Results ordered by term relevance.

September 21, 2016 | Insider Threats
By Bill Dean, IANS Faculty

 Insider Threats: Understanding the Risks

Insider threats can often pose a greater risk to an organization than external actors. In this Ask-an-Expert written response, IANS Faculty Bill Dean offers some key statistics regarding insider threats and provides a number of steps organizations can take to anticipate and prepare for the risks posed by insiders.

Read More »


August 15, 2016 | Incident Response Planning
By Bill Dean, IANS Faculty

 Creating Effective Tabletop Exercises

Designed correctly, tabletop exercises can help you determine how well your people, processes and technologies are prepared for an incident – and improve that preparation over time. In this report, IANS Faculty Bill Dean steps you through the process of designing, planning and executing effective tabletop exercises. 

Read More »


January 26, 2017 | Threat Intelligence and Modeling
By Bill Dean, IANS Faculty

 Pros and Cons of CISA’s Threat-Sharing Program

With the passage of CISA and with DHS’ Automated Indicator Sharing (AIS) program getting up and running, organizations interested in sharing threat intelligence can now consider automating the process. How can they ensure their automated feed is scrubbed of PII and won’t leave them open to liability or privacy concerns? In this report, IANS Faculty Bill Dean offers tips for sharing threat indicators both automatically and safely.

Read More »


October 31, 2016 | Application Development and Testing
By Jason Gillam, IANS Faculty

 Application-Level DoS: Are You Ready?

Application-level DoS attacks can be difficult to detect, challenging to diagnose, and when effectively exploited, they can render your application completely inaccessible. In this report, IANS Faculty Jason Gillam explains how application-level DoS works and offers some key mitigation strategies. 

Read More »


October 6, 2016 | Regulations & Legislation
By Randy Sabett, IANS Faculty

 International Security, Privacy and Compliance Laws: Q3 2016 Update

Each quarter, IANS provides an update on the emerging international compliance laws and regulations that impact the information security community. For Q3 2016, we provide a short summary for each jurisdiction in which there was a change, followed by a more detailed description. An updated table of jurisdictions and changes can be accessed here.

Read More »


September 20, 2016 | Security Awareness, Phishing, Social Engineering
By Chris Gonsalves, IANS Director of Technology Research

 Recognizing, Protecting Against Social Media Threats

These days, enterprises need to be very aware of the fact that once information gets posted to a social site, it can never again be considered private. In this Ask-an-Expert written response, IANS Director of Technology Research Chris Gonsalves breaks down some of the common types of social media-related attacks organizations could face and offers a number of tips and features designed to combat these attacks.

Read More »


August 18, 2016 | Security Awareness, Phishing, Social Engineering
By Kevin Beaver, IANS Faculty

 CEO Spoofing: Don't Get Fooled!

Austrian aerospace firm FACC fired its CEO after losing nearly €50 million when fraudsters posing as the CEO forced the finance department to approve multimillion dollar payments. In this report, IANS Faculty Kevin Beaver explains how such scams work and offers tips to ensure your company doesn’t become the next victim.

Read More »


December 13, 2016 | Encryption, Digital Signatures, Certificates, Tokenization
By Davi Ottenheimer, IANS Faculty

 Detailing Technical Considerations For Implementing Tokenization Solutions

Although the concept of tokenization in IT can be easily explained, it can be complicated to architect and deploy these tokens for safe and reliable use. In this Ask-an-Expert written response, IANS Faculty Davi Ottenheimer offers a list of technical considerations to ease the process of selecting and implementing tokenization solutions.

Read More »


January 12, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2016

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


February 8, 2017 | Single Sign-on
By Aaron Turner, IANS Faculty

 Single Sign-On Platform Comparison

The identity and access management market is undergoing significant upheaval due to past under-investment in the space. In this Ask-an-Expert written response, IANS Faculty Aaron Turner offers a breakdown of the single sign-on (SSO) solution marketplace and provides recommendations for selecting a platform. 

Read More »


February 3, 2017 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Helping Users Avoid Common Tax Scams

While some people anxiously await their tax refund, scammers are also waiting with bated breath for unsuspecting individuals to slip up and fall for one of their tactics. In this Ask-an-Expert written response, IANS Faculty Mike Saurbaugh reviews some of the most common tax scams and offers some tips and proactive defenses to avoid getting 

Read More »


March 22, 2017 | Mobile Access and Device Management
By Aaron Turner, IANS Faculty

 Enterprise Mobility: Defining a Security Strategy

Enterprises today are on their third generation of mobile technologies, and each iteration has had its own unique challenges. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details some of the highest-impact risks organizations face in the mobility space today and offers some maturity-specific approaches companies can take to combat these risks. 

Read More »