Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

 



May 17, 2018 | Threat Intelligence and Modeling
By Jake Williams, IANS Faculty

 Threat Modeling: Three Basic Approaches to Consider

With so many threat modeling approaches available, how do you choose the right one for your particular environment? In this Ask-an-Expert written response, IANS Faculty Jake Williams recommends three approaches designed to help model threats against PaaS and IaaS cloud assets, in addition to a range of other attacks.

Read More »


May 16, 2018 | Networking and Network Devices
By Dave Shackleford, IANS Faculty

 Five Secure Email Gateways Compared

Secure email gateways come in a variety of form factors and vary in terms of features, ease of integration, scalability and more. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details the pros and cons of offerings from five vendors: Barracuda Networks, Cisco, Microsoft, Symantec and Trend Micro.

Read More »


May 15, 2018 | Security Policies and Strategy
By Aaron Turner, IANS Faculty

 Ensure Employees Follow Acceptable Use Guidelines

In the age of social media, ensuring employees know and follow acceptable use guidelines for corporate assets is both more difficult and more critical. In this Ask-an-Expert written responses, IANS Faculty Aaron Turner says behavior-driven policies and frequent reminders about data monitoring, storage and disclosure obligations are key.

Read More »


May 14, 2018 | Encryption, Digital Signatures, Certificates, Tokenization

 EFAIL Vulnerability Exposes Encrypted Email

On May 14, 2018, security researchers tweeted details and launched a website (efail.de) explaining how attackers could exploit “EFAIL” vulnerabilities to extract plain text from encrypted emails. The vulnerability impacts both the Pretty Good Privacy (PGP) and S/MIME methods of email encryption, which are commonly used in Microsoft Outlook. 

Read More »


May 14, 2018 | Vendor and Partner Management
By Josh More, IANS Faculty

 Protect Vendor/Supplier Transactions and Payments

With all the incidents of business email compromise and payment system abuse in the news, many organizations are looking to better secure their vendor/supplier payment processes. In this live Ask-an-Expert interaction, IANS Faculty Josh More details two-factor authentication, out-of-band verification and other strategies to help fortify systems against such attacks.

Read More »


May 14, 2018 | Threat Detection and Hunt Teaming
By Dave Kennedy, IANS Faculty

 Threat Hunting: Why Proactive Matters

Attackers keep evolving their tactics, making it increasingly difficult for traditional forensic techniques to keep up. It’s time to get proactive – and that’s where threat hunting comes into play. In this webinar, IANS Faculty Dave Kennedy explains why threat hunting is important, and how hunt teams can directly increase the overall maturity (and ROI) of your monitoring and detection capabilities. He also details specific methods for detecting abnormal patterns of behavior and other tactics hunters can use to hone their craft.

Read More »


May 10, 2018 | Regulations & Legislation
By Rebecca Herold, IANS Faculty

 Overview of Privacy Laws in South America

While privacy legislation in South America tends to follow trends set by European regulations in general, each of the 12 countries in the region has its own unique rules and protections. In this Ask-an-Expert written response, IANS Faculty Rebecca Herold offers a country-by-country breakdown of South American privacy laws and protections.

Read More »