The level and sophistication of advanced threats is a constantly moving target pitting the advantages of smart and patient attackers against security teams that often times can’t possibly know what to look for when an attacker employs specialized techniques and tools designed to cloak their movements. What happens when an attacker doesn’t have to rely on malware to infiltrate their target or when an attacker is able to successfully blend in like a legitimate insider? In this edition of the Speaking of Security Podcast, Tom Chmielarski, Practice Lead in RSA’s Advanced Cyber Defense Services shares some of the attack techniques he’s seen used in real breach cases, along with best practices used in the detection and defense of these advanced attacks.
Data Loss Prevention
With RSA’s Data Protection Manager 3.5 (now available), we are releasing into our core product a mechanism in cryptography that has been gaining steam in the recent years: format-preserving encryption (FPE). While we have been implementing FPE for years with our Professional Services teams, we felt it was now time to formally add this to [...]
In this edition of the RSA Speaking of Security Podcast, Tom Chmielarski, Practice Lead with RSA’s Advanced Cyber Defense consulting practice, talks about specific threat intelligence strategies that organizations can take in the defense against malware and advanced attackers. Tom is one of the lead consultants bringing RSA’s Next Generation Security Operations Design and Implementation [...]
I like Star Trek. I’ve always wanted to be Captain Kirk (had to pick one…Picard is great too) sitting in that chair on the bridge of the Enterprise with seemingly endless resources at my disposal with a mission to protect the universe. I’m not giving up, but that’s probably not going to happen. However, I do get a bit of the same thrill as I have the opportunity to work in the Critical Incident Response Center lab we have set up at RSA for research and demonstration purposes.
Great deals abound online for holiday shoppers during the hottest time of year where e-commerce merchants are looking to cash in on what is projected to be a US$1.25 billion spending spree just on Cyber Monday alone. Where the money goes, so do cybercriminals who are also looking to make illicit gains of their own using clever ruses such as phishing emails and web pages that promote discounts and offers that are too good to be true when in reality they are harvesting credit card numbers, stealing identities and anything else that can be turned into cash. Rueben Rodriguez from RSA’s Identity Data & Protection group joins the Speaking of Security podcast to talk about what consumers and online merchants need to look out for to avoid getting fooled by cybercriminals this holiday shopping season.
Announcing RSA Distributed Credential Protection! Scramble, randomize and split your passwords into multiple locations #cryptocrux video-bytes
Announcing RSA Distributed Credential Protection! Scramble, randomize and split your passwords into multiple locations.
A Revolutionary Way to Secure Bulk Credentials – RSA Distributed Credential Protection – Podcast #241
With the theft of an estimated 50 million passwords from various breaches at major web site operators in 2012, the industry is ripe for a transformative approach to one of its most pressing security problems. RSA Labs Chief Scientist Dr. Ari Juels and RSA Senior Product Marketing Manager Liz Robinson join the podcast to describe the new RSA Distributed Credential Protection software, a first-of-its-kind innovation from RSA that distributes and randomizes secrets to help protect from bulk password credential loss.
Can a “horcrux” idea be applied to security? Watch the puzzle unfold with the #cryptocrux video-bytes
Imagine splitting up your sensitive credentials to raise the cost to an attacker…
Report Provides Tips for Transforming Traditional Security into Early Warning Systems – Podcast #240
RSA’s latest Security Brief provides insights from security leaders and other industry executives for how organizations can transform traditional security into an early warning system for advanced threats. RSA’s CISO, Eddie Schwartz highlights the capabilities needed in next-generation information security strategies- including hot topics like “big data” security analytics: using vast volumes of information from diverse sources to detect security threats based on behaviors and context, not signatures.
Is your password for Facebook, Twitter, VPN, Email, Bank, Amazon all the same? #CryptoCrux and beyond [VIDEO-BYTES]
50 million passwords have been stolen in 2012 alone – learn about the danger that consumer-facing web portals face and why passwords are in demand.