Search IANS' Insights

Recent Blog Posts

IANS to Present ‘The 5 Secrets of High-Performing CISOs’ at RSA 2017
For the third consecutive year, IANS has been selected to present at RSA Conference, which will take place February 13-17, 2017, in San Fran... Read More >
Van Wyk: Email Privacy Expectations Not Aligned With Current Technology, Practices
No matter whom you voted for on November 8, it seems fair to say that email played a pretty significant role in the election — and not in a ... Read More >
Lessons Not Learned? Massive FriendFinder Networks Breach Once Again Stems From Poor Security Practices
After the credentials and personal information of nearly 4 million of its users were exposed last year, you’d think FriendFinder Networks wo... Read More >
Nov 28, 2016 | Infrastructure Security
In a quest to reduce energy consumption and make daily activities more convenient and pleasant for their occupants, smart buildings are becoming ever more interconnected, internet-connected and complex. In this report, IANS Faculty Chris Poulin details the latest advances in smart building technologies, the hidden threats they expose and key steps to take to ensure your smart building doesn’t become your latest threat vector. Read More
Nov 22, 2016 | Endpoint Security
The recent Mirai botnet that took down DNS provider Dyn underscored the risks associated with unmanaged, unsecured Internet-of-Things (IoT) devices. In this Ask-an-Expert live interaction, IANS Faculty Chris Poulin explains how to discover/detect rogue IoT devices on the network and track them over time. Read More
Nov 21, 2016 | Security Development Life-Cycle
Best practices around the secure development of mobile applications are still evolving because of the rapid evolution of the mobile platforms themselves. In this Ask-an-Expert written response, IANS Faculty Jason Gillam outlines the key differences between the secure development of mobile and web applications, and details standard accepted practices around encryption and authentication. Read More
Nov 18, 2016 | Security Organization
For security organizations, understanding where you stand from a maturity perspective can offer valuable insight into which processes and procedures need to be improved. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford charts benchmarks for certain aspects within information security, from event detection and incident management to metrics and data visualization. Read More
Nov 14, 2016 | Endpoint Security
Malware containment has devolved into an arms race, with a steady stream of solutions and rapidly evolving new problems, leaving IT security struggling to keep up and make sense of it all. In this webinar, IANS Faculty Dave Shackleford examines the new players and techniques in the space, and reviews some of the tried-and-true strategies, including whitelisting, sandboxing, segmentation and configuration management. Read More
Nov 14, 2016 | Information Protection
Do you know where all of your critical data is located? Studies show that few information security pros do. In this report, IANS Faculty Kevin Beaver underscores the importance of data classification and offers tips to not only find exactly where sensitive information is located, but establish the right controls to ensure you always know where it is and that it’s secured effectively. Read More
Nov 10, 2016 | Infrastructure Security
When it comes to evaluating Bluetooth security risks, it's important to divide up the technology into different sections and examine the potential risks of each. In this Ask-an-Expert written response, IANS Faculty Aaron Turner evaluates Bluetooth security from the perspectives of physical-layer, protocol implementation and application-layer vulnerabilities. Read More
Nov 7, 2016 | Enterprise Risk Management
When it comes to evaluating vendors, there are a number of factors organizations need to keep in mind, from integration costs to uptime guarantees. In this Ask-an-Expert written response, IANS Faculty Martin Gomberg lays out some of the major red flags organizations should look out for when evaluating vendors, from the due diligence phase to the questionnaire process. Read More
Nov 7, 2016 | Vulnerability & Threat Management
Now that Internet-of-Things (IoT)-based DDoS attacks are in the news, is it time to rethink your DDoS strategy? In this Ask-an-Expert live interaction, IANS Faculty Adam Ely outlines key strategies to implement at the network, server and operations level to defend against all types of DDoS attacks, even this latest iteration. Read More
Nov 3, 2016 | Malware/Advanced Threat Detection
Ransomware is a scourge across every vertical but it seems to have found a soft spot in health care. For this roundtable, IANS brought together a group of health care sector security executives to talk about the problems they face and the strategies they are using to get ahead of the ransomware issue. Read More