Multiple Perspectives on Security

Security Journal

Subscribe to Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Articles from Security Journal
The EMV liability shift that began in October 2015 is likely to reduce card present payment card fraud. That’s a double-edged sword for retailers with an online presence and those who accept mobile payments, as fraudsters are seeking easier routes to ill-gotten gain. Add to this the on...
Wow, if you ever wanted to learn about Rugged DevOps (some call it DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps and ...
In his session at 18th Cloud Expo, Sagi Brody, Chief Technology Officer at Webair Internet Development Inc., will focus on real world deployments of DDoS mitigation strategies in every layer of the network. He will give an overview of methods to prevent these attacks and best practices...
trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industr...
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways t...
The IETF draft standard for M2M certificates is a security solution specifically designed for the demanding needs of IoT/M2M applications. In his session at @ThingsExpo, Brian Romansky, VP of Strategic Technology at TrustPoint Innovation, will explain how M2M certificates can effici...
Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming obsolete because an end-user. People...
According to a study the rising number of cloud-specific security attacks are likely to propel the demand for cloud security systems to 20 percent CAGR over the next four years. Adoption of cloud computing services has risen and so have the security risks associated with them. Accordi...
Currently, the preferred method of data protection of cloud giants, such as Google, is to replicate the data across different locations (i.e., data centers), rather than performing a true back up. This is done because a true back up seems logistically too complicated given the amount o...
SYS-CON Events announced today that Interoute, owner-operator of one of Europe's largest networks and a global cloud services platform, has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016 at the Javits Center in New York, New York. Int...
As devices, sensors, objects and people are given digital identities that connect them to the Internet by the billions, the need for security and privacy becomes a critical factor for both market adoption and safety. The 40-year-old security methods we now use on our PCs and networks c...
SYS-CON Events announced today CyberTrend has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, a...
Fail fast, fail often. Yeah, but the first failure blew up the satellite. Well, this is just a photo-sharing app..not rocket science. Okay, but your photos are accessed by users who have passwords that they probably use for other things..and aren't some photos as important as satellite...
Dell SecureWorks is launching Advanced Endpoint Threat Detection (AETD) Red CloakTM, a fully-managed SaaS solution that can slash the time required to detect and respond to cyber-attacks from months or weeks to hours or minutes. Armed with strong threat detection and endpoint monitori...
Symantec Corp. has announced the worldwide availability of Encryption Everywhere, a website security package available through web hosting providers. Encryption Everywhere lets web hosting providers integrate encryption into every website from the moment it is created. With the new web...
Akamai Technologies has opened a new, state-of-the-art data center in Sydney, Australia, as part of its global expansion strategy. Fueled by the increasing sophistication of distributed denial of service (DDoS) attacks, the company’s latest ‘scrubbing center’ leverages a cloud-based ap...
Cryptzone has announced version 2.0 of AppGate XDP, Cryptzone’s dynamic, secure access control platform that dramatically reduces the attack surface for all users across applications and data hosted both on-premises and in the cloud. Traditional security tools like VPNs, firewalls, an...
Believe it or not, the first data backups were made on paper. Dating back as early as the 18th century, the "technology" was used in the form of paper tapes constructed from punch cards to control the functions of automated machinery such as textile looms. The concept of these cards wa...
A key and wide-ranging tech trend that’s affecting enterprises and consumers alike is the Internet of Things (IoT). It’s a development that’s already transforming how we work and live as entrepreneurial minds continue to create use cases for billions of connected things. Transformati...
TCP/IP connectivity starts with a DNS look-up so that Endpoint A, seeking to establish a connection to Endpoint B, can determine B’s IP address. Not knowing when a connection request may be coming, Endpoint B has to continually listen for the arrival of such requests. Not even knowing ...
Deming, the patron saint of DevOps once advised, "It is not necessary to change. Survival is not mandatory." To survive, application development teams are constantly pressured to deliver software even faster. But fast is not enough. The best organizations realize that security, qual...
I was a guest on Scriptrock's podcast series. We discussed cloud security and DevOps. We even talked about my all time favorite album.
DevOps bridges the gap between Development and Operations to accelerate software delivery and increase business agility and time-to-market. With its roots in the Agile movement, DevOps fosters collaboration between teams and streamlines processes, with the goal of breaking silos in ord...
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keepe...
The evolution of cybersecurity as it relates to healthcare in the United States is by most standards in its infancy, but this situation is changing quickly. The industry is scrambling to shore up defenses as cyberattacks and breaches increase. Very few people, if asked twenty years a...
Digital transformation has increased the speed at which organizations must adapt. As they do so, it’s more important than ever to be able to choose solutions that will give them a comprehensive, real-time view of the network. Several factors contribute to this new priority: Root cause...
Hello Barbie™! is an IoT-enabled (Internet of Things) Barbie Doll with blonde hair, blue eyes and a built-in surveillance system. She’s not the first of her kind (and she won’t be the last), but here’s what you should know about bringing it, or any connected device, into your home. Ev...
Shot this late last year for Information Security Buzz. What are five information security new year’s resolutions for improving cyber security in 2016 and why?
The traditional, on-premise computing model has established processes, accreditations, certifications, governance and compliance rules - FISMA, NERC CIP, HIPAA, PCI-DSS, IRS 1075. While the security industry is aggressively addressing the technical security gaps in cloud-driven service...
"Security starts very simply at home when you're on your PC. At DataClear we thought 'How do we make a secure desktop for people and for corporations,'" explained Tony Teora, CEO of DataClear, in this SYS-CON.tv interview at 17th Cloud Expo, held November 3-5, 2015, at the Santa Clara ...
Enterprises can achieve rigorous IT security as well as improved DevOps practices and Cloud economics by taking a new, cloud-native approach to application delivery. Because the attack surface for cloud applications is dramatically different than for highly controlled data centers, a d...
The rise of cloud-based infrastructure was one of the biggest developments in IT during the past few years, and now we are seeing extensive innovations in cloud security as well. More companies are moving their business-critical data away from onsite data centers and into cloud-based i...
You’ve likely experienced alert fatigue at some point in your life. You feel exasperated as your phone pings for what seems like the hundredth time in a day, or your eyes glaze over as a glut of new analytics data rolls in. You feel resigned to the fact that an influx of email could ve...
It’s a given that employee access to corporate systems should be both as secure and simple as possible. However, time-strapped CIOs under pressure from demanding staff and challenged with authenticating users all over the world on multiple devices, have been torn between relying on the...
"We announced CryptoScript, it's a new way of programming a hardware security module, which technically requires standard APIs and very specific knowledge. With CryptoScript we hope to change that a bit," explained Johannes Lintzen, Vice President of Sales at Utimaco, in this SYS-CON.t...
"eFolder does a lot of different things but we protect data and we are focused on protecting data no matter where it resides," explained Carlo Tapia, Product Marketing Manager at eFolder, in this SYS-CON.tv interview at Cloud Expo, held November 3-5, 2015, at the Santa Clara Convention...
Naturally, new and exciting technologies and trends like software defined networking, the Internet of Things and the cloud tend to get the lion’s share of attention these days, including when it comes to security. However, it’s important to never forget that at the center of it all is ...
In demand-intensive mobile and web applications, an emerging pattern is to host the Systems of Engagement in the cloud (for maximum responsiveness) but keep the Systems of Record with the other important business systems in the company datacenter, often on a tightly secured mainframe. ...
Today, most enterprises have some type of cloud-based solutions or are looking at cloud-based infrastructure for some of their enterprise applications. What is lacking in many organizations is the strategic design focus and sophisticated implementation for very secure infrastructure wh...
The tech industry has been abuzz about the potential of the Internet of Things for the past several years, and with good reason. As more devices become connected to one another, society steps even closer to the ultimate goal of an overarching, cohesive network facilitating communicatio...