Blog Posts Tagged with "IT Security"
Stability is Bad for Your Business
June 19, 2012 Added by:Rafal Los
In really re-evaluating what my whole push behind enterprise resiliency is all about - I've come to realize that the stability / resiliency tradeoff is actually quite intuitive, it's just that not many of us were taught to think this way. What we're really saying is that stability is bad...
Comments (0)
Do You Really Need a CISO to Have Security?
June 17, 2012 Added by:Rafal Los
In the analysis of it, every organization needs to have someone responsible for the technology-based risk or security of the organization. Whether that's the Technology Manager, the CISO, or the "IT guy". I just want to see better security, more resiliency, and less technical risk....
Comments (6)
Forecast 2012–Enterprise Cloud Best Practices Panel
June 11, 2012 Added by:Ben Kepes
Some cloud vendors are engaged with IT and following a top down adoption approach while others are aiming for a more viral bottom up adoption. What issues do these different approaches raise and how do we navigate this path while ensuring agility and compliance?
Comments (0)
Keeping Technology Staff Honest
June 05, 2012 Added by:Jayson Wylie
Technology staff, on occasion, have had an all-access pass to all data on Window’s networks. This creates an environment where the support staff has exposure in having access to sensitive and confidential stuff stored in the most private parts of the organization’s data stores...
Comments (0)
Operation Olympic Game, Project X and the Assault on Security
June 04, 2012 Added by:Richard Stiennon
The IT security industry has found a new threat actor: The United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response. The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry...
Comments (0)
Conferring about Security Conferences
May 30, 2012 Added by:Wendy Nather
There's a great discussion going on right now on Twitter about what's wrong with security conferences: Do we have too many? Are they focusing on the wrong things? Even if the hot topics are nominally the same, the perspectives and timbre of discussions will be very different...
Comments (1)
IT Security: Preventing Insider Threats
May 24, 2012 Added by:Robert Siciliano
An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...
Comments (0)
Security: Back to the "Made in the USA" Tradition
May 23, 2012 Added by:Jayson Wylie
The US government’s Department of Defense had, and may still have, issues with counterfeit components being procured and used in military weapons, vehicles and equipment. It’s a national security issue when the supply chains are compromised by weaknesses and scams...
Comments (0)
How to Secure Patient Data in a Healthcare Organization
May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”
Comments (0)
A Meandering Rant on Sexism in Security
May 22, 2012 Added by:Jack Daniel
The depressing “booth babe” situation is an ongoing embarrassment. In the right contexts, I have nothing against attractive people, fast cars, or other things normally used to sell cheap beer - I just don’t believe that tech and security events are the correct contexts...
Comments (2)
The Absurdity of Cloud Computing and Hosted Services
May 12, 2012 Added by:Dan Dieterle
Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?
Comments (7)
Understanding Trust
May 06, 2012 Added by:Kevin W. Wall
In computer security, we should strive to make all trust relationships explicit and leave nothing to chance or misinterpretation. That's one key step in defining a trust model. At its core, information security is largely about the two goals of “ensuring trust” and “managing risk”...
Comments (0)
Password Policy: Sharing Passwords
May 02, 2012 Added by:benson dana
I once worked at a place where a senior manager collected the passwords of employees. There had been resistance to giving up this policy, and the excuse was that this unit's mission was unique and that this was necessary. How often does the internal auditor hear this excuse?
Comments (0)
Evolution vs. Revolution in the Enterprise Mainframe
April 25, 2012 Added by:Bill Gerneglia
Mainframe technology can become dated quickly, and as application complexity increases, more space and increased mainframe functionality is required. If a mainframe fails to support advancing technology, application performance is put at stake...
Comments (0)
More on the IT Business Boiling Point
April 22, 2012 Added by:Ben Kepes
This tension between old and new is interesting to watch and has some interesting parallels within organizations. I’m talking about the tension that exists between IT and business units. The former who want to ensure security and control, the latter who simply want to get stuff done...
Comments (0)
Cloud Adoption Tension: IT vs Business
April 19, 2012 Added by:Ben Kepes
On the side of IT it’s all about security, control and transparency. On the side of the business, it’s years of frustration at slow and cumbersome IT procurement processes – they want to get stuff done. It’s fair to say that we’re still in the Wild West of cloud adoption...
Comments (0)
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform