Subscribe to the RSA blogs and podcasts for the latest posts and security updates!
…And they did it, they managed to slow down the internet. Next thing you know, they will break it! I am referring to what’s been called “the largest publicly announced online attack in the history of the Internet.” And this week we read about the suspect; a 35-year old guy from Netherlands who was arrested in Spain (The Netherlands Public Prosecutor Service press release in Dutch).
Recently I blogged about the new EU Data Protection reforms and the challenges that organizations will face when they have to comply to the regulation. There has been a lot of opposition from all camps about how strict these regulations are, whether or not they are going to be enforced and more importantly how are [...]
Continuing on the theme from a previous blog, what if the use of state-of-the-art security technologies were believed to conflict with EU data privacy regulations? Are security professionals really to be put in the difficult position of not being able to use the most current security approaches to protect their organizations and users? Is there a way to both protect the organization and its users while respecting the rights of users to not be excessively and unreasonably monitored?
Over the weekend, three stories crossed my desk that got me thinking about the challenge that Art Coviello issued to the security industry in his RSA Conference 2012 keynote: to forge a “collective resolve” to stand together against “a host of adversaries who threaten our very trust in the world’s digital economy”. The first of [...]
In February I talked about the key aspects of the proposed changes to the EU Data Protection Directive. Breach notification within 24 hours (where possible) is one of the proposals. So, how do you prepare to meet this aggressive timeframe and what security management tools and processes do you need to implement?
Geolocation has been talked about a lot in IT circles in recent years. It’s one of those terms that means different things to different people, so it could be storing data in a particular place or it could be tracking some data or tracking an identity (person or machine). Scott Charney, Corporate Vice President, Trustworthy Computing at Microsoft discussed the concept of geolocation in his keynote. He used an interesting example of using GPS and tracking an individual and the types of data that can be obtained by doing that.
Today’s security standards are based on historical, legacy information technologies and don’t necessarily address Cloud Computing environments in an effective manner. Attempts to update them are an improvement, but will be able to create a single or limited number of standards that will be viable across all borders and jurisdictions. So, it’s no surprise that the Cloud Security Alliance Summit at RSA Conference had a panel discussion on this topic. The panelists were Marc Crandall from Google, Baber Amin from CA, Christ Wysopal form Veracode and Ashvin Kamaraju from Vormetric.
