Speaking of Security – The RSA Blog and Podcast

Intel recently announced the Intel Xeon Processor Series that helps enable comprehensive and verifiable security and compliance in cloud environments. With these technologies Intel is providing a foundation to make cloud deployments suitable for increasingly sensitive workloads.

Proving that physical and virtual infrastructure of the cloud can be trusted can be prohibitively difficult, especially when it comes to cloud services from external service providers. Verifying secure conditions in the foundations of the cloud is important for a simple reason: If organizations can’t trust the safety of their computing infrastructure, the security of all the information, applications and services running on top of that falls into doubt.

If you’ve heard me speak about information security maturity lately, you may have heard me compare our industry and function to Maslow’s Heirarchy of Needs. For those of you that may need a refresher, here are the basics (minus a few to stop some search engine hits). In order for a human to realize his full potential, he must have specific needs met.

Most of my friends and colleagues know that I like to cook so I will be doing a series of “recipes” in the next few weeks to address some of the key challenges based on conversations I am having with major organizations. So, to get started, here is part 1 on Creating a Trusted Cloud.

Today’s security standards are based on historical, legacy information technologies and don’t necessarily address Cloud Computing environments in an effective manner. Attempts to update them are an improvement, but will be able to create a single or limited number of standards that will be viable across all borders and jurisdictions. So, it’s no surprise that the Cloud Security Alliance Summit at RSA Conference had a panel discussion on this topic. The panelists were Marc Crandall from Google, Baber Amin from CA, Christ Wysopal form Veracode and Ashvin Kamaraju from Vormetric.

This is part two in a conversation that I had with Ben Tomhave (@falconsview) last week over Twitter. What started out as a quick question about busting PCI myths turned into corporate responsibility. If you haven’t seen this article about a company who is facing massive penalties, give it a read. It will help set [...]

With great pleasure (and a lot of pride) we want to announce that Forrester Research Inc., an independent research firm, has ranked RSA Archer as a leader in both the IT-GRC and eGRC platforms! Not only is RSA Archer a platform leader in both categories but RSA Archer is the ONLY vendor ever to be named a leader in both IT and eGRC categories.

  Host Michelle Adams-Dixon talks with Angel Grant, Senior Manager, Identity Protection & Verification for RSA about protecting yourself while shopping online this holiday season.

Doctors have been the butt of jokes for years. But this post is no joke. Over the last five years I’ve been exposed to the back-of-house operations in healthcare in ways that helps put the front-of-house issues I observed into perspective. But one thing has always driven me batty, and I’ve never been able to figure out why.

“Some civil servants are just like my loved ones. They work so hard and they try to be strong”  – From Don’t Worry About The Government by The Talking Heads Have you ever had this experience?  You’ve gotten in a cab and try to tell the cab driver specific directions or routes you want to take [...]