MIS|TI
  • About MISTI
    • Overview
    • FAQs
    • Contact Us
    • Careers
    • Instructor Bios
    • Hotel Information
  • Contact

(508) 879-7999

USA EMEA / APAC
  • Linkedin
  • Twitter
  • Facebook
  • Email Newsletter
USA EMEA / APAC

Event Search

Event Search

  • About MISTI
    • Overview
    • FAQs
    • Contact Us
    • Careers
    • Instructor Bios
    • Hotel Information
  • Contact

(508) 879-7999

  • Training
    • Seminars
    • LeaderQuest Training
    • LeaderQuest Course Listing
    • ACL Training
    • Executive Programs
    • Training Weeks
    • Virtual Seminars
    • Certificate Programs
    • Course Evaluation
  • Tailored Training Solutions
  • e-Learning
    • Webinars
  • Content
    • Internal Audit Insights
    • Resource Center
  • Quick Links
    • Training Weeks
    • Expo/Sponsorship Information
    • Ways to Save
    • Request Information
    • Request to Speak
    • Newsletter Sign Up
    • Virtual Classroom Information
    • Course Evaluation Information
    • Event Downloads
  • Event Search
  • Training
    • Seminars
    • LeaderQuest Training
    • LeaderQuest Course Listing
    • ACL Training
    • Executive Programs
    • Training Weeks
    • Virtual Seminars
    • Certificate Programs
    • Course Evaluation
  • Tailored Training Solutions
  • e-Learning
    • Webinars
  • Content
    • Internal Audit Insights
    • Resource Center
  • Quick Links
    • Training Weeks
    • Expo/Sponsorship Information
    • Ways to Save
    • Request Information
    • Request to Speak
    • Newsletter Sign Up
    • Virtual Classroom Information
    • Course Evaluation Information
    • Event Downloads
  • Event Search
  • Linkedin
  • Twitter
  • Facebook
  • Email Newsletter

Event Search

  2. Home
  3. Infosec Insider

Infosec Insider

ft: Toolsf: 2000-01-01t: 3000-01-02c: 2021-03-02
asdf
2019-07-30 05:34:25
Featured Article:

Code Signing: A Security Control that Isn’t Secured

By Marcos Colon
July 30, 2019
Are you familiar with code signing? If not, in this full video interview Venafi's Senior Threat Intelligence Researcher Jing Xie provides us with a breakdown.
2019-05-07 05:23:55

A Guide to Purchasing Cybersecurity Solutions

By Josue Ledesma
May 07, 2019
Knowing how to approach buying cybersecurity vendors is a difficult task. There’s a lot to manage internally (budget, needs, fit) and it’s hard to know what kind of vendors or solutions would serve your organization best. The fear, uncertainty, and doubt (FUD) experienced by cybersecurity vendors are especially troubling.
2019-05-02 05:56:10

Election Trouble Ahead: Voter Machine Issues

By Marcos Colon
May 02, 2019
Rapid7’s Director of Research Tod Beardsley highlights what you should know about voting machine security and what more needs to be done for the approaching 2020 elections.
2019-04-30 05:40:02

DeMISTIfying Security: How to Boost Your Cyber Budget

By Ed Moyle and Raef Meeuwisse
April 30, 2019
In this follow-up episode, the DeMISTIfying Security experts provide you with proven tips that you can leverage to boost the cybersecurity budget within the business. Don't miss out on this episode.
2019-04-18 05:14:26

Threat Profiling in the ICS World: What You Need to Know

By Marcos Colon
April 18, 2019
There are a slew of threats aimed at industrial control systems, and security warriors in that space need to constantly be on their toes. We caught up with Sergio Caltagirone, vice president of threat intelligence at Dragos, who shared how infosec pros in the ICS world can get started with threat profiling.
2019-04-16 05:10:53

Should You Be Paying Attention to Airborne Attacks?

By Josue Ledesma
April 16, 2019
It’s no mystery that the world of cybersecurity constantly faces a massive challenge. It has to pre-empt attacks, predict how hackers will use new attack vectors, and defend their environment against all existing attacks and attacks that may not even exist yet. In this feature, we go over one of the more obscure, but dangerous and difficult attacks to defense against—airborne attacks.
2019-03-28 05:49:26

Must You Rely on Cybersecurity Vendors to Be Secure? Is Do-It-Yourself Cybersecurity a Viable Option?

By Jim Romeo
March 28, 2019
Cybersecurity remains a persistent challenge in information technology, and for IT security professionals, AI and other tools are valuable for organically managing cybersecurity without depending on vendors that might have more sophisticated tools and experience using them.
2019-03-28 05:10:56

Your Weak Physical Security Could Be A Hacker’s Easiest Target

By Brent White & Tim Roberts, Senior Security Consultants, Threat Services, NTT Security
March 28, 2019
While having strong IT security in place to secure sensitive data on devices and networks is critical, ensuring your organization practices strong physical security is equally important. Organizations need to prevent attackers from being able to walk in and walking out with data, systems, physical documents, or worse – a new connection to your network as a persistent threat.
2019-03-21 05:58:48

The State of Passwords in 2019: Will They Ever Go Away?

By Josue Ledesma
March 21, 2019
Password security has undergone a significant transformation over the last few years. As a reaction to the insecure form of identity verification that is logging in with a password, technologies such as two-factor authentication (2FA), multi-factor authentication (MFA), and hardware keys. This begs the question—where does that leave passwords in 2019?
2019-03-19 05:32:51

DeMISTIfying Security: The Impacts of Security Assumptions

By Ed Moyle and Raef Meeuwisse
March 19, 2019
In this follow-up video, the DeMISTIfying Security experts discuss two recent containerization-related issues and how the modern-day security warrior can venture into the unknown to effectively tackle challenges such as this.
2019-03-12 05:45:31

Managing Your Infosec Budget: How to Choose the Right Vendors and Solutions

By Josue Ledesma
March 12, 2019
So many vendors, so little budget. Security departments are constantly tasked to know how to properly allocate funds to staffing, resources, tools, solutions, software, vendors, third-party contractors, and more. Even an unlimited budget wouldn’t help as security departments can find themselves bloated with software or vendors, leading to an inefficiently run department.
2019-03-05 05:13:23

DeMISTIfying Security: The Top 3 Dangerous Security Assumptions

By Ed Moyle and Raef Meeuwisse
March 05, 2019
From steering clear of marketing buzz to the impact of misinformation, DeMISTIfying Security hosts Ed Moyle and Raef Meeuwisse point out the security assumptions that could be catastrophic to any security practitioner’s role.
2019-02-28 05:40:26

How to Manage Employee Mobile Device Risk in Your Organization

By Josue Ledesma
February 28, 2019
In this article, we’ll go over what devices infosec departments should have an eye on and how to tackle the challenge of BYOD head-on. For an expert’s perspective, we spoke to Georgia Weidman, founder of Shevirah, a mobile and IoT testing company.
2019-02-26 05:33:43

How to Turbocharge Your Cybersecurity Awareness Training

By Jim Romeo
February 26, 2019
Cybersecurity awareness training is a critical component to your security hygiene. The most effective training programs are offered frequently and use available frameworks, focus points, tools, and tactics to build a culture where cybersecurity is embraced, not avoided or shunned.
2019-02-19 05:40:25

DeMISTIfying Security: Getting a Jump on Zero Trust in Your Environment

By Ed Moyle
February 19, 2019
Last week the DeMISTIfying Security hosts explored the Zero Trust model. This follow-up segment takes things one step further as security veteran Ed Moyle explains how you can get a jump on kickstarting Zero Trust within your organization.
2019-02-07 05:00:06

2019 Cybersecurity Threat Trends: What Should Be On Your Radar Part 2

By Josue Ledesma
February 07, 2019
Last week we shared the first part of this two-part series on cyber threats in 2019. This week we wrap up the remainder of the insights we shared thanks to our conversation with subject matter expert Adrian Sanabria, VP of strategy and product at NopSec.
2019-02-05 05:04:12

DeMISTIfying Security: Exploring the Zero Trust Model

By Ed Moyle and Raef Meeuwisse
February 05, 2019
In the latest edition of MISTI’s DeMISTIfying Security, Ed and Raef dissect the zero trust model. From the pros and cons, to the obstacles you may face rolling out this philosophical approach to security, this week’s segment will shed new light on this topic.
2019-01-31 05:50:59

2019 Cybersecurity Threat Trends: What Should Be on Your Radar

By Josue Ledesma
January 31, 2019
InfoSec Insider caught up with one SME that helped us put together a list of the looming threats your company should keep an eye on and how organizations can defend themselves accordingly. Here's a look at what you should have on your radar.
2019-01-29 05:57:19

The Thrill of the Hunt (Threat Hunting, That Is)

By Jim Romeo
January 29, 2019
The term threat hunting has been tossed around a lot, but what does it actually mean and can your cybersecurity playbook benefit from it? Many organizations are tapping into its benefits, so we've decided to provide you with a breakdown in this feature article.
2019-01-22 05:25:41

DeMISTIfying Security: To 2019 and Beyond!

By Ed Moyle and Raef Meeuwisse
January 22, 2019
In last week's segment, Ed and Raef discussed some of the major developments in infosec in 2018. This week, they take out their crystal ball and look into 2019, sharing their thoughts on what many practitioners could expect.
2019-01-17 05:25:37

The State of Artificial Intelligence in 2019

By Marcos Colón
January 17, 2019
Artificial intelligence is found in homes across the globe, and it's also being leveraged by troves of organizations across the country. But how mature is the technology and how open should you be to adopting it as part of your security strategy? In this exclusive interview, we catch up with one expert who breaks it down for us.
2019-01-15 05:26:38

DeMISTIfying Security: 2018 Year in Review

By Ed Moyle and Raef Meeuwisse
January 15, 2019
In the latest installment of InfoSec Insider’s DeMISTIfying Security series, security experts Ed Moyle and Raef Meeuwisse return to review the major breaches, developments, and takeaways that you can get from information security events in 2018.
2019-01-10 05:00:59

How to Prepare for the Digital Transformation Era

By Marcos Colón
January 10, 2019
Like it or not, the digital transformation era is here. But what does that actually mean--and more importantly--what does that mean to you? We caught up with Zscaler's Business Value Consulting Leader, Jason Georgi, who broke it down for InfoSec Insider.
2019-01-08 05:34:22

How AI Can Prevent Dangerous Email Mistakes

By Marcos Colón
January 08, 2019
What's the state of artificial intelligence in the enterprise today? More importantly, how can the security and risk department benefit from its benefits to measurably reduce risk within the business? InfoSec Insider caught up with Neil Larkins, CTO at Egress Software, who breaks it down for us.
2019-01-03 05:16:05

Cloud Security in 2019: What InfoSec Leaders Can Expect

By Marcos Colón
January 03, 2019
InfoSec Insider catches up with the Cloud Security Alliance's Jim Reavis, who shares what security leaders should be focusing on when it comes to cloud security in 2019. You'll want to take note of these insights and predictions.
2018-12-27 11:34:33

InfoSec Insider Top 10 in 2018

By Marcos Colón
December 27, 2018
As 2018 wraps up, InfoSec Insider looks back at some of the most popular articles we've produced for our loyal audience. From communicating security metrics to the board and making sense of attack patterns, to key areas that you should focus your cybersecurity strategy on, here's a list of the top 10 articles.
2018-12-13 05:11:50

The Blockchain Revealed: How InfoSec Can Benefit from the Protocol

By Marcos Colón
December 13, 2018
InfoSec Insider catches up with Debbie Hoffman, CEO of Symmetry Blockchain Advisors at the CSA Congress event, who clarifies what blockchain means to security leaders today, and any privacy implications they should be aware of.
2018-12-11 05:49:11

Leveraging Collaboration and SOAR to Secure Our Digital Future

By Cody Cornell
December 11, 2018
The idea behind collaborative security is to change the security and threat landscape from the daunting “one vs. many” to “many vs. many,” embracing the power of knowledge and collaboration to protect valuable data.
2018-12-06 09:14:34

Cybersecurity 101: How to Get Started in the Business (Part 2)

By Ed Moyle and Raef Meeuwisse
December 06, 2018
In this walkthrough, InfoSec Insider experts Ed Moyle and Raef Meeuwisse demonstrate one useful exercise that can aid security practitioners in getting a lay of the land in their organization, serving as the perfect first step in ultimately measuring and reducing information security risks.
2018-12-04 05:42:01

