Blog Posts Tagged with "Budgets"
Cyber Warfare, Budget Cuts and a Shortage of Cyber Experts
June 16, 2012 Added by:Plagiarist Paganini
Despite the increased engagement in cyber warfare, the US must faces a crisis which has inevitable effects on the budgets allocated to defense. U.S. Defense Secretary Leon Panetta often has expressed concerns about the possibility of a major cyber attack against the US and its critical infrastructure...
Comments (6)
The (Hidden) Cost of Security Fixes in Enterprise Software
May 29, 2012 Added by:Rafal Los
Who should pay for fixes necessary to patch security defects in software? The question is deeper than whether fixes should be made available free of charge for software components that are found to contain issues. There are more costs than simply acquiring the fix here, which is where the conversation changes...
Comments (1)
Security: Back to the "Made in the USA" Tradition
May 23, 2012 Added by:Jayson Wylie
The US government’s Department of Defense had, and may still have, issues with counterfeit components being procured and used in military weapons, vehicles and equipment. It’s a national security issue when the supply chains are compromised by weaknesses and scams...
Comments (0)
How to Secure Patient Data in a Healthcare Organization
May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”
Comments (0)
For Great Justice - I Mean Security...
May 22, 2012 Added by:Wendy Nather
Organizations that are IT-poor tend also to be security-poor because security becomes optional, a luxury and an omission for the small business that doesn't know it has something to lose -- or even if it does, it hasn't the faintest idea of how to address it...
Comments (0)
Why Does Software Security Keep Falling off your Budget?
May 22, 2012 Added by:Rafal Los
Approximately 3 out of 4 attacks against your enterprise or organization come at your applications. Whether it's at your website, at the mobile app you've deployed, or your enterprise API - you're being attacked where the lowest defenses are - the application...
Comments (0)
SCADA Security: Consequences and Difficulty with Incentives
May 18, 2012 Added by:Rafal Los
Here's the problem - when it comes to critical infrastructure protection it's very difficult to legislate and regulate the organizations that matter into a state of better security. The problem is that in order to enforce policy and rules there either have to be consequences to failing, or incentives not to fail - or both...
Comments (0)
Small Merchant Data Security: Helping Them Help Themselves
May 17, 2012 Added by:Stacey Holleran
Many small merchants—whether selling online or brick-and-mortar, or both—don’t have the technological background to understand the steps necessary for protecting the cardholder information and other sensitive data that passes through (and may be stored in) their business systems...
Comments (0)
The Absurdity of Cloud Computing and Hosted Services
May 12, 2012 Added by:Dan Dieterle
Many companies are turning to online services to help cut costs and restore some level of IT support to their organizations. But what truly makes you think that these online services are not going through the same internal cutbacks and employee changes to cut costs of their own?
Comments (7)
Legislation Would Stick Business with Cyberwar Costs
May 08, 2012 Added by:Headlines
"The legally mandated role of the government is to provide for the common defense, and they're willing to spend pretty much whatever it takes... If you're in a private organization, your legally mandated responsibility is to maximize shareholder value. You can't spend just anything..."
Comments (2)
The Security Poverty Line and Junk Food
April 16, 2012 Added by:Wendy Nather
Organizations below the security poverty line tend to be inordinately dependent on third parties and have less direct control over the security of the systems they use. They end up ceding risk decisions to third parties that they ideally should be making themselves...
Comments (2)
The Infosec Investment Equation - Can You Solve It?
April 09, 2012 Added by:Neira Jones
Redundant measures always expose themselves very rapidly: they either don’t help you run your shop, or nobody around you is interested in them. So if you still have some of these, your job is to scrap them because it will save some time and resources to apply elsewhere...
Comments (0)
From Obstacle to Ally - Repositioning the Security Team
March 30, 2012 Added by:Steven Fox, CISSP, QSA
Rarely are non-security staff engaged in risk control discussions – a lack of interaction that disenfranchises those who will interact with the controls. This engenders a sense of powerlessness that leads to passive sabotage of initiatives intended to further the business...
Comments (0)
CIOs See Growth in IT Budgets and Staff for 2012
March 27, 2012 Added by:Bill Gerneglia
After several years of stagnant or negative growth, most companies are now projecting a 3-4 percent increase in IT budgets and staffing for this year, which can be seen as acknowledgement that IT is critical if companies are to execute on their aggressive growth plans...
Comments (0)
Howard Schmidt on Federal Cyber Security Priorities
March 27, 2012 Added by:Headlines
"Federal Departments and Agencies must defend their information systems in a resource-constrained environment, balancing system security and survivability while meeting numerous operational requirements requires robust risk management," said Schmidt...
Comments (0)
Changing of the Guard: A Perspective on the Changing CISO Role
March 19, 2012 Added by:Rafal Los
Security means different things to different people - but by and large we can agree on the need to defend our organizations against those bad guys who wish to do it harm whether it's from a purely destructive perspective or something more sinister...
Comments (0)
- SecurityWeek Names Ryan Naraine as Editor-at-Large
- Why Cyber Security Should Be at the Top of Your Christmas List
- United States Federal Government’s Shift to Identity-Centric Security
- How Extreme Weather Will Create Chaos on Infrastructure
- BSIMM11 Observes the Cutting Edge of Software Security Initiatives
- Sustaining Video Collaboration Through End-to-End Encryption
- Will Robo-Helpers Help Themselves to Your Data?
- Securing the Hybrid Workforce Begins with Three Crucial Steps
- A New Strategy for DDoS Protection: Log Analysis on Steroids
- COVID-19 Aside, Data Protection Regulations March Ahead: What To Consider