Blog Posts Tagged with "Ethics"

3e35900ae6facc6c146a85c435c71d82

Ethics of Big Data: Balancing Risk and Innovation

December 18, 2012 Added by:Ben Rothke

While few organizations have specific policies around big data, even less how though about the ways in which people in their organization use that data and the ethical issues involved. The benefits of big data analytics are significant, but the potential for abuse is also considerable...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Fifty Shades of Grey Hat: Hacking and Ethics

September 19, 2012 Added by:Tripwire Inc

The grey hat is more interested in the “how” than the “why”. There is a respect for the black hat's technical abilities, while keeping a wary eye on them. Some grey hats have had run ins with the law, not due to being malicious, but because curiosity got the best of them...

Comments  (1)

959779642e6e758563e80b5d83150a9f

Friends and Family Breach Patient Privacy, Not Estonian Hackers

September 17, 2012 Added by:Danny Lieberman

Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Official Statement on ISC2 and the Freak Power Ticket

August 26, 2012 Added by:Infosec Island Admin

Vote for the horsemen. If not me, then the others for a bigger point here. Those of you who take the ISC and CISSP seriously need to look at your org. Do you think that any with this certification are good at what we do because we took a test and adhere to some ethics rules the board ignores when they see fit?

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Throwing the Baby Out with the Bath Water

July 20, 2012 Added by:Infosec Island Admin

You train employees to protect not only from clicking on links or suspect emails, but you also teach them good ethics as well as security hygiene. The cumulative effect will help you secure the environment and in tandem with your technical means, and make it all the better...

Comments  (3)

59d9b46aa00c70238bb89056cfeb96c0

The Compliance Professional as a Trusted Advisor

July 18, 2012 Added by:Thomas Fox

Compliance is ar form of risk you can measure, evaluate and then manage. If the risk becomes too great, that may create an unacceptable level which your company will not tolerate. One of your key roles of a compliance practitioner is to reduce the level of risk which your company cannot or will not tolerate...

Comments  (0)

850c7a8a30fa40cf01a9db756b49155a

On the Right to Bear Cyber Arms

July 10, 2012 Added by:J. Oquendo

An attacker is decimating my infrastructure. I have purchased and deployed every security technology I can think of. I have contacted law enforcement as a matter of relevance, but I know they will not be able to do much. I have given the service provider two fair warnings. I now fight fire with fire...

Comments  (1)

59d9b46aa00c70238bb89056cfeb96c0

Breaking the Enigma Code: Creating a Functioning Compliance Culture

June 25, 2012 Added by:Thomas Fox

New York Times reporter Adam Bryant recently profiled Angie Hicks, one of the co-founders of Angie’s List, who has some interesting observations on leadership that I found applicable to creating a functional compliance effort within an organization, from compliance professionals to ethical leadership...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Napoleon’s Invasion of Russia and Risk Management

June 20, 2012 Added by:Thomas Fox

As compliance programs become more mature, you can use the information generated in a risk assessment in a variety of ways to facilitate an overall risk management program. To create an effective risk management system, understand the qualitative distinctions among types of risk an organization faces...

Comments  (0)

11146d62a6c31fb9fac8ac8ac991e08d

We Don’t Need Cyber-Vigilante Justice

June 15, 2012 Added by:Andy Willingham

You see what made me so mad? It wasn’t the release of the PII of all those innocent people, it was their reason for doing it. They reported a web site vulnerability and it wasn’t fixed, so they decided to post PII of thousands of people on the internet. Who put them in the role of deciding who wins and who loses?

Comments  (2)

59d9b46aa00c70238bb89056cfeb96c0

How the DOJ Looks at Compliance Programs Part 2

May 31, 2012 Added by:Thomas Fox

The ABA Primer notes that an effective compliance program consists of documentation that an organization “exercise[s] due diligence to prevent and detect criminal conduct; and otherwise promote[s] an organizational culture that encourages ethical conduct and a commitment to compliance with the law”...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Social Engineering: A True Story of Incredible Deception

May 31, 2012 Added by:Ben Rothke

In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Is Lord Sugar a Member of Anonymous?

May 18, 2012 Added by:Javvad Malik

I’m simply asking the question that if Lord Sugar read something he didn’t agree with, and instead of privately sharing his thoughts or being in any way constructive, why did he expose the email address of Kevin OSullivan and invited 2 million people to DDoS his inbox?

Comments  (0)

5106d48203954b74e6ea495e5c7f21b0

No National 'Stand Your Cyberground' Law Please

May 14, 2012 Added by:William Mcborrough

We know that some attacks on our privately owned critical infrastructure have been attributed to foreign government networks. Would it be wise to license companies to attack these networks? The last thing we need is an international incident started by some SysAdmin..

Comments  (0)

54a9b7b662bfb0f0445d1661d7ed180b

Taming the WWW or Wild Wild West

May 13, 2012 Added by:Jayson Wylie

There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Turn Compliance Beliefs Into Action: Impact Tone at the Bottom

May 11, 2012 Added by:Thomas Fox

This method is a good way for a compliance practitioner to get at ‘tone at the bottom’. By engaging employees at the level suggested you can find out not only what the employees think about the compliance program but use their collective experience to help design a more effective program...

Comments  (0)

Page « < 1 - 2 - 3 > »