Cybersecurity 101: A Discussion on the Basics and Fundamentals

By Ed Moyle and Raef Meeuwisse
December 04, 2018
InfoSec Insider SMEs Ed Moyle and Raef Meeuwisse are back, but this time they're talking fundamentals. If you're an up-and-coming security warrior, you'll definitely want to heed this advice from the two infosec experts.
2018-11-29 05:54:58

Considerations for Cloud Service Providers on the Path to FedRAMP Accreditation

By Baan Alsinawi
November 29, 2018
The government has urged the private sector to offer agencies secure cloud solutions through the FedRAMP accreditation, which establishes baseline standards for security assessment, authorization, and continuous monitoring. Here, we provide six key considerations to help guide FedRAMP accreditation efforts.
2018-11-27 05:48:52

An Open Source Intelligence (OSINT) Revolution, You Say?

By Jim Romeo
November 27, 2018
As a security practitioner, we're sure you've heard of the benefits that open source intelligence (OSINT). But what exactly is it and how can you leverage it as it relates to your current security strategy? This article answers that question and more.
2018-11-20 05:09:02

Do You Really Need a Penetration Test?

By Ed Moyle
November 20, 2018
This will probably be a contentious point for some, but there are situations where a penetration test isn’t the best use of an organization’s resources. Here, we examine what is (and isn't) a pentest, and what its goals should be depending on your organization's needs.
2018-11-13 05:35:42

How to Train Your Team (and Organization) to Effectively Use Threat Intelligence

By Josue Ledesma
November 13, 2018
Threat intelligence has transformed the information security world for the better but it’s not always leveraged in the best way possible by organizations and departments. InfoSec Insider spoke to threat intel expert Karl Sigler to get a sense of how organizations can maximize threat intelligence for their organization.
2018-11-08 05:54:03

What’s Next for IoT Security?

By Marcos Colón
November 08, 2018
InfoSec Insider catches up with Armis co-founders Yevgeny Dibrov and Nadir Izrael who discuss the current climate as it relates to IoT security, and offer up some dos and don’ts when it comes to connected devices within the enterprise.
2018-11-06 05:26:33

4 Things to Know About Penetration Testing & AI

By Min Pyo Hong, CEO and Founder, SEWORKS
November 06, 2018
Conducting penetration testing via simulated attacks on your organization's network is the best way to help your business evaluate the strength of your network security protocols and identify any backdoors, weaknesses, and gaps between different security tools, and prioritize risk. This contributed article explains why.
2018-11-01 05:54:15

Common Application Vulnerabilities You Should Know About

By Marcos Colón
November 01, 2018
While patching vulnerabilities seems like a “low-hanging fruit” task for many security practitioners, it seems as though many still fail to do so. In this interview with application security expert Chris Eng, he highlights the common blind spots associated with vulnerability management.
2018-10-18 05:30:25

Are You Investing in the Right Cybersecurity Tools?

By Marcos Colón
October 18, 2018
NSS Labs CEO Vikram Phatak speaks with InfoSec Insider and offers up tips to up-and-coming security professionals on how to make smart and effective cybersecurity solution purchasing decisions. From blocking out buzzwords and marketing jargon to building a great team, here’s what you need to know.
2018-10-11 05:14:43

Cryptocurrency Mining Malware and Cryptojacking: What to Know and How to Protect Your Organization (Part 2)

By Ed Moyle
October 11, 2018
On Tuesday InfoSec Insider kicked off a how-to video series that focuses on topics surrounding the challenges that our readers face on a daily basis. In this companion video, security expert Ed Moyle provides a deep dive on how you can protect your organization from cryptocurrency mining malware and cryptojacking.
2018-10-04 05:13:15

Security Automation is Here. Now What?

