Is your data wide open in an open Amazon S3 bucket? Would you even know if it was?
Security is about prevention of loss, not money-making. Here's why annual loss expectancy, not ROI, is the better measure.
It's not enough to start a program. You have to encourage, train, and mentor to create real security champions.
What are you doing to prevent users losing your secrets?
Don't just worry about outside IT security threats; focus your attention on potential insider problems, too.
If you run a cloud service and receive a secret subpoena, your legal counsel can ask some pointed questions.
The problems that security teams wrestle with are strikingly similar to those DevOps addresses in software development. Here's how they translate.
Recent events highlight an identity crisis. We demand an alternative to the standard set of SSN, address, DoB for identity verification.
Organizations that use gamification to promote security awareness increase employee interest in security and spur compliance with best security...
Continuous integration and continuous delivery environments introduce SIEM complexities. Here's how to manage them.

Pages