Qmunity: Your Colleagues. Your Connections. Your Content.
Sign in
|
Join
|
Help
|
NetIQ.com
H
OME
B
LOGS
F
ORUMS
N
OTIFICATIONS
G
ROUPS
N
ETIQ
S
UPPORT
Security Webb
Home
Follow Us
Follow us on Twitter
Follow us on Facebook
Syndication
RSS for Posts
Atom
RSS for Comments
Email Notifications
Go
Recent Posts
PCI Insight from RSA 2010
Government, Security, RSA and CAG
RSA Conference - Cloud with Everything
RSA Conference - Risk and Reward
RSA Conference - Products, Pitches, and Predictions
Tags
Access Control
Bankinfosecurity
Change Control
Cloud Computing
Compliance
Credit Card Data
Data Breach
Forrester Research
Gartner
Geoff Webb
Heartland
Heartland Breach
Insider Attack
IT process automation
NetIQ
PCI DSS
PCI Standards Council
Ponemon Institute
RSA
RSA Conference
SC Magazine
SCAP
Secure Configuration Manager
Security
Virtualization
View more
Archives
March 2010 (4)
February 2010 (4)
January 2010 (1)
December 2009 (1)
November 2009 (1)
October 2009 (1)
September 2009 (2)
August 2009 (3)
July 2009 (3)
June 2009 (3)
May 2009 (5)
April 2009 (7)
March 2009 (6)
February 2009 (8)
January 2009 (10)
Sort by:
Most Recent
|
Most Viewed
|
Most Commented
PCI Insight from RSA 2010
I attended the 2010 RSA Conference in San Francisco last week. As expected, one of the major themes resonating throughout the conference keynotes, sessions, and exhibit hall was the opportunity we have as security professionals to help secure increasingly...
Published
Fri, Mar 12 2010 10:40 AM
by
Renee Bradshaw
Filed under:
Security
,
Data Breach
,
PCI DSS
,
PCI Standards Council
,
Compliance
,
RSA
,
PCI
,
RSA Conference
,
Verizon Breach Report
,
RSA 2010
,
PTS
,
PCI Standard
,
PA-DSS
,
Bob Russo
Government, Security, RSA and CAG
Looking back at RSA last week, I wonder if part of what drives the almost frenzied hype around cloud security is the pervasive and lurking fear in the mindset of all security professionals: I'm missing something really important, and it's going...
Published
Wed, Mar 10 2010 2:40 PM
by
Geoff Webb
Filed under:
Security
,
SCAP
,
Cloud Computing
,
RSA Conference
,
FDCC
,
Info Security Magazine
,
Drew Amorosi
RSA Conference - Cloud with Everything
I don't know what the next big security trend is going to be, but I can certainly tell you what a lot of vendors here at RSA are clearly hoping it will be: something with a cloud. There's clouds everywhere here at the show. It's like walking...
Published
Wed, Mar 03 2010 9:30 AM
by
Geoff Webb
Filed under:
Security
,
Cloud Computing
,
Security Squared
,
RSA Conference
,
RSAC
RSA Conference - Risk and Reward
In my last post I referenced my opinion that simply throwing money at problems isn't always the right approach. The subject came up again today in a discussion around how organizations approach risk management, and the way they look at outsourcing...
Published
Wed, Mar 03 2010 9:26 AM
by
Geoff Webb
Filed under:
Security
,
RSA
,
Risk Management
,
Jeff Kutler
,
RSA Conference
,
RSAC
RSA Conference - Products, Pitches, and Predictions
Like most folks in the security industry, I'm hoping next week's RSA Conference will be interesting, enlightening, and generally worth the airfare over to sunny California. I read Jon Oltsik's post from Monday on his predictions for RSA, and...
Published
Wed, Feb 24 2010 8:08 AM
by
Geoff Webb
Filed under:
Security
,
RSA
,
Network World
,
RSA Conference
,
RSAC
Security 2010: What, me worry?
After my last post on human error, and how it contributes to significant data breaches, I haven’t been able to get the idea out of my head. It should come as no surprise that we have found that companies may have the best security tools and resources...
Published
Wed, Feb 17 2010 11:18 AM
by
Renee Bradshaw
Filed under:
Security
,
Data Breach
,
PCI DSS
,
Insider Attack
,
Ponemon Institute
,
PCI Standards Council
,
Compliance
,
Secure Configuration Manager
,
Malicious
,
PCI
,
computer crime
,
non-malicious insider
,
malicious insider
Security 2010: When Resolutions Fail
We’re a few weeks into 2010 and I am interested in knowing how many of us have stuck to our overly optimistic New Year’s Resolutions. Has the gym membership already lapsed? Are you getting to work on time and not blaming fire, flood, or the...
