Security: Regulations & Standards

IT Security: 2012 in Review, Predictions for 2013

The top trends security administrators dealt with in 2012 and what's ahead in 2013.

SCADA Protocol Testing in Critical Infrastructure

We can no longer rely on "security through obscurity" as more devices are Ethernet and wireless enabled.

A CxO’s Guide to Understanding Today’s Most Dangerous Attacks

To understand how to counter stealth malware threats, you first need to understand the nature and sophistication of these attacks at each of their four stages.

PCI Compliance in the Cloud

If you store, process, or transmit card account data, youmust comply with the PCI data security standard. We explore the basics, including why DevOps teams needs to be compliant.

The CCO’s Dirty Little Secret

A look at the true cost of compliance failures and how to avoid being buried in trouble.

An Introduction to Deep Content Inspection

Traditional deep packet inspection may no longer be able to protect your environment. We look at a new approach -- deep content inspection.

The Network’s Role in Securing Cyberspace

No single technology can enable a fully secure network. The three-layer model we present can guide your organization in making key improvements to your network security.

New Regulations Bring Advancements in Data Governance

As critical unstructured data grows exponentially amid a variety of data privacy laws, organizations are turning to data governance automation.

The Undervalued Security Benefits of IPsec

IPsec is a secure, robust, and transparent network widely available to businesses with smaller overhead than you might think.

The RSA Key Kerfuffle: Why Randomness Is Hard

Just how much of a problem is the RSA key kerfuffle? Two research teams weigh in about encryption schemes.

Security: IT Shops Unprepared to Police Social Media in the Enterprise

Few IT organizations are prepared to manage the use of social media in the enterprise. This is particularly true from a security perspective.

IT Still Facing Mobile Challenges

Neither iOS nor Android has been designed with enterprise security in mind. That makes securing them a challenging proposition.

Auditors, Employers at Odds Over Security

A new survey shows a disconnect between the security-first mentalities of auditors and the compliance-driven concerns of their employers.

How to Secure Data in the Cloud and Beyond

Next-generation tokenization has the potential to help businesses protect sensitive data in the cloud in a more efficient and scalable manner than encryption and first-generation tokenization.

DDoS Unbound

DDoS attacks are bigger and more frequent than ever, and a lack of insight into IPv6 security is particularly worrisome.

Q&A: IAM and the Unix/Linux Organization

Unix/Linux systems needn't be islands of identity; we show you the challenges and options for addressing authentication, provisioning, and security and take a closer look at Active Directory bridges.

Best Practices for Watching the Watchers

Four questions that promote security and regulatory compliance in your enterprise

Security: Don't Believe the (SAS 70) Hype

Confusion about the efficacy of SAS 70 seems to be more the rule than the exception. A new report suggests that a SAS 70 reality check is long overdue.

Q&A: Why Compliance is the Best Friend and Worst Enemy of Good Security

Compliance efforts will also affect the security of your data. We explore the connection and what IT can do to protect its information assets.

Removing the Risks of SSL -- Part 2 of 2

To address the security risks of SSL, we look at how transparent SSL proxies work and how they are used in enterprises today.