Cloud security is a huge, ever evolving subject that is difficult to cover in a short space, especially with so many different cloud service types and architectures (SaaS, IaaS, PaaS, external, internal, and hybrid). However, there are a few cloud security practices that just about any organization should apply when working with the cloud. Don’t ...
Read Blog
If you can't measure it, you can't manage it.  Metrics, the bane and blessing of corporate citizens, emerge from this truism.  Metrics allow managers to determine the efficacy of process changes and technology implementation.  However, poor metrics sometimes impose an atmosphere of micromanagement that damages employee and customer relationships. The use of business intelligence (BI) ...
Read Blog
Smartphones have done wonderful things for employee mobility, but they have also complicated the security picture at organizations large and small. Where most companies used to limit smartphone use to one platform, such as Research In Motion’s Blackberry, most now cope with multiple smartphone models, platforms, and operating systems, each with its own quirks and ...
Read Blog
McAfee Security Certification Program Today, McAfee is excited to announce the addition of two new exams and certifications to our McAfee Security Certification Program. We launched the program back in January with two initial assessments, promising to add to our curriculum as time went on. The two new certifications, McAfee Certified Product Specialist – Network ...
Read Blog
What is the biggest threat to your company’s network? Look in the mirror. A huge percentage of recent high profile attacks, including those perpetrated on Epsilon, RSA, the Oak Ridge Laboratories in Tennessee, and the Gmail accounts of government officials—not to mention Operation SHADY Rat—are suspected to be based on spearphishing, a devious social engineering ...
Read Blog
Recently Dmitri Alperovitch, McAfee’s VP of Threat Research, published a blog about Operation Shady RAT. In the blog and corresponding whitepaper he details an investigation of targeted intrusions into over 70 global companies, governments, and non-profit organizations over the last five years that appear to be sourced from a single actor or group. The targeted ...
Read Blog
Last week, we hosted our monthly #SecChat on Stealth Crimeware. When it comes to building malware, cyber criminals are getting smarter – employing stealth techniques with malware able to self-replicate and evade detection for long periods of time. It can be costly for enterprises to remediate the damage done to infected machines and networks. During ...
Read Blog
If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets.  The threat landscape has evolved beyond PCs, tablets, and smartphones to a whole new battleground: connected devices all around us. According to Ericsson, there will be ...
Read Blog
Decades ago when the early communications networks were formed, scientists rallied around the joy of sending data at light speed and happily connected once-disparate networks together to create the early stages of the "Internet."  This capability eventually enabled conversations, money transfers, massive data sharing, and the confluence of convenience and efficiencies unlike any the world ...
Read Blog
I had the privilege of speaking before the House Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies at a hearing titled “Examining the Cyber Threat to Critical Infrastructure and the American Economy.” I was pleased to have the opportunity to provide McAfee’s perspective on the threats that face our nation’s infrastructure, as well as provide ...
Read Blog