Blog Posts Tagged with "Security Management"
Supreme Court: You Can Spy on Employees if...
July 08, 2010 Added by:Katie Weaver-Johnson
After several lower court rulings, the Supreme Court ruled that because the employers suspected that people were breaking the rules and using their mobile devices and pagers for non-business communications, the employers were justified in requesting and reading the text message transcripts...
Comments (2)
Effective Database Activity Monitoring
July 08, 2010 Added by:Danny Lieberman
It seems that DLP vendors are moving up the food chain into DAM (database activity monitoring?). As customers deploy two products in parallel for DLP and DAM – the opportunity for reducing TCO seems to be a clear imperative...
Comments (0)
Problems with Defining the Scope in ISO 27001
July 07, 2010 Added by:Dejan Kosutic
The problem when the ISO 27001 scope is not the whole organization is that the Information Security Management System must have interfaces to the outside world - clients, partners, suppliers etc., but also the organization's departments that are not within the scope...
Comments (0)
Hackers May Be Giants with Sharp Teeth
July 06, 2010 Added by:Pete Herzog
Interestingly, the point of a risk assessment is to determine vulnerabilities, assets, and threats. So why does a 9-year-old know what so many security professionals don't? Why does she realize that imagining what the threat looks like is just an exercise in creativity, not prediction?
Comments (3)
A perspective on the theft of confidential documents by former employee at Ford.
April 09, 2010 Added by:Peter Abatan
When I read that a former Ford product engineer had stolen over 4000 confidential documents containing trade secrets from his former employer, I began to wonder how many companies out there are as vulnerable to the same degree as Ford. Fortunately for Ford this employee got caught, but it remains unknown how many employees have successfully got away without Ford’s knowledge?
Comments (6)
Inside the Perplexities of Enterprise Privacy Policies
April 01, 2010 Added by:Rebecca Herold
An important consideration with information security incidents is identifying if personally identifiable information (PII) is involved. If it is, then the privacy breach response teamneeds to be put into action to determine whether or not an actual privacy breach occurred.
Comments (0)
Newbie introduction to digital forensics Part 1.
March 08, 2010 Added by:Juan Granados
The economic and business challenges of the last year have forced changes to business priorities in many areas. For IT, increased scrutiny was placed on data leakage and security. When times are good, businesses can become distracted with new products and technologies. It is not until budgets are cut that the focus moves inward.
Comments (1)
Containment Phase - Incident Response
December 19, 2009 Added by:Mark Bennett
...the whole point of Incident Response..Having a Plan! In the containment phase of Incident Response you want to prevent the attacker from getting any further into the organization or spreading to other systems.
Comments (0)
- Identity & Access Management: Give Me a REST
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers