Filter By:

Recent Blogs & Podcasts

10 Results for: "Andrew Carroll"

 



January 8, 2018 | Privileged Access Management
By Andrew Carroll, IANS Faculty

 CyberArk vs. Osirium: A PAM Tool Comparison

Managing privileged users is becoming increasingly critical, but choosing the right enterprise-grade PAM tool is not straightforward. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll underscores the importance of matching the tool to the use case and compares CyberArk and Osirium across key use case criteria.

Read More »


October 24, 2017 | Enterprise and IT Compliance Management
By Andrew Carroll, IANS Faculty

 Meet PCI Standards for Penetration Testing

PCI DSS requires Level 1 merchants to perform an annual penetration test and mitigate any vulnerabilities found, but what does the whole process entail? In this Ask-an-Expert written response, IANS Faculty Andrew Carroll explains exactly what PCI DSS requires and offers tips for ensuring compliance.

Read More »


August 15, 2017 | Application Development and Testing
By Andrew Carroll, IANS Faculty

 Help Developers Understand the Importance of Least Privilege

Developers usually push to access any data they want anytime they want it, but unfettered access can open the whole organization up to unnecessary audit, financial and reputational risks. In this Ask-an-Expert written response, IANS Faculty Andrew Carroll suggests educating developers on the risks, implementing least privilege and layering on controls to ensure compliance.

Read More »


June 27, 2017 | Malware and Advanced Threats
By Daniel Maloof, IANS Managing Editor

 GoldenEye Ransomware Wreaks Havoc on Global Networks

The ransomware hits keep on coming, and just like the WannaCry outbreak, this looks like a big one. For the second time in as many months, corporations around the world are experiencing a massive cyber-attack that’s once again crippling enterprise networks and demanding a Bitcoin ransom to decrypt files.

Read More »


January 19, 2017 | Security Policies and Strategy
By Daniel Maloof, IANS Managing Editor

 IANS at RSA 2017: The CISO as a Change Agent

CISOs are constantly hearing all kinds of advice, counsel and silver bullets that are designed to help make their challenging position work more effectively. But where are these recommendations coming from? What if there was a way to distill the achievements of hundreds of successful CISOs down to a few, critically important techniques?

Read More »


December 20, 2016 | Authentication
By Daniel Maloof, IANS Managing Editor

 Never Waste a Good Crisis: Yahoo Edition

If you’re a CISO, you’re likely fielding warm holiday emails from your board wishing you a great time with your family and asking you what the heck the Yahoo breach means (if not, Yahoo announced last week that one billion user accounts had been accessed.

Read More »