Blog Posts Tagged with "Enterprise Security"
Big Opportunities in the Cloud
May 16, 2012 Added by:Ben Kepes
Purists were adamant that the Private Cloud was flawed and that it could not deliver the benefits of the Public Cloud. On the other hand organizations were highly skeptical of the Public Cloud, listing its shortcomings in terms of security, reliability, compliance and control...
Comments (0)
Security BSides Detroit Announces its June Schedule
May 15, 2012 Added by:Steven Fox, CISSP, QSA
The BSides conference is billed as a un-conference where practitioners go for clear unfiltered view of the industry. The conference features two tracks and thirty-two talks of local and national experts on a variety technical and non-technical subjects...
Comments (0)
Software Security: A Chief Financial Officer’s Perspective
May 15, 2012 Added by:Fergal Glynn
Surprise, you woke up today and found that 10% of the value of your company is gone because confidential customer information was made public. The FTC is knocking on your door asking for a forensic security audit. Your largest investors are calling about the scope of the breach...
Comments (0)
The Patchwork Cloud: Portability of Security in Cloud Computing
May 15, 2012 Added by:Rafal Los
Portability is important not just across your various cloud providers but also internally. What are we talking about here? First is the acknowledgement that security isn't exclusively about the perimeter anymore. The move to cloud computing environments hastens this awareness...
Comments (0)
FBI Guidance of Combating the Insider Threat
May 15, 2012 Added by:Infosec Island Admin
The thief who is harder to detect and who could cause the most damage is the insider — the employee with legitimate access. They may steal solely for personal gain or be a “spy”—someone who is stealing company information or products in order to benefit another organization or country...
Comments (0)
Cybercrime Does(n't?) Pay
May 15, 2012 Added by:Beau Woods
Although many studies fail at basic science, I'm hopeful that the information security industry will get better both at true academic research and at coming up with accurate metrics for the most important data. We'll get there as we mature as an industry, but it will take a while...
Comments (0)
What is the Value of a Good Name?
May 15, 2012 Added by:Jon Long
What is the value of a good name? Do you want a firm that has little to lose, or one who has much to lose. I guarantee you that the firm with the most to lose will be the most thorough in their examination of your internal controls. It's time we take a stand against cheap risk assurance...
Comments (0)
Treat Passwords Like Cash
May 15, 2012 Added by:Danny Lieberman
Every Web site and business application has a different algorithm and password policy. For users, who need to maintain strong passwords using 25 different policies on 25 different systems sites, it’s impossible to maintain a strong password policy without making some compromises...
Comments (0)
No National 'Stand Your Cyberground' Law Please
May 14, 2012 Added by:William Mcborrough
We know that some attacks on our privately owned critical infrastructure have been attributed to foreign government networks. Would it be wise to license companies to attack these networks? The last thing we need is an international incident started by some SysAdmin..
Comments (0)
Securing Your Company Against BYOD-Created Threats
May 14, 2012 Added by:Ashley Furness
The increasing emergence of Bring Your Own Device (BYOD) policies has both good and bad implications. Here are four strategies your company should implement to keep data secure while supporting employees' choice to use their own laptops, smartphones and tablets in the workplace...
Comments (2)
Federal Charges Filed in Case Involving Theft of Trade Secrets
May 14, 2012 Added by:Headlines
The indictment alleges that Janice Kuang Capener took information related to customers and the pricing and sales of products without authorization from secure Orbit databases, and used that information for herself and others to the economic detriment of the company...
Comments (0)
Vulnerabilities: Context Matters
May 14, 2012 Added by:Jack Daniel
You do need to assess how the vulnerability is exposed, what mitigations are in place or even possible, how hard the threat may be to execute against your situation, and whether there is a graceful failure mode if the opportunity turns out to be inopportune...
Comments (0)
The Importance of Mobile Device Management for Enterprise Security
May 14, 2012 Added by:Drayton Graham
Almost everyone has their own mobile phone these days, nd they are quickly becoming a necessity in business. In order to enable the kind of freedom BYOD brings, the corporate network and data needs to be protected. Mobile Device Management is a solution that will help with this...
Comments (1)
The Absurdity of Cloud Computing and Hosted Services
May 13, 2012 Added by:Dan Dieterle
Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?
Comments (7)
Keeping Security Relevant: From Control to Governance in the Cloud
May 12, 2012 Added by:Rafal Los
When someone mentions public cloud, you quickly see the polarizing effects the topic has, generating a very negative reaction to the idea of putting anything corporate in the public cloud. What does that mean for the future of corporate information security and risk management?
Comments (0)
Turn Compliance Beliefs Into Action: Impact Tone at the Bottom
May 12, 2012 Added by:Thomas Fox
This method is a good way for a compliance practitioner to get at ‘tone at the bottom’. By engaging employees at the level suggested you can find out not only what the employees think about the compliance program but use their collective experience to help design a more effective program...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR