Tag: Computer security

  • Do as I say, not as I do. RSA, Bit9, Adobe, and others…

    So you thought you had everything nailed down. You might have even gone past the “best practice” (which would have driven you to compliance, and your security to the gutter), and focused on protecting your assets by applying the right controls in a risk-focused way. You had your processes, technologies, and logs all figured out. […]

  • Security Awareness and Security Context – Aitel and Krypt3ia are both wrong?

    It was pretty obvious that after an Information Security persona such as Dave Aitel has posted his “Why you shouldn’t train employees for security awareness” article, there would be a lot of flak from the industry. A lot has been said about training employees to be somewhat more savvy users when dealing with corporate equipment […]

  • So you thought you were protected: How hackers can break into your business

    This is a translation of the original article published in Calcalist on May 20th 2012.   A group of professional hackers, employed by the most sensitive organizations to detect security breaches, are showing how to gain access to critical information, or take down the power for a whole city – and what is needed in […]

  • 7 Steps to consider when running a Vulnerability Assessment

    Today I’m proud to give this stage to some friends from GFI (have some good friends from the former Sunbelt guys that were acquired by GFI last year). Vanessa is our guest blogger, and she’s got a great post on how to run a more effective Vulnerability Assessment process in your organization.   Do you […]

  • How great perimeter defenses are hurting you

    I have looked for a good example for a real-world security practice that is misconceived and that also applies to information security. Recently I have had a chance to read an opinion article that talks about physical security measures that are put in to protect small populations (read army bases, gated communities, etc…) and how […]