Home Tags Information Security

Tag: Information Security

Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical).

IT security

Sometimes referred to as computer security, information technology security is information security applied to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop. A computer is any device with a processor and some memory. Such devices can range from non-networked standalone devices as simple as calculators, to networked mobile computing devices such as smartphones and tablet computers. IT security specialists are almost always found in any major enterprise/establishment due to the nature and value of the data within larger businesses. They are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to breach into critical private information or gain control of the internal systems.

Information assurance

The act of providing trust of the information, that the Confidentiality, Integrity and Availability (CIA) of the information are not violated. E.g., ensuring that data is not lost when critical issues arise. These issues include, but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost. Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists. A common method of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arise.

2017 was one of the most intense in terms of incidents affecting the information security of industrial systems.
Security researchers discovered and reported hundreds of new vulnerabilities, warned of new threat vectors in ICS and technological processes, provided data on accidental infections of industrial systems and detected targeted attacks.
Back in 2012, in a report called “DevOpsSec: Creating the Agile Triangle,” Gartner identified the need for information security professionals to become actively involved in devops initiatives.

Five years and more than 24 billion Docker image pulls l...
Threatpost editors Mike Mimoso and Tom Spring discuss the week's information security news.
Lawyers always have been responsible for protecting their clients' information, but that was a lot easier to do when everything was on paper. Here are four best practices to follow.
The authors of malware use various techniques to circumvent defensive mechanisms and conceal harmful activity. One of them is the practice of hiding malicious code in the context of a trusted process.

Typically, malware that uses concealment techniques injects its code into a system process, e.g. explorer.exe.

But some samples employ other interesting methods. We're going to discuss one such type of malware.
Threatpost editors Mike Mimoso and Tom Spring discuss the week's top information security news stories.
Brussels, 09 October 2017 – Last week’s CyberSecurity4Rail conference, held in Brussels for senior members of the rail industry and information security experts, has strongly endorsed the formation of a sector-driven pan-European Rail ISAC ...
Chief information security officers from Dell, RCB Bank and other organizations share what it takes to become a security exec, sit in the C-Suite, and keep the job.
A new cyber security report from Vodafone, Cyber Security: The Innovation Accelerator, highlights a strong link between how cyber security is used and business success, with 86 per cent of high-growth companies[1] seeing information security as an enab...
In the field of information security, sandboxes are used to isolate an insecure external environment from a secure internal environment (or vice versa), to protect against the exploitation of vulnerabilities, and to analyze malicious code.

At Kaspersky Lab, we have several sandboxes, we will look at just one of them that was customized to serve the needs of a specific product and became the basis of Kaspersky Anti Targeted Attack Platform.
Five reasons why the chief information security officer needs to get out from under the control of IT.
Malta, 7 September 2017 - 365squared, a premier value-added services enabler to the mobile network operator (MNO) community, today announced it has been awarded the ISO 27001 certification, the international standard for information security management systems (ISMS).

By choosing to implement the recommendations from the standards program, this achievement strengthens 365squaredrsquo;s position as a trusted value-added services partner, offering best-in-class, innovative SMS solutions to mobile operators.“Achieving the ISO 27001 certification reinforces 365squaredrsquo;s commitment to following... Source: RealWire