Results ordered by term relevance.

May 15, 2017 | Data Classification
By Kevin Beaver, IANS Faculty

 Sensible Approaches to Data Classification

Most organizations want to protect their sensitive electronic assets, yet effective data classification programs are all but nonexistent. You certainly can’t secure what you don’t properly acknowledge, and that’s a big reason why many security organizations struggle in this area. In this webinar, IANS Faculty Kevin Beaver details an approach to data classification that involves taking a few basic steps early on and periodically moving the program forward.

Read More »


November 14, 2016 | Data Classification
By Kevin Beaver, IANS Faculty

 Where, Exactly, Is Your Information?

Do you know where all of your critical data is located? Studies show that few information security pros do. In this report, IANS Faculty Kevin Beaver underscores the importance of data classification and offers tips to not only find exactly where sensitive information is located, but establish the right controls to ensure you always know where it is and that it’s secured effectively.

Read More »


February 23, 2017 | Malware and Advanced Threats
By Kevin Beaver, IANS Faculty

 Strategies for Thwarting State-Sponsored Hacks

State-sponsored attackers are, by definition, highly skilled and highly funded. How can we keep up? In this report, IANS Faculty Kevin Beaver details the challenges around state-sponsored hacking, including the threats, vulnerabilities and risks that must be addressed, starting today, if organizations are going to stay off their radar. 

Read More »


February 24, 2017 | Vulnerability Assessment and Management
By Kevin Beaver, IANS Faculty

 Assessing Vulnerability Scanning/Management Tools

When it comes to selecting a vulnerability scanning tool, it's often the level of service provided (and not technical capabilities) that separates the various solutions. In this Ask-an-Expert written response, IANS Faculty Kevin Beaver offers a breakdown of some of the key solutions in the space and details some important considerations for organizations in the process of choosing a vendor. 

Read More »


April 7, 2017 | Password Management
By IANS Faculty, IANS Faculty

 Poll: What Are the Best Password Strategies?

Password guidelines seems to change all the time. With new recommendations from NIST and vendors like Microsoft cropping up, how can enterprises determine the best approach? In this report, IANS Faculty Rich Guida, John Galda, Jason Gillam, Kevin Beaver, Marcus Ranum and Stephen McHenry offer their opinions and some rules of thumb for creating strong, enforceable password policies.

Read More »


April 28, 2017 | Penetration Testing and Red Teaming
By Kevin Johnson, IANS Faculty

 Drafting a Pen-Testing Request for Quote (RFQ)

Contracting with third-parties for penetration tests -- against both internal and externally facing resources -- is an important part of security. But what is the best way to craft a request-for-quote? In this Ask-an-Expert written response, IANS Faculty Kevin Johnson examines a sample draft RFQ and offers recommendations to ensure all the bases are covered.

Read More »


April 12, 2017 | Vulnerability Assessment and Management
By Josh More, IANS Faculty

 Managing the Vulnerability Exception Process

Vulnerability remediation can often seem like a three-way tug of war between operations, compliance and security. In this Ask-an-Expert written response, IANS Faculty Josh More details best practices for managing exceptions and keeping the whole process on track.

Read More »