Resource Library

For several years, most news articles about a computer, network, or Internet-based compromise have mentioned the phrase "zero day exploit" or "zero day attack," but rarely do these articles define what this is. A zero day exploit is any attack that was previously unknown to the target or security experts in general. Many believe that the term refers to attacks that were just released into the wild or developed by hackers in the current calendar day. This is generally not the case. The "zero day" component of the term refers to the lack of prior knowledge about the attack, highlighting the idea that the victim has zero day's notice of an attack. The main feature of a zero day attack is that since it is an unknown attack, there are no specific defenses or filters for it. Thus, a wide number of targets are vulnerable to the exploit.

The responsibility for securing organizational data has spread beyond the traditional IT professional. While there are more diverse security solutions, there are more diverse and sophisticated security threats. Security awareness and training is essential for everyone within an organization. Learn how Cisco has continued to evolve its security solutions and training.

Microsoft SQL Server has evolved over the years as a scalable, robust database management system and is now competing in the VLDB (Very Large Database) space with Oracle and IBM. The market share for the product continues to grow, based on total cost of ownership and ease of use. This white paper outlines some of the important fundamentals of Microsoft SQL Server 2008 that every DBA should know.

Rather than looking back over the past year, organizations and individuals need to start assessing cybersecurity threats that lie ahead in the New Year. While there is always the chance for a new threat or risk to be unearthed this year, often the risks of the New Year are predicable from the trends of attacks from the previous year. However, other factors need to be considered as well, including new technologies, new software and applications, mobility, etc. Here are my predictions of the areas to watch for new security threats. When it comes to cybersecurity, we have a lot to look out for, take precautions against and be paranoid about.

Like it or not, Internet of Things (IoT) is upon us. There are a number of factors that will impact its adoption rate, and the inevitable privacy (or lack of) discussions will likely happen sooner than later. This is going to change the world as we know it, in many cases for the better. But we will need to keep an eye on the extent to which it invades our personal lives if it is going to be the positive force it has the potential to be.

You are a problem. You are a risk to your employer. The actions you take and the activities you perform at work, online, and even in your personal life put your employer at risk. You need to know how you are a security risk to the organization and what you can do to reduce or eliminate those risks. In this paper, I discuss ten common risky behaviors that typical workers engage in and what you can do to avoid being the weakest link in your company.

Technology is a wonderful thing, but it comes with a price: cybersecurity. Free Web browsers, social media sites and other digital services collect personal information like email addresses, phone numbers, place of employment, buying habits, mortgage data that is shared with advertisers. The availability of this information leaves us vulnerable to hackers. This white paper can help you learn more about what kind of personal data is typically collected, and how to secure your information online.

Increased interconnectivity via machine-to-machine (M2M) communications, the IoE, and smart systems holds profound implications for how business trends continue to evolve. In terms of M2M growth, key developments in security will be essential, from the design and manufacture of devices to more robust cloud security and ensuring the integrity of wireless data transmissions. Without these safeguards in place, organizations and industries that rely on M2M will continue to place themselves at risk.

Has your company implemented "reasonable security"? If so, you should be able to avoid lawsuits and fines after a breach. But what is "reasonable security," and is there a definition?

It has been over three years since the last revision of the CompTIA Security+ exam back on May 1, 2014. In fall of 2017, the latest version, SY0-501, was released. This revamped exam retains the same six domains as established in SY0-401, which emphasizes security in three main areas: application, data, and host.