Published
Wed, Feb 03 2010 12:00 PM
by
Renee Bradshaw
Filed under:
Security
,
Heartland Breach
,
Heartland
,
CSI
,
Health Net
,
SQL Injection
,
2010
,
InfoWorld
,
Malicious
,
Resolutions
,
Accidential
Speaking at CSO Conference next week
Next week I'll be speaking at the CSO Executive Seminar on Data Protection and Encryption in Washington, D.C. My presentation will focus on doing more with less in a time when security and compliance teams are stretched thin due to staff and budget...
Published
Tue, Feb 02 2010 9:49 AM
by
Matt Mosley
Filed under:
Security
,
IT process automation
,
Encryption
,
Washington D.C.
,
ITPA
,
Data Protection
,
Seminar
,
CSO Conference
Sums it up nicely - Data Protection, Business Alignment
I thought this piece in BankInfoSecurity sums up nicely much of what I hear as being top of mind for security leaders these days. Specifically it's "how do I keep information secure?" and, equally importantly, "how do I support the...
Published
Fri, Jan 22 2010 3:34 PM
by
Geoff Webb
Filed under:
Security
,
Bankinfosecurity
Malice-without-thought
The latest CSI Computer Crime and Security Survey is available for download this month, and great reading it is. One of the more interesting trends is the prevalence of non-malicious insiders as a cause of losses: "Twenty-five percent of respondents...
Published
Fri, Dec 11 2009 11:03 AM
by
Geoff Webb
Filed under:
Security
,
Data Breach
,
Heartland Breach
,
Albert Gonzalez
Breach notification - a little sunlight goes a long way
The re are a couple of laws making their way through the halls of power at the moment. Senator Leahy's " Personal Data Privacy and Security Act " and Senator Feinstein's "Data Breach Notification Act". SC Magazine also has...
Published
Thu, Nov 12 2009 1:47 PM
by
Geoff Webb
Filed under:
Security
,
Data Breach
,
SC Magazine
,
Feinstein
,
Data Breach Notification Act
,
Personal Data Privacy and Security Act
,
Leahy
Heartland Breach and PCI - Secure Enough?
Just read this from BankInfoSecurity , on the class action suit against Heartland with respect to the breach that occured last year. What I think is interesting is that the statement by Bob Carr regarding PCI compliance and security is now apparently...
Published
Wed, Oct 07 2009 5:38 AM
by
Geoff Webb
Filed under:
Security
,
PCI DSS
,
Heartland Breach
,
Bankinfosecurity
,
Credit Card Data
,
PCI Standards Council
,
Compliance
,
Heartland
Speaking at Gartner next week
Next week I'll be speaking at Gartner's 14th Annual Future of IT Conference in Sao Paulo, Brazil on the subject of Security Event Automation. It's a subject I've spoken on before, and it's an area that generates a lot of questions...
Published
Fri, Sep 11 2009 1:40 PM
by
Geoff Webb
Filed under:
Security
,
IT process automation
,
Geoff Webb
,
Gartner
Dashboarding Compliance
Yesterday and today we ran a couple of events for our current customers on the upcoming release of Secure Configuration Manager (Version 5.8). As usual there were a lot of good questions and activity, which of course is the whole point of these Qmunity...
Published
Thu, Sep 10 2009 1:38 PM
by
Geoff Webb
Filed under:
Security
,
Virtualization
,
NetIQ
,
Compliance
,
Secure Configuration Manager
,
VMworld
130 million credit card numbers stolen and counting...
It's hard to let this one go by without some kind of comment - Albert Gonzalez a.k.a. "soupnazi", was charged earlier this week with stealing 130 million credit card numbers from such notable organizations as Hannaford Brothers, Heartland...
Published
Thu, Aug 27 2009 1:20 PM
by
Geoff Webb
Filed under:
Security
,
Data Breach
,
Heartland Breach
,
Credit Card Data
,
Hannaford
,
Albert Gonzalez
,
TJ Maxx
,
soupnazi
1
2
3
4
Next >
Home
|
Terms of Use
|
Privacy Policy
|
NetIQ.com
|
Attachmate.com
NetIQ, an Attachmate Business