• Share
  • ?
  • Profiles ▼
  • Communities ▼
  • Apps ▼

Blogs

  • My Blogs
  • Public Blogs
  • My Updates

  • Log in to participate

About this blog

Welcome to the Security and Risk Management Blog, where you can read the perspectives from security and risk management experts. This Blog provides insights into the security and risk management solution, as well as technical details about specific IBM pr
  • Facebook
  • Twitter
  • Google
  • LinkedIn
  • RSS

Trending topics


Archive

  • August 2017
  • July 2017
  • May 2017
  • August 2013
  • July 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • September 2011
  • August 2011
  • July 2011

Recent tweets

    All posts
    • Sort by:
    • Date ▼
    • Title
    • Likes
    • Comments
    • Views

    5 Ways Organizations Are Recovering Their Data

    SocialMktgFella 310002X3TT | | Comments (2) | Visits (2177)

    Tweet
    Data loss is getting worse. Businesses and other organizations are losing their content 24/7 throughout the globe. Cyberattacks on elections, intelligence agencies and the highest government levels make the news every day. Attacks on big business – Target, Sony and more – threaten the identities of employees, customers and stakeholders. Yet, small businesses have become the easiest data bank to rob.   The Size Of The Problem What you see in recent research is some confusion about the size of the problem, but it's bad. And,... [More]

    2FA Architecture — The privacy threat

    Stefan.Certic 50YS2T4PVD | | Visits (3523)

    Tweet
    2FA Architecture — The threat to privacy of modern Internet Are we secured with multiple layers of security?   There is a huge initiative from industry leaders to double secure user account in order to regain access in case of lost password. That’s perfectly fine. It helps you recover credentials, but this study shows it opens a hole that might be one of the largest security and privacy threats. Both private users and enterprises employs services such as Google, Facebook, Twitter, LinkedIN and others and give trust to... [More]

    Tags:  security security-intelligence

    How Cybersecurity is Changing in 2017

    RotemGitlin 50RUXT2ST5 | | Visits (4734)

    Tweet
    “Cybersecurity” has become an increasingly vague and generalized term. The concept of cybersecurity encompasses every angle from which infiltrators and others with malicious intentions can make their mark. From cyber espionage and hacking electronic medical records to keylogging and trojan viruses, the term cybersecurity does not adequately capture the extent to which threats have evolved. But there is some good news: 2017 has seen new technologies prove to be effective solutions. Most important, we're seeing new philosophies... [More]

    TUC Newsletter- August 2013

    lcflatley 270006EHEQ | | Visits (2317)

    Tweet
      Are you a member of the TUC? IN THIS ISSUE Global Group Updates Member Interview TUC Webcasts Webcast Replays User Group Meetings Sponsors MEMBER INTERVIEW TUC Member Interview Todd Loveday , Maximo Project Manager, URS Corporation   Click here   to view other TUC Member Interviews WEBCAST REPLAYS Check out the replays of July's TUC webcasts!   Webcast Replay   ​ Monitoring of Your DataPower Multi-Tenant Environment   Webcast Replay   ​ Demonstrate the Value of Your Maintenance Department by... [More]

    Integrated Service Management Library

    lcflatley 270006EHEQ | | Visits (3617)

    Tweet
    IBM wants to increase the value of your existing products by bringing you more content through the  Integrated Service Management Library . Please take a moment to help us understand what kind of content would be most useful to you by answering this very brief survey.

    Audit, Surveillance, and Customer Service

    powers-old-account 270000NC1K | | Visits (3677)

    Tweet
      How a pair of missing pants taught me about audit, surveillance, and customer service and the implications for technology controls. [Read this post.]

    Tags:  security surveillance audit privacy

    TUC Webcast: IBM’s Next Generation of IAM solutions – What You Need to Know Now

    LizCrider 270005ET06 | | Visits (3810)

    Tweet
    Don’t miss the next Tivoli User Community webcast: IBM’s Next Generation of IAM solutions – What You Need to Know Now on December 12, 2012 at 11:00 am ET, USA.   Reserve Your Webcast Seat Now   Overview: In Q4 2012, IBM Security completely revamped the Identity and Access Management portfolio to address today’s advanced security threats. Familiar products such as Tivoli Identity Manager and Tivoli Access Manager for e-business have new IBM Security names and exciting new capabilities. Plus we’ve announced brand new solutions... [More]

    Tags:  ibm security user iam tivoli solutions tuc webcast storage community

    The 2012 IBM Tech Trend Report

    powers-old-account 270000NC1K | | Visits (3722)

    Tweet
    I've posted  my thoughts on the 2012 IBM Tech Trends Report  at the IT Security Zone blog. Interesting how pervasive security is in the report. 

