduces the industry's first true data exfiltration detection and prevention solution with a "user-centric" threat detection model made up of identity, access, and activity risk factors that are continuously monitored for abnormal or high-risk changes and correlated with any data leak prevention (DLP) events. Data Exfiltration Intelligence, when combined with existing event-centric DLP solutions, enables the automated identification and risk ranking of possible threats within a stream of DLP events. "This is a game-changing capability for traditional event focused DLP, insider threat and data exfiltration programs that lack the full context to detect data exfiltration situations and are being o... (more)

Caterpillar to Participate in the J.P. Morgan Aviation, Transportation and Industrials Conference on March 11; Webcast Available

PEORIA, Ill., March 7, 2014 /PRNewswire/ -- Caterpillar Inc. (NYSE: CAT) Vice President of Finance Services Julie Lagacy and Director of Investor Relations Rich Moore will speak at the J.P. Morgan Aviation, Transportation and Industrials Conference on Tuesday, March 11, 2014. They are scheduled to speak at 4:15 p.m. Eastern Time. The presentation materials will be available on http://www.caterpillar.com/eventscalendar. The event will be webcast in real-time and available to the public at http://jpmorgan.metameetings.com/confbook/aviation14/directlink?ticker=CAT. Listeners should go to the website at least 30 minutes before the live event to register for the event and to download and install any necessary audio software. The webcast will be available for replay for 90 days; no transcripts from the presentation will be made available. About Caterpillar: For nearly 90 ... (more)

INSIDE Secure Leads the Market for Mobile Applications Protection with Industry First Software Secure Element

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, today announced at Cartes America the launch of MatrixSSE, a software secure element for mobile applications including enterprise, entertainment and financial applications. The solution allows mobile applications to securely process and store sensitive data in a hostile mobile environment. It simplifies the integration of security into mobile applications and allows them to defend against malicious attacks. According to the latest McAfee report, Android malware almost tripled between 2012 and 2013(1). Today, attackers can easily gain access to mobile devices and simply steal keys and other secrets from software that uses traditional cryptographic implementations. MatrixSSE solves this problem by securing the execution and storage environment using whitebox cryptography and code ... (more)

OneLogin Raises $13M to Power Expansion

OneLogin, the innovator in enterprise identity management, today announced it has secured a $13 million round of Series B venture capital from lead investor The Social+Capital Partnership alongside returning investor Charles River Ventures. OneLogin will use the funds to continue its expansion in the United States, Europe and Asia-Pacific and to accelerate talent acquisition in these markets. OneLogin provides a modern identity and access management (IAM) solution, which enables enterprises to easily manage employee and external user identities and control their access to applications in the cloud and behind the firewall. OneLogin’s comprehensive turnkey solution includes strong authentication, single sign-on, federation, directory integration, user provisioning and reporting. OneLogin has seen rapid adoption among companies, ranging from fast-growing start-ups li... (more)

Most Powerful Voices in Security

The security community has a growing number of influential and important people, especially as the industry rises to meet the need to address more advanced security threats, such as targeted attacks. But how does a company in the security industry truly identify the influential people? And then once identified, how does one use influential voices to help promote their brand? In this study, we answer the first question - how to identify the most powerful voices in your industry, focusing on the security space, and as part of this we provide you a list of people to follow for the best, most up to date information, and who have the loudest voices to help help carry some of your key messages. In a future study, we will discuss how to further exploit that knowledge to market your brand. As executives in a fast-changing and social world, many of us struggle with the abil... (more)