Search IANS' Insights

Recent Blog Posts

After the Breach: Making Your Response Count
It’s a cliché to say it, but there are two kinds of companies: those that know they’ve been breached, and those that have yet to figure it o... Read More >
Van Wyk: What the Kardashians Teach Us About Cyber Liability
Nearly everything you need to know about cyber-liability insurance can be gleaned from Kim Kardashian West’s recent trip to Paris, France. T... Read More >
Podcast: Kevin Johnson on Pentests, Incident Response, Infosec Leadership and Sweating for Charity
Faculty member Kevin Johnson brightens the podcast studio this week for a rollicking conversation about incident response, penetration testi... Read More >
Oct 20, 2016 | Virtualization/Cloud Security
Hybrid clouds offer organizations the ultimate in flexibility, enabling IT to keep sensitive workloads in-house while taking advantage of the efficiencies and scalability of public clouds for everything else. But how secure is the setup? In this report, IANS Faculty Dave Shackleford steps you through the challenges of securing hybrid clouds and provides advice to ensure workloads remain secure, no matter where they are run. Read More
Oct 20, 2016 | Encryption & Rights Management
There are a number of key management tools and services that organizations can use within the AWS cloud. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford breaks down some of the major players in the space, including Amazon's own key management service, HyTrust DataControl and Vault. Read More
Oct 18, 2016 | Vulnerability & Threat Management
Mainframes usually hold companies’ most sensitive, mission-critical data. As more organizations decide to open up their mainframe “crown jewels” to participate in today’s mobile/cloud world, however, is mainframe security keeping up? In this report, IANS Faculty Philip Young details the riskiest areas of the mainframe and explains how best to secure them against today’s threats. Read More
Oct 13, 2016 | Network Security
Secure web gateways provide a staple in network infrastructure and the market seems to suggest they will be around for the next few years. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh explores the capabilities of modern proxy solutions and offers selection criteria to help evaluate various solutions. Read More
Oct 13, 2016 | Security Operations
Big Data has been gaining traction in the enterprise for the past three years, fueled by the ability to improve business decision-making. In this webinar, IANS Faculty Kevin Beaver examines the emergence of Big Data-driven security and provides usable tips for developing a successful Big Data security analytics program. Read More
Oct 6, 2016 | Regulations & Legislation
Each quarter, IANS provides an update on the emerging international compliance laws and regulations that impact the information security community. For Q3 2016, we provide a short summary for each jurisdiction in which there was a change, followed by a more detailed description. An updated table of jurisdictions and changes can be accessed here. Read More
Oct 6, 2016 | Security Strategy
Attacks and malware continually evolve, forcing organizations to react by implementing an ever-expanding tool set. Unfortunately, few budgets expand in kind. In this report, IANS Faculty Michael Pinch details five key ways to immediately improve your organization’s security posture, without breaking the budget. Read More
Oct 4, 2016 | Vulnerability & Threat Management
A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective. Read More
Oct 3, 2016 | Virtualization/Cloud Security
As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena. Read More
Sep 29, 2016 | User Account Provisioning
In Microsoft Active Directory (AD) environments, a bastion forest can be used to both reliably manage privileged access and recover a compromised AD implementation. In this report, IANS Faculty Aaron Turner explains the theory behind the bastion forest and steps you through the process of setting one up. He also explains how some organizations may be able to use a bastion forest as a cost-effective alternative to pricier privileged access management (PAM) tools. Read More