-
Recent Posts
Recent Comments
Final Wrap Up… on How to Transform Developers in… Salvador on Big data – discussi… Nichole Gladky on Google apps constituency … Jason on Educause 2013 – first… Mike Gay on MS Office 365 for Educati… Archives
Categories
Meta
Category Archives: RSA Conference 2017
Final Wrap Up – Top Three Take Aways
I’m actually posting this from home. I was too tired to finish this in SF. Overall, I was very happy with the conference and the information it provided. It is hard to identify my top three takeaways for this conference … Continue reading
Posted in Identity, leadership, RSA Conference 2017, security, Uncategorized
Leave a comment
The quest to measure strength of function for authenticators: SOFA, So Good
Elaine Newton, Colin Soutar Key Takeaway: SOFA-B allows us to measure the efficacy of various biometric options so that they can be compared across vendors. https://pages.nist.gov/SOFA Biometrics provide a convenient way to provide security to phones. Introductino of biometrics doubled … Continue reading
Measuring Authentication: NIST 800-63 and Vectors of Trust
Sarah Squire Key takeaway: New NIST document goes over all new ways to categorize what used to be Levels of Assurance. Identity team needs to understand this standard. Level of identity vs level of security Authentication – why do we … Continue reading
Privileged Access Management: Unsticking your PAM program
Key Takeaway: Do we use TLAs for all admin functions, including our customers? Would they be willing to go to the next step to use PAM ids? *** PAM – accounts. Should be only used to access privileged systems. NOT … Continue reading
How to Transform Developers into Security People
Key Takeaway: Need to take these ideas and look at how we can get security training for our developers. *GREAT SESSION!!! Software is everywhere and in everything. Developers become crucial and the first line of defense to insure it is … Continue reading
Radical Innovation:Revolutionizing the Future of Cybersecurity
Hugh Thompson Key Takeaway: We need to look into how we can make a difference in people’s lives using big data. Topic of Innovation. What can we become as a security industry? Proliferation of IoT devices has created a massive … Continue reading
The Coming Disruption
Key Takeaway: Interesting prospect. Application developer ecosystems. If we built all the infrastructure with APIs and preset data gathering and other basics, then we can code to those APIs. Rather than having to go and gather data, it would be more, … Continue reading
Posted in RSA Conference 2017, security
Leave a comment
The Seven Most Dangerous New Attack Techniques
Key takeaways: Two of top seven dangers are related to developers and using unpatched software and unprotected XML/JSON components. Need to look at how vulnerable we are. *** http://www.sans.org. Ransomware – explosion of this. crypto ransomware. top fears. prevents access … Continue reading
Posted in RSA Conference 2017, security, Uncategorized
Leave a comment
Identity Squatting: Laws, Tools and Methods for Security Professionals
Key Takeaway: Interesting session on identifying who our users are. Not much new, but interesting topic. *** When to recognize when someone is posing as someone else because they are a bad guy/black hat, or when they have legitimately changed … Continue reading
Posted in Identity, RSA Conference 2017, security, Uncategorized
Leave a comment
Help Wanted: Security Heroes and Heroines Only Need Apply, Malcolm Harkins
Key Takeaway: Leadership is helping the business adopt consistent secure practices rather than responding to each incident. *** Business risk security is understanding risk, and doing everything you can do to prevent the risk, or correct it later. The perfect storm of … Continue reading
Posted in leadership, RSA Conference 2017, security
Leave a comment