Blog Posts Tagged with "Risk Management"


Reaching for the Cloud: A Contemporary Infosec Perspective

March 21, 2012 Added by:Hani Banayoti

We need to entrust information security to professionals who not only know the fundamental principles and technologies, but are also able to understand and support the business's goals in order to influence and contribute positively to the ongoing infosec challenge...

Comments  (0)


Location, Location, Location: It Works in Risk Management

March 21, 2012 Added by:Edwin Covert

With the increase in cybercrime costs, organizations need to be able to ensure they are maximizing their return on risk management investment. An effective way of doing this is making sure the information security or risk management team is properly aligned within their organization...

Comments  (0)


Compliance: Moving Off Dead Center

March 19, 2012 Added by:Mary Shaddock Jones

The cost of implementing a compliance program will vary, however, it isn’t expensive enough to find yourself in front of the DOJ explaining why you spend money on air travel or paper clips than you do on a compliance program. Trust me, you don’t want to be in that position...

Comments  (0)


Cyber Security for 2012 Olympics Focus of Business Continuity Forum

March 19, 2012 Added by:Headlines

"The market-wide exercise showed that the banking community is prepared to handle some aspects of a cyber attack, but must shore up other areas. I encourage all managers to think about whether they are have adequate, practical plans in place..."

Comments  (2)


ENISA: Inventory of Public Sources on Information Security

March 16, 2012 Added by:Infosec Island Admin

ENISA has launched a stock taking exercise using a questionnaire to establish an Inventory of publicly available sources on Information Security. Therefore, collection and aggregation of existing data and sources is an effective tool to raise information security...

Comments  (0)


The Patchwork Cloud - What's the Deal with Cloud Security?

March 14, 2012 Added by:Rafal Los

Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...

Comments  (0)


CyLab Report: Corporate Boards Neglecting Cyber Security

March 13, 2012 Added by:Headlines

"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."

Comments  (0)


Understanding Cloud Security Part One

March 11, 2012 Added by:Neira Jones

The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...

Comments  (0)


Quantifying Risk Reduction with an Unknown Denominator

March 07, 2012 Added by:Rafal Los

The problem that exists with all these risk reduction measurements is that they're impossible to quantify. There is simply no way to say that by doing X you've reduced risk by Y% - at least not when you don't know the total number of issues that exist. And therein lies the problem...

Comments  (0)


Improving Compliance Performance in Your Supply Chain

March 05, 2012 Added by:Thomas Fox

One of the areas moving towards being incorporated into compliance programs is the supply chain. While many companies have focused significant compliance efforts towards the sales chain, the supply chain is now viewed as an area which requires compliance scrutiny...

Comments  (0)


Continuous Patching: Is it Viable in the Enterprise?

February 28, 2012 Added by:Rafal Los

The way patching works right now on all different levels I'm surprised anything works because we have operating system patches going in with application patches - and we're all just a heartbeat away from catastrophe. Maybe more continuous patching can be our savior...

Comments  (2)


CISSP Certification, Information Security and Risk Management

February 23, 2012 Added by:Javvad Malik

The ISC2 promote it as the premier security certification in the world and have you believe that with a CISSP comes great knowledge, power, mastery of the Force and an abundance of wealth. To everyone else it’s a bunch of letters security people put after their name...

Comments  (4)


The Patchwork Cloud Part 1: An Overview

February 23, 2012 Added by:Rafal Los

Cloud computing isn't a paradigm every organization will follow whole-hog, nor should it be. Public cloud, hybrid cloud, private cloud, these are all terms need to be understood first and have some sort of rational approaches to security and risk management around them...

Comments  (0)


Best Practices to Prevent Document Leaks

February 16, 2012 Added by:Peter Weger

Unfortunate consequences occur when companies lose control over confidential assets and experience intentional or unintentional disclosure of the information. In some cases, even the possibility of information leakage can damage reputations and stock prices...

Comments  (0)


Creating Sustainable Compliance Performance

February 16, 2012 Added by:Thomas Fox

Thriving employees - who are not only “satisfied and productive but also engaged in creating the future” for their organization - out produce non-thriving employees. These concepts matter within the context of promoting a culture of compliance within your organization...

Comments  (0)


Information Security Relief is Spelled ISO-27001

February 15, 2012 Added by:John Verry

No matter the industry or service offering, organizations processing data on behalf of clients are experiencing the pain of proving they are secure and compliant with client standards and the myriad of regulations which their clients are obligated. ISO-27001 spells relief...

Comments  (0)

Page « < 5 - 6 - 7 - 8 - 9 > »