By Marcos Colón
October 04, 2018
enSilo CEO Roy Katmor sits with InfoSec Insider to discuss how security automation is impacting the time and duties of the modern day security professional, and how the skills they need to succeed will change as a result of the technology.
2018-09-25 05:19:06

Social Mapper: The What, Why, and How

By Marcos Colón
September 25, 2018
InfoSec Insider catches up with Trustwave SpiderLabs Threat Intelligence Manager Karl Sigler on the company’s latest open source tool which enables penetration testers and red teasers to scrape social media data.
2018-09-18 05:47:59

A Look at the Windy City’s Newest Cyber Command Center

By Marcos Colón
September 18, 2018
InfoSec Insider takes a first-hand look at Trustwave’s new SpiderLabs Fusion Center in Chicago and speaks with Chris Schueler, senior vice president of managed security services, on the purpose behind its creation.
2018-09-04 05:38:22

Push Authentication: Bringing the Most Secure Method of 2FA Mainstream

By Simon Thorpe
September 04, 2018
For consumers looking for an easier-to-use login experience, there is a solution: push authentication. This approach is a vast improvement over sending a one-time passcode via SMS and is truly the most secure method of 2FA.
2018-08-07 05:09:54

Blockchain: What It Is and What It Means for InfoSec

By Josue Ledesma
August 07, 2018
Blockchain has become the new buzzword of choice across a wide spectrum of industries, such as finance, tech, and the information security industry. However, what blockchain is and what its applications are still seem to be unclear. This article sets the record straight.
2018-07-24 05:34:38

Mobile Privacy & Infosec Tips for Frequent Travelers

By Aaron Turner
July 24, 2018
Summer will be over before you know it and for many of you, it might be time to hit the road again for business travel. Before you pack up all of your devices, you might want to keep some of this advice in mind to ensure your data is secure.
2018-06-28 05:00:33

Looking to Benefit from AI? Build Something!

By Marcos Colón
June 28, 2018
Cylance’s Colt Blackmore discusses why leveraging AI isn’t limited to purchasing an out-of-the-box solution and details the critical steps that security practitioners should take to successfully utilizing the technology to their organization’s advantage.
2018-06-26 05:32:29

A Primer on Breach and Attack Simulations

By Adrian Sanabria
June 26, 2018
In this age of vendors offering simple solutions to complex problems, defenders need the ability to see past the glamour of marketing. That's where attack simulation technology can help, enabling use cases in the market that help answer pressing questions in enterprise security.
2018-06-19 05:14:31

Imagine If Security Solutions Understood Our Language

By Vijay Dheap
June 19, 2018
It's up to security professionals to infer security significance of all the events security solutions report. The first step to arriving at an answer to this intractable problem is teaching our security tools to understand us. Advancements in Natural Language Processing could help.
2018-06-07 05:01:57

Why is DNS Underutilized as a Security Tool?

By Marcos Colón
June 07, 2018
Farsight CTO Merike Kaeo discusses why DNS is still be underutilized as a security tool today, shares some examples of lessons-learned that could apply to you, and provides steps you can take to ensure you’re taking advantage of your DNS infrastructure.
2018-06-05 05:25:04

How to Make Sense of Attack Patterns

By Josue Ledesma
June 05, 2018
In this featured post, we speak to TrustedSec Founder Dave Kennedy who offers up advice on how you can set up your security department’s defenses to respond and defend against common attacks.
2018-05-29 05:18:53

Don’t Follow the Herd When it Comes to Security Purchasing Decisions

By Ed Moyle
May 29, 2018
When it comes to making security purchasing decisions, many practitioners tend to follow the crowd. But given the variables tied to making those decisions, that may not be the best route to go. Here's why.
2018-05-22 06:16:00

Are You Confident in Enterprise Artificial Intelligence?

By Vijay Dheap
May 22, 2018
If you work in security, you've heard of AI and the "game-changing" promises of its models. How secure is AI, though, and what can organizations do to ensure AI isn't another breachable vulnerability? 
2018-04-10 06:16:00

Cloudy With a Chance of Shared Security Responsibility

By Katherine Teitler
April 10, 2018
 Today, most reputable cloud service providers are security conscious, yet users remain responsible over many—but varying—aspects of information security. Here, we take a look at the three most common public cloud models that should be on your radar.
2018-01-18 06:16:00

Be Mindful of the Password-Storing Mechanism You Choose

By Katherine Teitler
January 18, 2018
Browser password-saving tools are convenient and may allow account holders to apply stronger passwords, but they're not security tools.
2018-01-09 06:16:00

The Latest Infosec Vulnerability Meltdown: From the Viewpoint of a Cloud Researcher

