security laboratory

April 27, 2015:

The Bad News For Infosec In The Target Settlement

The legal argument behind the $10 million Class Action lawsuit and subsequent settlement is a gross misrepresentation of how attackers operate. Central to the recent Target data breach lawsuit settlement was the idea that cyber attacks are mechanistic and follow a prescribed course or chain of events. The judge hearing the case ruled that Target […]
April 23, 2015:

Insider threats force balance between security and access

Non-malicious actors within the enterprise are the more challenging aspect of the insider threat, calling for rethinking policies to better tailor employee and vendor access. There may be no single solution to the complex challenge of protecting against insider threats within the enterprise, but IT leaders can help their cause with prudent policies that put […]
April 22, 2015:

Crypto ‘Front Door’ Debate Likely to Go On For Years

Encryption is the hot new topic in security at the moment, as it has been any number of times in the last few decades. And, as in the past, the notions of key escrow, mandated legal access to encrypted systems and other ideas for helping governments defeat cryptosystems have followed right along with the latest […]
April 21, 2015:

Migrating from SSL and Early TLS

The time to migrate is now. For over 20 years Secure Sockets Layer (SSL) has been in the market as one of the most widely-used encryption protocols ever released, and remains in widespread use today despite various security vulnerabilities exposed in the protocol. Fifteen years ago, SSL v3.0 was superseded by TLS v1.0, which has […]

Made, Maintained & Powered in USA by CrystalVision