- Networking The Hidden Costs of Information Security Projects
Security projects often underestimate hidden costs: requirements gathering, transitioning from current solutions, project oversight, validation of completion, and personnel training. Applying Total...
- Incident Response Initial Security Incident Questionnaire for Responders
This cheat sheet helps incident handlers assess situations by asking the right questions: understanding background (how detected, security posture), defining communication parameters (coordinator,...
- Risk Management Border Bias and Risk Perception in Information Security
Research shows people irrationally believe state borders can protect against disasters, underestimating risks from across the line. In security, firewalls and other devices may create similar...
- Networking Web Application Firewalls (WAFs) Will Be Ubiquitous
WAFs are following the adoption trajectory of traditional network firewalls—both mitigate risk when securing individual components is impractical. Network firewalls protected weakly-configured...
- Incident Response Incorporating Mobile Devices into Enterprise Security
Enterprise security hasn't kept up with consumerization—powerful mobile devices often have VPN access and email but lack mature OS security controls. Organizations need greater network segmentation,...
- Networking Pros and Cons of Virtual Patching to Address Vulnerabilities
Virtual patching blocks attack vectors exploiting vulnerabilities using IPS, WAF, or database security tools—buying time to develop proper fixes. The danger is complacency: organizations with virtual...