Filter By:

Recent Blogs & Podcasts



May 2, 2017 | Team Structure and Management
By Mike Saurbaugh, IANS Faculty

 Creating a Workable Security Ambassador Program

We all know the importance of getting the business actively involved in security, but what's the best way to go about it? In this Ask-an-Expert live interaction, IANS Faculty Mike Saurbaugh explains how to build a workable security ambassador program that can act as a force multiplier across the business.

Read More »

April 28, 2017 | Penetration Testing and Red Teaming
By Kevin Johnson, IANS Faculty

 Drafting a Pen-Testing Request for Quote (RFQ)

Contracting with third-parties for penetration tests -- against both internal and externally facing resources -- is an important part of security. But what is the best way to craft a request-for-quote? In this Ask-an-Expert written response, IANS Faculty Kevin Johnson examines a sample draft RFQ and offers recommendations to ensure all the bases are covered.

Read More »

April 26, 2017 | Malware and Advanced Threats
By Chris Gonsalves, IANS Director of Technology Research

 Report: Criminals Scale Up Attacks, Ratchet Down Complexity

The latest annual Internet Security Threat Report from Symantec, out this week, is a breathless litany of cyber malfeasance highlighting an online security environment stressed by big spikes in phishing attacks, ransomware infections, political chicanery and IoT-based botnet activity.

Read More »

April 26, 2017 | Privileged Access Management
By Aaron Turner, IANS Faculty

 Choosing an IDAM Tool for the Future

Finding one tool to handle both identity and privileged identity management is difficult enough, but what about one that will also provide the right set of capabilities as identity needs evolve in the future? In this Ask-an-Expert written response, IANS Faculty Aaron Turner details how to evaluate current vendors to ensure they remain relevant today and tomorrow.

Read More »

April 26, 2017 | Cloud Access Security Brokers
By Rich Mogull, IANS Faculty

 Navigating an Increasingly Commoditized CASB Marketplace

Over the past few years, there has been a lot of consolidation in the cloud access security broker (CASB) market. In this live Ask-an-Expert interaction, IANS Faculty Rich Mogull offers an assessment of the current CASB marketplace and explains why the recent commoditization in the space means organizations should prioritize ease of integration when choosing a CASB. 

Read More »

April 25, 2017 | Enterprise and IT Compliance Management
By George Gerchow, IANS Faculty

 Selecting a GRC Tool

GRC tools have been around for a number of years now, but the market landscape and solutions themselves have evolved quite a bit. In this Ask-an-Expert written response, IANS Faculty George Gerchow details the primary features of today's GRC tools and offers recommendations for setting KPIs and completing a PoC. 

Read More »

April 25, 2017 | Team Structure and Management
By David Kolb, IANS Faculty

 Thriving When Policy and Business Priorities Clash

Corporate policy and business priorities live at two ends of a spectrum, and security professionals often find themselves at the collision point. In this report, IANS Faculty David Kolb and Chief Research Officer Stan Dolberg explore three types of intelligence (emotional, organizational and political) and offer tips for harnessing them to thrive in an environment where policies and priorities often clash. 

Read More »