International Airport Cyber Security Challenges

| 0 comments

Air travel and the security measures surrounding this industry face countless challenges today than ever before. On September 11, 2001, the world changed forever due to the terrorist attack on the United States and airport security would never be the same again. The need to protect nations and their citizens drove changes both in the airline industry and government responsibilities. The solutions engaged today does a great job of addressing security threats however; the thin line of personal freedom and the regulations enacted by governments is questionable by many citizens and activist groups. In late 2001, the Transportation Security Administration (TSA) was established and charged with the safety of travel within the United States.  The TSA employees a number of technologies to conduct security operations and because technology in itself face threats, it is imperative that cyber threats are mitigated. There are so many points of failure that the job of security quickly becomes hard-hitting. The apparent points of interest are aircraft security, passenger screening, baggage screening, credentials, and human behavior, with the human behavior the distinct largest threat. Turning the focus to international airports often increases security threats largely due to the logistics involved and the dependency upon other …

Continue reading

Free Security Vulnerability Guides From Veracode

| 0 comments

Veracode focuses on security for organizations to accurately identify and manage application security risk. They offer a number of resources to include podcast, whitepapers, cheat sheets, and much more. SQL Injection Cheat Sheet The SQL Injection Cheat Sheet provides a summary of everything you need to know about SQL Injection. The SQL Injection Cheat Sheet contains the key concepts of SQL Injection and a SQL Injection example and tips for prevention of SQL Injection attacks. Note that you must register with Veracode in order to obtain these cheat sheets. Download the FREE SQL Injection Cheat Sheet Cross-Site Scripting (XSS) Cheat Sheet The Cross-Site Scripting Cheat Sheet provides a summary of what you need to know about Cross-site Scripting. Our XSS cheat sheet details the different types of Cross-site Scripting and shows you how to protect against Cross-site Scripting vulnerabilities. Download the FREE XSS Cheat Sheet LDAP Injection Cheat Sheet The LDAP Injection Cheat Sheet provides a summary of what you need to know about LDAP Injection. It contains a LDAP Injection example and details of how to protect against LDAP Injection vulnerabilities. Download a FREE LDAP Injection Cheat Sheet  

Facing Cyber Security Threats From Employees

| 0 comments

At the epicenter of any company is its employees and because people come from various backgrounds, it is essential to define educational activities and expectations. Companies who institute security policies and training guidelines supply employees the means to protect the company’s interest. People by nature want to do the right thing; however, employees must understand the rules to succeed. The cause of many security infractions is traced back to poor decisions when it comes to understanding the extent of security risks to include email, mobile devices, social networking, and work expectations. It is important to recognize that hardware and software deliver a strong measure of security, but behind the technology resides people. Within the Information Technology (IT) discipline often resides a range of education and real world experience that can often play a effective role in the realm of security. The challenge often is implementation, measurable results, and easily understood by employees at all levels. There are a number of diverse approaches to security and while approaches will differ from company to company, the important thing is to recognize the threat. By understanding and addressing human behavior, security risks will reduce, but only to a degree. Companies face a substantial …

Continue reading