Filter By:

Recent Blogs & Podcasts



June 12, 2017 | Malware and Advanced Threats
By Ken Van Wyk, IANS Faculty

 Van Wyk: Responding to Ransomware

Last month, I wrote that targeted attacks require much deeper analysis than those that are not targeted. While that still rings true, battling non-targeted threats like ransomware is becoming an increasing problem for organizations. 

Read More »

June 9, 2017 | Penetration Testing and Red Teaming
By Jason Gillam, IANS Faculty

 Add Phishing to Your Red Team’s Playbook

While phishing can be a good way to gain an initial foothold in a target network, some red team phishing attempts are more successful than others. In this Ask-an-Expert written response, IANS Faculty Jason Gillam explains how to get the most from some common phishing tools and offers tips for crafting successful phishing attacks.

Read More »

June 9, 2017 | Recruiting, Hiring and Retention
By Mike Saurbaugh, IANS Faculty

 Build, Manage and Retain a Strong Security Staff

In a hiring environment where skilled infosec professionals are hard to come by, organizations need to do everything they can to differentiate themselves from the competition. In this report, IANS Faculty Mike Saurbaugh offers proven strategies for maintaining a strong security staff and reveals the results of his survey on students' expectations upon entering the information security workforce. 

Read More »

June 8, 2017 | Enterprise and IT Compliance Management
By Michael Pinch, IANS Faculty

 5 Tips for Migrating to a New Security Framework

Changing an organization's security program alignment is never an easy task. In this Ask-an-Expert written response, IANS Faculty Mike Pinch offers five key steps to take when migrating to a new security program, with specific guidance for switching to the NIST Cybersecurity Framework. 

Read More »

June 2, 2017 | Authentication
By Aaron Turner, IANS Faculty

 Authentication: Past, Present and Future

Authentication methods and protocols have changed a lot over the years, but which are best suited to today's complex enterprise environments? In this Ask-an-Expert written response, IANS Faculty Aaron Turner provides an overview of the most used (and effective) authentication protocols.

Read More »

June 1, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By David Etue, IANS Faculty

 Key Management: Evolving Best Practices

Encryption is critical, but what is the best way to implement secure key management? In this written Ask-an-Expert response, IANS Faculty David Etue outlines the most common roles and approaches, along with unique risks presented by emerging technologies like cloud access security brokers (CASBs).

Read More »

May 30, 2017 | Malware and Advanced Threats
By Michael Pinch, IANS Faculty

 Top 5 Infosec Risks in Health Care and What to Do About Them

The top priorities for health care organizations today are uptime and free access to data, which means companies in this space face a number of security challenges. In this Expert Briefing, IANS Faculty Mike Pinch details the major security risks the health care industry is dealing with today - from ransomware to the Internet of Things - and offers strategies for tackling these challenges.

Read More »