    Tags:  security

    I wish there was an authentication algorithm like this

    XiaoMai 1000007VK1 | | Visits (4134)

    Tweet
    There was a time, when logging in to your bank account was a simple matter of entering a user ID, entering a password, and accessing your account. Similarly, getting cash from an ATM, just entailed inserting your card, entering your PIN code, and grabbing the cash. Not any more. When you access your bank’s web page, something horrible, called ‘malware’, sits on your PC, remembering every character you type, and sending them all to its sociopathic owner, so that he can later rob you. When you visit your ATM, a hidden camera records the... [More]

    Tags:  authentication security online atm banking identity

    Skype Account Hijack Attack: Lessons Learned

    powers-old-account 270000NC1K | | Visits (3950)

    Tweet
    What kinds of security controls could have prevented the Skype account hijack attack? Can we do anything except rely on white hat penetration testing? [Read this post.]

    Tags:  security skype pentesting

    Legitimate Security Through Obscurity

    powers-old-account 270000NC1K | | Visits (3437)

    Tweet
    There are times when “security through obscurity” is a perfectly legitimate security control tactic, especially against opportunistic attackers. [Read this post.]

    Tags:  security obfuscation

    Payment Card Fraud and a Checking Account DMZ

    powers-old-account 270000NC1K | | Visits (3946)

    Tweet
    Could the IT DMZ be used as a model for controlling payment card fraud and help protect against skimming attacks like those at Barnes and Noble? [Read this post.]

    Tags:  pci fraud payment-card security

    Social Engineering Attack Demographics

    powers-old-account 270000NC1K | | Visits (3602)

    Tweet
    Our common stereotypes of social engineering attacks don’t match up to the latest data in the Verizon 2012 Data Breach Investigations Report. [Read this post.]

    Tags:  social-engineering security

    Protecting the Password File

    powers-old-account 270000NC1K | | Visits (3336)

    Tweet
    RSA announces a new offering to protect password credentials. But is protecting the password file really that difficult? [Read this post.]

    Tags:  passwd password security

    The 2012 Global Reputational Risk and IT Study

    powers-old-account 270000NC1K | | Visits (3904)

    Tweet
    The 2012 Global Reputational Risk and IT Study calls into question the assumption that IT security incidents have only temporary impact on reputation. [Read this post.]

    Tags:  erm security reputation risk

    IBM Security zSecure suite

    JeroenTiggelman 27000186A5 | | Visits (4420)

    Tweet
    News about the IBM Security zSecure suite  is regularly posted to SMC - System Z .   Recent news of particular interest from a compliance perspective: IBM Security zSecure Audit integration with QRadar SIEM

    Tags:  mainframe z/os security servicemanagementconnect q1labs racf qradar acf2 siem db2 systemz ism cics topsecret zsecure

    Tivoli Access Manager V6.0 Videos

    MarissaHarold 2700051CN2 | | Visits (4286)

    Tweet
    IBM Tivoli Access Manager for e-business is a single sign-on (SSO) solution that authorizes and authenticates user access to Web and other hosted applications. Tivoli Access Manager’s software is a highly scalable user authentication, authorization and Web SSO solution for enforcing security policies over a wide range of Web and application resources. It centralizes user access management for online portal and business initiatives. See the support and services Tivoli Access Manager V6.0 has for you and your business needs in the... [More]

    Tags:  tivoli access iea manager

    developerWorks security site launched

    powers-old-account 270000NC1K | | Visits (3494)

    Tweet
    About an hour ago we launched the new developerWorks security site . I'm excited to have this corner of developerWorks to pull together all of the existing security articles on dW in one place. But more importantly we're looking forward to producing a steady stream of how-to articles and videos on producing secure code and securing your IT operations at the new developerWorks security site. The developerWorks security site has two key parts to its "Practices" area. The first section is devoted to secure software... [More]

    Tags:  developerworks security dw

    Privilege Escalation at the Low End

    powers-old-account 270000NC1K | | Visits (3012)

    Tweet
        “All or nothing” authentication for low end privilege escalation hampers end-user adoption due to the inconvenience associated with authentication. [Read this post.]

    Tags:  authentication security mobile

    Amazon and Apple Account Hack: A Trifecta of Security Flaws

    powers-old-account 270000NC1K | | Visits (3675)

    Tweet
    The recent Amazon / Apple account hack shows three examples of the same type of fundamental security flaw: using personal information as a credential. [Read this post.]

    Tags:  amazon strong-authentication pwdreset apple security authentication
    • Show:
    • 10
    • 20
    • 30
    • Previous
    • Next
    1 2