Blog Posts Tagged with "IT Security"
June 19, 2012 Added by:Rafal Los
In really re-evaluating what my whole push behind enterprise resiliency is all about - I've come to realize that the stability / resiliency tradeoff is actually quite intuitive, it's just that not many of us were taught to think this way. What we're really saying is that stability is bad...
June 17, 2012 Added by:Rafal Los
In the analysis of it, every organization needs to have someone responsible for the technology-based risk or security of the organization. Whether that's the Technology Manager, the CISO, or the "IT guy". I just want to see better security, more resiliency, and less technical risk....
June 11, 2012 Added by:Ben Kepes
Some cloud vendors are engaged with IT and following a top down adoption approach while others are aiming for a more viral bottom up adoption. What issues do these different approaches raise and how do we navigate this path while ensuring agility and compliance?
June 05, 2012 Added by:Jayson Wylie
Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...
June 04, 2012 Added by:Richard Stiennon
The IT security industry has found a new threat actor: The United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response. The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry...
May 30, 2012 Added by:Wendy Nather
There's a great discussion going on right now on Twitter about what's wrong with security conferences: Do we have too many? Are they focusing on the wrong things? Even if the hot topics are nominally the same, the perspectives and timbre of discussions will be very different...
May 24, 2012 Added by:Robert Siciliano
An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...
May 23, 2012 Added by:Jayson Wylie
The US government’s Department of Defense had, and may still have, issues with counterfeit components being procured and used in military weapons, vehicles and equipment. It’s a national security issue when the supply chains are compromised by weaknesses and scams...
May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”
May 22, 2012 Added by:Jack Daniel
The depressing “booth babe” situation is an ongoing embarrassment. In the right contexts, I have nothing against attractive people, fast cars, or other things normally used to sell cheap beer - I just don’t believe that tech and security events are the correct contexts...
May 12, 2012 Added by:Dan Dieterle
Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?
May 06, 2012 Added by:Kevin W. Wall
In computer security, we should strive to make all trust relationships explicit and leave nothing to chance or misinterpretation. That's one key step in defining a trust model. At its core, information security is largely about the two goals of “ensuring trust” and “managing risk”...
May 02, 2012 Added by:benson dana
I once worked at a place where a senior manager collected the passwords of employees. There had been resistance to giving up this policy, and the excuse was that this unit's mission was unique and that this was necessary. How often does the internal auditor hear this excuse?
April 25, 2012 Added by:Bill Gerneglia
Mainframe technology can become dated quickly, and as application complexity increases, more space and increased mainframe functionality is required. If a mainframe fails to support advancing technology, application performance is put at stake...
April 22, 2012 Added by:Ben Kepes
This tension between old and new is interesting to watch and has some interesting parallels within organizations. I’m talking about the tension that exists between IT and business units. The former who want to ensure security and control, the latter who simply want to get stuff done...
April 19, 2012 Added by:Ben Kepes
On the side of IT it’s all about security, control and transparency. On the side of the business, it’s years of frustration at slow and cumbersome IT procurement processes – they want to get stuff done. It’s fair to say that we’re still in the Wild West of cloud adoption...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013