Filter By:

Type

Topic

Recent Blogs & Podcasts

Insights Portal

\ Faculty Reports 



February 14, 2018 | Authentication
By Andrew Carroll, IANS Faculty

 Understanding Blockchain’s Promise for Identity Management

While blockchains were developed to solve problems very different from identity management, some vendors (and enterprises) are beginning to explore how blockchains could be used to both secure and provide more granular control over digital identities. In this report, IANS Faculty Andrew Carroll explains the pros and cons of using blockchains for identity, and provides a practical overview of the vendors addressing the space.  

Read More »


January 10, 2018 | Malware and Advanced Threats
By Aaron Turner, IANS Faculty

 Information Security Trends for 2018

In 2017, we saw some of our most valued controls undermined and witnessed security incidents impacting businesses around the world.  What will 2018 bring? In this report and webinar, IANS Faculty Aaron Turner examines the major trends in store for IT security professionals in the coming year. From the new incidents we need to prepare for to the investments we need to make to keep up with attackers' capabilities, we have our work cut out for us..

Read More »


January 5, 2018 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q4 2017

Vulnerabilities and breaches are mainstream news regularly. With a new vulnerability seemingly discovered daily, which should be taken more seriously (i.e., patch now!) and which are overhyped? In this quarterly research report, IANS Faculty Mike Saurbaugh updates clients on the top vulnerabilities and breaches from the past quarter and provides some real-world context and perspective.

Read More »


January 4, 2018 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2017

As organizations continue to move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


December 20, 2017 | Penetration Testing and Red Teaming
By Michael Pinch, IANS Faculty

 Purple Teaming: It’s Easier Than You Think

Red and blue team capabilities are both important when it comes to uncovering and stopping threats, but combining the two to proactively execute attacks and monitor gaps in defenses is even more valuable. In this report, IANS Faculty Mike Pinch explains the benefits of purple teaming and offers tips for getting started. 

Read More »


November 15, 2017 | Authentication
By Aaron Turner, IANS Faculty

 Correlate Real-World Users to Digital Identities

From ERP systems to Active Directory, digital identities are spread throughout our digital infrastructures. Unfortunately, most large organizations have no good way of correlating those digital identities to actual humans, a situation that both opens security holes and makes moving to new technologies like cloud and mobile much more difficult than it needs to be. In this report, IANS Faculty Aaron Turner shows how three key identity management building blocks can be used to effectively correlate real-world users to digital identities and improve enterprise security.

Read More »


November 1, 2017 | Security Awareness, Phishing, Social Engineering
By Mike Saurbaugh, IANS Faculty

 Ensure Your Security Awareness Program Fosters Behavioral Change

Security awareness training can easily become a compliance checkbox that isn’t beneficial to the organization, particularly as many users view security simply as a necessary evil that restricts their ability to get things done. In this report, IANS Faculty Mike Saurbaugh steps you through the process of ensuring security training gets employees to stop undesired behaviors (e.g., clicking on phishing links) and start desired ones (e.g., reporting suspicious emails to security), so that your training program can actually meet its ultimate goal: securing the business. 

Read More »


October 25, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Hybrid Cloud Security: Know the Fundamentals

While hybrid clouds offer more visibility and control than cloud-only environments, they also require smart architecture and security designs to keep data safe and the business as a whole up and running. In this report, IANS Faculty Dave Shackleford details the key fundamentals of hybrid cloud security, including automation, continuous monitoring and shift-left strategies designed to ensure your hybrid cloud workloads remain secure today - and over time. 

Read More »


October 18, 2017 | Configuration and Change Management
By Marcus Ranum, IANS Faculty

 Configuration Management: Driving the Future of Security

Strong configuration management not only eases operational tasks like desktop and server deployments, but it also helps improve security, especially as organizations move to newer on-demand and software-defined networking environments. In this report, IANS Faculty Marcus Ranum details the vital role configuration management plays in today's environments, and offers tips for building a comprehensive program that will help drive security well into the future.

Read More »


October 11, 2017 | Encryption, Digital Signatures, Certificates, Tokenization
By Aaron Turner, IANS Faculty

 The Future of Enterprise Encryption: Prioritizing What Matters

Encryption is a hard technology to understand and an even harder one to deploy in a consistent, reliable way. In this report, IANS Faculty Aaron Turner explains how enterprises should be re-prioritizing their encryption technologies, staffing and investments to handle the increasingly larger role encryption is set to play in today's (and tomorrow's) information security programs.

Read More »