Zero Day Vulnerability in Java (CVE-2012-4681) with No Patch in Sight
Over the weekend, FireEye reported seeing a new Java zero-day vulnerability (CVE-2012-4681) being exploited through targeted attacks. The vulnerability impacts Oracle Java JRE 1.7.x running on...
View ArticleCall for Volunteers – Help Create an Easy to Use Open Source Risk Equation
For many years now, the information security industry has attempted to adapt existing Risk Management practices for the task of managing information security. Numerous frameworks have been devised...
View ArticleWho is Responsible for Application Security?
Development or Security? A recent uptick in the importance of application security driving the debate During a recent visit to a client site, I took part in a discussion where the Development...
View ArticleMatt Neely Presenting on Smart Grid Security at the Ohio Information Security...
I’ll be presenting “Smart Grid IQ Test – Assessing the Security of Smart Grid Systems” at the Technology First Ohio Information Security Conference (O-ISC). The conference is March 13th and is located...
View ArticleThe Importance of Sample Size in Social Engineering Tests
We Have a Problem Information security has a problem. We make far too many decisions without having reliable data to assist in our decision making process. Because of this, far too many information...
View ArticleMinimum Requirements for a PCI-DSS Risk Assessment
In information security, various regulations require a periodic risk assessment. The Payment Card Industry (PCI) Data Security Standard (DSS) is no exception. For PCI-DSS, the risk assessment process...
View ArticleBuilding a Cloud Security Framework
Through regular discussions with a client in the utilities industry, the director of security at a large utilities provider approached SecureState with a problem. The CIO had decided to move a number...
View ArticleHealthcare Interrupted
As medical science advances, so too does the equipment used to deliver care. In a modern-day hospital, more and more medical devices, such as IV pumps, ventilators, MRI, CAT Scan and X-Ray machines are...
View ArticleWhat Manufacturers Should Do to Build Secure Devices
Recently the security of network-enabled medical devices has earned a lot more attention as a result of new FDA draft guidance. The Challenge: The challenge now facing the medical device industry is...
View ArticleHelping Businesses Securely Migrate to the Cloud
SecureState was recently approached by a retailer with a problem we are seeing more and more often. Their CIO had decided to move a number of the company’s core applications to the cloud and CSO...
View Article
More Pages to Explore .....