July 07, 2010 Added by:Dejan Kosutic
The problem when the ISO 27001 scope is not the whole organization is that the Information Security Management System must have interfaces to the outside world - clients, partners, suppliers etc., but also the organization's departments that are not within the scope...
June 30, 2010 Added by:Dejan Kosutic
I have seen quite a lot of smaller companies (up to 50 employees) trying to apply risk assessment tools as part of their ISO 27001 implementation project. The result is that it usually takes too much time and money with too little effect.
June 30, 2010 Added by:Marjorie Morgan
ISA President Larry Clinton has been asked to detail the implications of the ISA Cyber Security Social Contract as it relates to the future of Cooperation and Conflict in the Global Commons at an invitation only meeting in Virginia Beach today, June 30th.
June 29, 2010 Added by:Nathaniel Markowitz
Bulletproof (BP) hosting is an increasingly important and under-researched component of cyber-criminal activities. While there are several different ways that BP hosting can be accomplished, it is generally understood as a service that promises customers that their websites will not be taken down, regardless of complaints or content.
June 28, 2010 Added by:Danny Lieberman
The key vulnerabilities of a business to fraud and data loss are rooted in the four sins of hubris: thinking, looking, fighting and denying. Hubris is defined as excessive pride or self-confidence, starting with the thought that fraud and data theft won’t happen to you. Most firms look in the wrong direction, by focussing on external threats and malware in...
June 27, 2010 Added by:Eli Talmor
IT security professionals are engaged in a game of cat and mouse with hackers. As fast as they deploy security countermeasures, these rogue elements discover loopholes or entirely new avenues of attack. Traditional security methods have relied upon closely guarding the perimeter of a company's network.
June 25, 2010 Added by:Allan Pratt, MBA
Computer security has been part of my best practices since I purchased my first computer way back in 1995 and experienced the Internet for the first time. All of my home systems are always protected with host-based IDS, software backups, and regular maintenance. However, I had a “wow” computer security moment recently.
June 24, 2010 Added by:Jason Remillard
So do I think BP could learn from our industry on incident and emergency response? To be sure, they are very different industries, impacts and processes. However, for me, the responsibilty of business to be protective of their clients, supportive and acknowledging of client concerns and responsible for their actions.
June 23, 2010 Added by:Dejan Kosutic
You have been implementing ISO 27001 for quite a long time, invested quite a lot in education, consultancy and implementation of various controls. Now comes the auditor from a certification body - will you pass the certification?
June 23, 2010 Added by:Simon Heron
Last week’s Talinn conference was the latest in a series of international gatherings to discuss cybercrime. Unfortunately, although international cooperation is an essential element in defeating cybercrime, these discussions have so far been unable to find an actionable agreement.
June 22, 2010 Added by:Anthony M. Freed
Information security is still not garnering appropriate attention from the executive level at some of the largest companies in the world, many of whom are engaged in business activity considered critical to the nation's infrastructure.
June 22, 2010 Added by:Marjorie Morgan
In conjunction with the American National Standards Institute (ANSI), ISA published its first handbook for enterprises which examines corporate cyber security from an economic perspective as much as the technical one.
June 22, 2010 Added by:Lauren Twele
This is a good question, but we have to understand what is meant by Enterprise Architecture (EA). It is generally accepted to be a discipline and sometimes a role or organization responsible for those activities that strategically align an organization to its technology and business goals.
June 21, 2010 Added by:Rahul Neel Mani
It is high time the CIOs should look at modernising their application infrastructure and move on to cost-effective and faster platforms. In an exclusive conversation, Stuart McGill, CTO, Micro Focus shares his thoughts with Rahul Neel Mani.
Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013