By Katherine Teitler
January 09, 2018
In this follow-up article, cloud researcher Mark Nunnikhoven gives us his take on the Meltdown and Spectre vulnerabilities, which can exploit flaws in modern processors. Nunnikhoven provides us with the potential implications that you should take note of.
2018-01-08 06:16:00

The Latest Infosec Vulnerability Meltdown: From the Viewpoint of a Security Consultant and Entrepreneur

By Katherine Teitler
January 08, 2018
An interview with industry veteran Aaron Turner that helps demystify the probable consequences of Meltdown and Spectre, the two headline-grabbing security vulnerabilities capable of exploiting critical vulnerabilities in modern processors. Turner breaks down what you should do.
2017-12-26 06:12:00

Readers Choice: Top 10 InfoSec Insider Articles of 2017

By Marcos Colón
December 26, 2017
You picked them! Here's a look at the most read articles published on InfoSec Insider in 2017. From CASB to threat intelligence, you'll find a unique mix of some engaging content that answers some of your pressing questions.
2017-12-20 06:56:20

The Pros and Cons of Leveraging OSINT Tools

By Marcos Colón
December 20, 2017
A threat intelligence expert shares his experiences and advice when it comes to leveraging OSINT tools, highlighting the benefits to security organizations, but also discussing the legal ramifications one could face by accessing them.
2017-08-21 07:46:00

What Happened to Threat Intelligence?

By Katherine Teitler
August 21, 2017
The threat intelligence tools market has exploded, shaping how organizations look at the threat landscape—but not necessarily for the better.
2017-08-14 06:46:00

Conquering CASB Confusion

By Adrian Sanabria
August 14, 2017
CASB was widely regarded as the quickest-growing market ever in cybersecurity, but what impact does it have today?
2017-08-07 06:37:40

OPSEC Tradecraft: Protecting the Online Persona

By Lance James
August 07, 2017
In our last article, we discussed how disciplines like psychology and behavior-profiling can help us to better understand the adversary at the end of the keyboard. Now we are going to extend similar disciplines to ourselves as intel analysts.
2017-07-05 07:00:00

Top 5 Lies about Cloud Security

By Katherine Teitler
July 05, 2017
A look at some of the common myths surrounding cloud security.
2017-05-02 18:02:02

Why Secure Data Logistics Provides Optimum Visibility

By Marcos Colón
May 02, 2017
Security experts David Etue and Christopher Ensey discuss their research into secure data logistics.
2017-04-11 13:46:06

Fail vs Finished: The Difference Between Information and Intelligence

By Lance James
April 11, 2017
The majority of threat “intelligence” you receive and attempt to operationalize successfully currently isn’t intelligence at all; it’s simply information!
2016-12-23 07:45:00

The Best of InfoSec Insider in 2016

By Marcos Colón
December 23, 2016
As we continue to ramp up our efforts in providing you with a resourceful library of content you can rely on, we’ve decided to reflect on some of the top InfoSec insider articles of 2016, based on the engagement we’ve received from our readers.
2016-09-21 08:00:00

Threat Intel in a Box? Not so Fast.

By Katherine Teitler
September 21, 2016
“You can’t just go to the shops and buy threat intelligence; it doesn’t come in a box.” This nugget of wisdom comes from Jim Hart, Vice President at AlixPartners LLP in the UK. Whilst upon reading, this idea is a big “no kidding,” yet many in the security industry still confuse threat intelligence feeds and tools with a threat intelligence program.
2016-06-17 09:00:00

Integrating Cloud Technology Can be a Breeze

By Katherine Teitler
June 17, 2016
Even under the best of circumstances, integrating cloud services and devices into an organization’s technology workflow can be challenging. In all fairness, integrating any new device or appliance into the technology stack requires careful planning, new processes, and often a bit of trial and error. 
2016-06-06 08:00:00

Incorporating People Searches into your OSINT Threat Program

By Katherine Teitler
June 06, 2016
OSINT, open source intelligence, is a great tool for companies looking to find threat information on the web. The wealth of information available can be overwhelming, clunky, and difficult to incorporate into a threat intelligence program, however. 

CPE imageMIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.  

Copyright ©2019 MIS Training Institute Holdings, Inc. All rights reserved.  
Contact Us | Privacy | Terms and Conditions | Cookie Policy | Site Map Regional Preference