Blog Posts Tagged with "Security Strategy"


Common Criteria Evaluation Assurance Level (ISO 15408)

January 30, 2011 Added by:Jamie Adams

Common Criteria is a framework in which computer system users can specify their security and assurance requirements. Vendors then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims...

Comments  (0)


Defense in Depth: Security Strategy or Security Blanket?

January 26, 2011 Added by:Robb Reck

We have all heard that a defense in depth is required for an effective security program. But in many ways defense in depth has become a security blanket for companies, rather than a strategy. The number of different technologies may give a nice sense of security, but provides negligible added value...

Comments  (6)


Complexity - A Sure Way to Fail

January 11, 2011 Added by:Rafal Los

Almost every single product's marketing page has "Ease of Use" as one of the checkbox features, it's rare that this actually manifests itself in the real products. The end result of difficult to use security products is clear - security breaches are rampant. You don't have to take my word for it...

Comments  (4)


Getting Off the Patch

January 10, 2011 Added by:Pete Herzog

Patching is just one small part of the solution that includes Anti-virus, firewalls, intrusion detection systems, strong authentication, encryption, physical locks, disabling of scripting languages, reduced personal information on social networks,as part of a healthy lifestyle solution...

Comments  (13)


CIOs Must Keep the Focus on the Big Picture

January 07, 2011 Added by:Rahul Neel Mani

A smart CIO knows when to stay out of tactical initiatives within the company, let his team get on with it, and keeps the focus on the big picture, says Anjan Bose, CIO Haldia Petrochemicals Ltd. Bose equips himself to see IT as a component of business, and never business as means to deploy IT...

Comments  (0)


Information Security: A New Year Resolution

January 05, 2011 Added by:Javvad Malik

Information security is not unlike most professional industries. Whenever anything goes wrong, it’s never really our fault. With a large number of people to point the finger at, it’s almost too easy to shift the blame. So, this year, I’d like to set off on a more positive and accountable route...

Comments  (0)


Getting Results the Wrong Way

January 03, 2011 Added by:Andy Willingham

Right results are not the measurement of success. How you arrive at the results is more important. It is not all about results. Of course results are important, done the right way. Lots of us in the community have been saying that the industry is broke and that we’re looking for ways to fix it...

Comments  (0)


FTC Guidelines for Securing Digital Copiers

January 03, 2011 Added by:David Navetta

Seemingly innocuous and common digital copiers once again flag just how many locations potentially sensitive data can be found in a typical business that result in a data breach or inadvertent release or disclosure of protected or confidential information...

Comments  (0)


CIOs: Stop Talking Jargon - Start Talking Solutions

January 01, 2011 Added by:Rahul Neel Mani

CIOs need to stop talking jargon to their business colleagues, says Harvey Koeppel, Executive Director, Center for CIO Leadership. Have conversations around the business benefits behind that jargon and you will immediately get active support right up to the CEO...

Comments  (0)


Less Privacy, Better Security

December 18, 2010 Added by:Rahul Neel Mani

Information is the lifeblood of not just corporations but organized crime and terrorism, says Steve Durbin of the Information Security Forum. Durbin says we may have to give up some individual privacy in return for security...

Comments  (0)


Security Strategy: From Requirements to Reality

December 13, 2010 Added by:Ben Rothke

Without a deeply embedded structured approach to security systems design, Anderson argued that we find ourselves in the situation we are in today, with applications and operating systems full of bugs, vulnerabilities and other serious security flaws...

Comments  (0)


My My Commisioner, What Nice Teeth You Have

December 07, 2010 Added by:Javvad Malik

Sarbanes Oxley, an almost bottomless pit of money poured into achieving compliance. And then we wonder why people view security in a negative light. It’s because all they ever hear is do this or you’ll get fined, do that or you’ll be sent to jail, threats threats threats. It’s all about negative threats...

Comments  (0)


What Security Issues Should You Worry About?

December 02, 2010 Added by:Robert Siciliano

For many of the issues we worry about the chances of them happening might be 1 in a 100,000 or 1 in 10 million. Your chances of something bad happening may equate to the same statistics as winning the lottery, which is very slim, but you still might play the number...

Comments  (0)


Choosing a Security Consultancy

November 23, 2010 Added by:Javvad Malik

You cannot outsource blame. You HAVE to take responsibility for your organization's mistakes. Whether they be IT, vendor, even mistakes made by your most trusted employees. You don’t have to be an expert in security, you just have to make informed decisions to control your organization...

Comments  (1)


Protecting Your Organization Against White Collar Crime

November 23, 2010 Added by:Peter Abatan

Technology must play a vital role in protecting confidential data and intellectual property, but the most important way to achieve a high degree of success in securing an organization's information assets is through training and awareness programs...

Comments  (0)


Project Honeynet Log Mysteries Challenge Lessons

November 23, 2010 Added by:Anton Chuvakin

We just finished grading the results of Project Honeynet Log Mysteries” Challenge, and there are some useful lessons for BOTH future challenge respondents and to log analysts and incident investigators everywhere. If you look at the challenge at high level, things seem straight forward...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »