Blog Posts Tagged with "Enterprise Security"
The Patchwork Cloud Part 1: An Overview
February 23, 2012 Added by:Rafal Los
Cloud computing isn't a paradigm every organization will follow whole-hog, nor should it be. Public cloud, hybrid cloud, private cloud, these are all terms need to be understood first and have some sort of rational approaches to security and risk management around them...
Comments (0)
The CISO as a Capable Catalyst
February 22, 2012 Added by:Rafal Los
"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."
Comments (0)
Choosing Secure Data Storage - A Difficult Dance
February 20, 2012 Added by:Bozidar Spirovski
There are multiple pros and cons across our storage systems parameters, but at first glance, the enterprise storage systems have the upper hand. Bear in mind though, such systems always come with exorbitant pricing, especially on any upgrades after the initial purchase...
Comments (0)
Intelligence Committee Continues Probe into Chinese Telecoms
February 17, 2012 Added by:Headlines
Chairman Rogers initiated the probe last fall after a preliminary inquiry into Chinese espionage operations determined the need for further investigation into threats aimed at the U.S. technology supply chain, critical infrastructure, and proprietary information...
Comments (0)
Responsibility vs Capability in the CISO Role
February 17, 2012 Added by:Rafal Los
Capability is often seen as the ability to enforce - whether its corporate politics, budget, or a top-down reporting structure. If you don't have the capability to force people to follow organization-wide decisions it is difficult to have a solid organization...
Comments (0)
Best Practices to Prevent Document Leaks
February 16, 2012 Added by:Peter Weger
Unfortunate consequences occur when companies lose control over confidential assets and experience intentional or unintentional disclosure of the information. In some cases, even the possibility of information leakage can damage reputations and stock prices...
Comments (0)
Lessons from the Nortel Networks Breach
February 16, 2012 Added by:Suzanne Widup
Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?
Comments (0)
The Truth Behind Data Breaches
February 16, 2012 Added by:Neira Jones
SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...
Comments (5)
Creating Sustainable Compliance Performance
February 16, 2012 Added by:Thomas Fox
Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...
Comments (0)
Remember, Security Predictions Make...
February 15, 2012 Added by:Wendy Nather
Security predictions can be a great way of starting conversations if you look at them the right way. If you look at them the wrong way, they're great for raising a huge chorus of "Nuh-UH!" or even "You're kidding, right? Call the coroner..."
Comments (0)
Nortel: From Bankruptcy to Industrial Espionage Victim
February 15, 2012 Added by:Pierluigi Paganini
The damage is incalculable if we consider the enormous amount of data that may have been lost. Information on technological solutions, business reports, and other sensitive documents were stolen for years, seriously compromising the intellectual property of the company...
Comments (2)
In Cyber - Losers Ignore, Survivors React, Winners Predict
February 15, 2012 Added by:Richard Stiennon
Every organization has a choice: become a victim of cyber attack and pay the cost of recovery then rely on quick reactions to changes in the threat space to survive the next attack, or predict the escalation in attacks and invest early in the defenses required...
Comments (0)
FBI Bitten by Operational Security
February 13, 2012 Added by:Fergal Glynn
Employees forward confidential calendar events and messages to personal calendars and personal email accounts. This may make their jobs easier but it can put their companies at risk. A recent security incident involving the FBI can teach us something about corporate security...
Comments (0)
Commercial DDoS Tools Offer a Competitive Advantage
February 13, 2012 Added by:Headlines
With the growing availability of DDoS services being marketed directly to businesses, enterprises may increasingly find themselves under attack from competitors seeking to gain an advantage in the increasingly lucrative Internet marketplace...
Comments (0)
Smart Grid Raises the Bar for Disaster Recovery
February 13, 2012 Added by:Brent Huston
Many of the organizations we have talked to simply have not begun the process of adjusting their risk assessments, disaster plans and the like for these types of operational requirements, even as smart grid devices begin to proliferate across the US and global infrastructures...
Comments (0)
NIST Finalized Guidelines for Security in the Cloud
February 12, 2012 Added by:David Navetta
According to NIST, SP 800-144 is geared for those involved in cloud computing initiatives; security personnel responsible for security and privacy measures for cloud computing; system and network administrators; and users of public cloud computing services...
Comments (0)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers