Filter By:

Recent Blogs & Podcasts



May 26, 2017 | Mobile Client Devices
By Aaron Turner, IANS Faculty

 Cellular Vulnerabilities: How to Fix These Hidden Risks

When it comes to the risks posed by cellular networks, enterprise security professionals don't know what they don't know. In this report, IANS Faculty Aaron Turner details the most pressing vulnerabilities and threats associated with cellular networks and offers some strategic steps security teams can take to help mitigate these threats and limit risk exposure. 

Read More »

May 25, 2017 | Software Development Lifecycle (SDLC)
By Diana Kelley, IANS Faculty

 The 10 Commandments of Secure App Dev

Recommendations about what constitutes good application security throughout the software development life cycle (SDLC) abound, but what are the most critical areas to focus on? In this Ask-an-Expert written response, IANS Faculty Diana Kelley presents her take on the top 10 commandments of secure application development.

Read More »

May 24, 2017 | Security Policies and Strategy
By George Gerchow, IANS Faculty

 Get Your Security Spending Priorities in Order

Budgeting for new security initiatives requires prioritizing technologies that help improve security today -- and tomorrow. In this Ask-an-Expert written response, IANS Faculty George Gerchow offers his take on the importance of cloud access security brokers, privileged access management and other tools for companies moving to the cloud.

Read More »

May 24, 2017 | Vendor and Partner Management
By Kevin Beaver, IANS Faculty

 Don't Let Vendor Stonewalling Thwart Your Due Diligence

How can you adequately assess prospective vendors when they won't let you review the results of their penetration tests or vulnerability scans? In this Ask-an-Expert written response, IANS Faculty Kevin Beaver recommends ways to reduce your risk, from changing the scope of your information requests to switching vendors altogether.

Read More »

May 23, 2017 | Incident Response Planning
By Ondrej Krehel, IANS Faculty

 Negotiate a Winning Incident Response Retainer

The digital forensics and incident response (IR) market is a dynamic place with a growing number of vendors creating a wide variety of offerings and pricing models. In this report, IANS Faculty Ondrej Krehel details the three types of incident response retainers and offers key considerations for organizations deciding which would best suit their requirements and objectives. 

Read More »

May 22, 2017 | Malware and Advanced Threats
By Dave Kennedy, IANS Faculty

 Dave Kennedy on WannaCry and the Future of Ransomware Attacks

IANS Faculty Dave Kennedy, president and CEO of TrustedSec and frequent guest on major news networks such as CNN and Fox, stops by the IANS studio to review the latest details surrounding the WannaCry attack and offer tips for thwarting future attacks, from disabling SMB-1 to implementing application whitelisting.

Read More »

May 18, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 Security-as-Code: A Key to Cloud Security

Businesses are moving faster to the cloud and DevOps is accelerating scale and pushing automation. But how do we secure DevOps and cloud deployments? In this report, IANS Faculty Dave Shackleford explores the concept of security-as-code and details how security teams must fully assess their threats, collaborate with DevOps and automate scanning and configuration to ensure a secure migration to the cloud. 

Read More »