Blog Posts Tagged with "Budgets"
March 12, 2012 Added by:Headlines
"Utilities have – as many predicted – realized that their grids are no longer isolated or protected from attackers. Smart grids need intelligence or they are not smart. Adding that intelligence to grids will increase their attack surface and utilities know this..."
February 23, 2012 Added by:Headlines
"The proposed legislation would enable DHS to be more effective and efficient in its protection of federal networks by clarifying DHS’ authorities in this space and enabling better sharing of cybersecurity information from other federal agencies to DHS..."
February 19, 2012 Added by:Fergal Glynn
We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...
February 09, 2012 Added by:Rafal Los
Odds are, you can usually close out multiple compliance requirements across multiple requirements regulations by doing something singular in a security program. Performing software security audits during various phases of your SDLC solves many compliance requirements...
February 09, 2012 Added by:Ben Kepes
Identify the data that is touched by each IT process. Is there any data that has to stay in-house for security or compliance reasons? You may need to change IT processes so the sensitive data is not affected by the transition...
February 07, 2012 Added by:Fergal Glynn
Knowing how much money you’re going to spend upfront is a challenge until you have the application inventory, until you know what your risk tolerances are, and until you have a fair idea of what the problems are. You’ll have to start slow and realize the number may grow...
February 06, 2012 Added by:Rafal Los
Even if you did know where all your critical information is, you'd probably be powerless to control its sprawl. Let's face it, systems consume data and then become mobile - which is hardly something you can do anything about in a world where mobility is a key business driver...
January 31, 2012 Added by:Don Turnblade
How much did restoring, repairing, reimaging, improved firewall rules, down time, legal fines, or direct fraud cost per event? Asking what it is may be too close to that great low pressure system, and you do not need to be struck by lightning. I won't ask and you won't tell...
January 31, 2012 Added by:Bill Gerneglia
The acquisition pace in the security industry has been steady the last few years due to the global proliferation of security breaches. Will this acquisition pace continue? Many analysts believe it will accelerate to address the proliferation of global security threats...
January 28, 2012 Added by:Rafal Los
If you can't be good, be cheap - the battle cry of the second-rate vendor. After spending 4 years as part of a world-class sales organization, I can tell you that with no uncertainty that I've seen some of my competitors do some absolutely insane things to compete...
January 16, 2012 Added by:Brent Huston
Variations exist in depth, skill level, scope, reporting capability, experience, etc. Selecting security testing vendors based upon price is a bad idea. Matching specific experience, reporting styles and technical capabilities to your environment is a better solution...
January 13, 2012 Added by:Rafal Los
As costs pile up from beaches, innovation suffers. Ask someone who runs a hospital network - the true cost of innovation slow-down can be counted in lives. Maybe I'm being a little dramatic, but I suspect this is closer to reality than we'd like to admit to ourselves...
December 30, 2011 Added by:Headlines
“The members all share the same belief that these inefficiencies can be greatly reduced. By taking action now we can conserve our resources and ensure our capacity for critical national security activities in the future...”
December 19, 2011 Added by:Headlines
"When we look at the plan itself, it represents our visions for the research necessary to develop game changing technologies that can help neutralize today's cyber attacks and build an infrastructure to secure our systems from what may come in the future..."
December 12, 2011 Added by:Headlines
“Many SCADA systems were deployed without security in the belief that SCADA would always be isolated from the Internet. But it’s not, and even when it is, attacks such as Stuxnet can circumvent the isolation by using USB memory sticks to spread..."
December 05, 2011 Added by:Rafal Los
It seems that we're using statistics, metrics, surveys and 'studies' to demonstrate what we can't otherwise adequately explain. That would be all well and good, if the math wasn't all fuzzy. Numbers can't fib, only the people that manipulate them can be accused of that trespass...
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013
Projectile Dysfunction... ryan mccarthy on 12-01-2013