Blog Posts Tagged with "Security Management"


Operational Security for Non-Techies

September 17, 2010 Added by:Jamie Adams

Regardless of whether you’re responsible for your own systems or you’ve entrusted someone else, operational security is critical. Even the latest and greatest most sophisticated technology could be hindered or worse, rendered useless, if poor operational security exists...

Comments  (0)


Can You Sell Information Security?

September 15, 2010 Added by:Bob McGrath

When you place Information Security under the control of the technologists, their accountability is greater than their influence which equates to expensive, inefficient and often ill-conceived ad-hoc solutions. Rarely are we stronger as a result...

Comments  (3)


What is a System Baseline?

September 14, 2010 Added by:Jamie Adams

System administrators should periodically perform a baseline comparison to identify changes that could potentially become a fault. In the case of authorized, expected changes the baseline comparison can be used as evidence to your change management process that a specific change has been completed...

Comments  (0)


Surviving the DISA UNIX STIGs

September 10, 2010 Added by:Jamie Adams

Understanding the DISA UNIX STIGs is difficult for first-timers and sends chills down the spines of system administrators who have used them before. They are probably the most detailed set of security controls available which apply to a wide variety of operating systems...

Comments  (0)


The CIO, CFO, and CEO Reporting Circle

September 09, 2010 Added by:Bill Gerneglia

IT spending typically represents the biggest single area of capital expenditures. Couple that with the clout CFOs typically gain during tough times along with the increase in regulations and it stands to reason why a most of CIOs and IT organizations now fall under the CFO’s watch...

Comments  (1)


Understanding Computer Security: Compromise Vector

September 08, 2010 Added by:Mister Reiner

The most important concept to understand is compromise vector. It is the key concept to understanding everything about computer security and hacking. Once you get your mind wrapped around the concept, you will view computer security from a completely different perspective...

Comments  (4)


The Secret Life of Data

August 31, 2010 Added by:Joe Morrissey

Trading in corporate secrets is more lucrative than ever, and companies strive to maintain competitive advantage by increasing their IP, and securing the IP already in their domain. This is in line with what was found in Forrester research, that 80% of security budgets are spent on 2 priorities...

Comments  (0)


Fighting Second Stage Compromises

August 27, 2010 Added by:Brent Huston

Malware, bots and client side attacks are eating many security programs alive. Security teams focused on traditional perimeter security postures and the idea of keeping the bad guys out are likely unaware that these threats are already active inside their networks...

Comments  (0)


IT Security History and Architecture Part 5 of 6

August 24, 2010 Added by:Dr. Steve Belovich

Business requires secure systems, but the marketplace is only listening to the consumer side. Effective security is just not possible without fundamentally changing the desktop. That can't happen due to the size of the installed base and the corresponding economics that prevent change...

Comments  (3)


Are You Gutting Your In-House Expertise?

August 22, 2010 Added by:Rahul Neel Mani

Looking for and retaining talented techies is not terribly difficult if they work for a company that treats IT with great respect. But at the same time, talented techies want to work for companies that make money delivering IT products and services. And that’s where the dichotomy begins – to outsource your non-core IT to MSPs or not...

Comments  (0)


IT Security History and Architecture Part 4 of 6

August 19, 2010 Added by:Dr. Steve Belovich

A lot of research was done in the 1960s to figure out how to deal with multi-user protection and preventing unauthorized system access. The results of this research revealed the necessary components of a secure, trustworthy system. These components are summarized here...

Comments  (0)


4 Steps to Managing Your Security Documents

August 18, 2010 Added by:Sean Inman

There are many document management systems out there, both proprietary and open-source. Document management isn’t just storing documents, its a process of reviews, approvals, storage and communication . So lets dissect these processes...

Comments  (4)


IT Security History and Architecture Part 3 of 6

August 16, 2010 Added by:Dr. Steve Belovich

Quick History of Computer and OS Technology: Early on, the need for security did not exist because there was no remote access, and physical security of the computer hardware equated to IT system security. Physical access meant that you were authorized – simple and effective...

Comments  (0)


Conducting After Hours Security Reviews

August 15, 2010 Added by:Rebecca Herold

There are many instances of security guards doing bad things with the information they come across, along with the cleaning staff, maintenance workers and other employees. Here are eighteen common vulnerabilities to get you started...

Comments  (2)


Maintaining Information Privacy and Security

August 13, 2010 Added by:Lindsay Walker

Regular evaluation of training programs and internal procedures related to information security must be undertaken to ensure each employee is completing the necessary steps to safeguard information...

Comments  (0)


IT Security History and Architecture Part 2 of 6

August 12, 2010 Added by:Dr. Steve Belovich

The DoD security standards are incomplete and difficult to apply. Few organizations are skilled at application of these standards. Such certifications are more for legal defense against negligence than they are for actual cyber defense...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »