Blog Posts Tagged with "Enterprise Security"
February 28, 2012 Added by:Rafal Los
The way patching works right now on all different levels I'm surprised anything works because we have operating system patches going in with application patches - and we're all just a heartbeat away from catastrophe. Maybe more continuous patching can be our savior...
February 27, 2012 Added by:David Navetta
While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...
February 26, 2012 Added by:Ben Kepes
There’s s flip side to technology democratization in that the high level of accessibility also means that it’s very easy for organizations to set themselves up as vendors – sometimes without the necessary level of professionalism that would be optimal...
February 25, 2012 Added by:Rafal Los
Perhaps it is security professionals' diminished tolerance for FUD, or perhaps there is a collective awakening to the bigger picture, or it was just time for the chickens to come to roost. No matter, this drastic anti-FUD backlash is strong and I for one say it's about time...
February 24, 2012 Added by:Eric Cissorsky
The deadline should be treated as an opportunity for your organization to learn and refine their processes and procedures. Like any other virus outbreak, this requires a coordinated effort between security professionals, systems administrators and other stakeholders...
February 24, 2012 Added by:Neira Jones
It is crucial that businesses understand which controls are needed to maintain the security of their information assets and it is therefore crucial that suppliers are assessed against the business regulatory and compliance framework...
February 23, 2012 Added by:Javvad Malik
The ISC2 promote it as the premier security certification in the world and have you believe that with a CISSP comes great knowledge, power, mastery of the Force and an abundance of wealth. To everyone else it’s a bunch of letters security people put after their name...
February 23, 2012 Added by:Fergal Glynn
EU Data Protection Authorities will apply these rules even if this information is processed outside of Europe, it’s not clear today whether these new rules will have an impact on the existing Safe Harbor regulations – something to watch out for in the consultation period...
February 23, 2012 Added by:Rafal Los
Cloud computing isn't a paradigm every organization will follow whole-hog, nor should it be. Public cloud, hybrid cloud, private cloud, these are all terms need to be understood first and have some sort of rational approaches to security and risk management around them...
February 22, 2012 Added by:Rafal Los
"If a CISO initially receives any capability when starting the position, that was capability that was left over from their predecessor. It is now the CISO's responsibility to earn more capability and solidify what may already exist..."
February 20, 2012 Added by:Bozidar Spirovski
There are multiple pros and cons across our storage systems parameters, but at first glance, the enterprise storage systems have the upper hand. Bear in mind though, such systems always come with exorbitant pricing, especially on any upgrades after the initial purchase...
February 17, 2012 Added by:Headlines
Chairman Rogers initiated the probe last fall after a preliminary inquiry into Chinese espionage operations determined the need for further investigation into threats aimed at the U.S. technology supply chain, critical infrastructure, and proprietary information...
February 17, 2012 Added by:Rafal Los
Capability is often seen as the ability to enforce - whether its corporate politics, budget, or a top-down reporting structure. If you don't have the capability to force people to follow organization-wide decisions it is difficult to have a solid organization...
February 16, 2012 Added by:Peter Weger
Unfortunate consequences occur when companies lose control over confidential assets and experience intentional or unintentional disclosure of the information. In some cases, even the possibility of information leakage can damage reputations and stock prices...
February 16, 2012 Added by:Suzanne Widup
Much is being published about how inappropriate the response to the Nortel incident was, but it demonstrates an important point for companies - how do you know when you’ve done enough? How do you tell when an incident is over, and you should go back to business as usual?
February 16, 2012 Added by:Neira Jones
SQLi was the number one attack vector found in both the Web Hacking Incident Database and the number one Web-based method of entry in incident response investigations. SQL injections were the number one Web application risk of 2011...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015