Blog Posts Tagged with "Vendor Management"

E313765e3bec84b2852c1c758f7244b6

How To Choose A Security Vendor

January 16, 2012 Added by:Brent Huston

Variations exist in depth, skill level, scope, reporting capability, experience, etc. Selecting security testing vendors based upon price is a bad idea. Matching specific experience, reporting styles and technical capabilities to your environment is a better solution...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Ten Steps to Protect Your Organization's Data

January 13, 2012 Added by:Danny Lieberman

Despite claims that protecting data assets is strategic to an enterprise, and IT governance talk about business alignment and adding value – my experience is that most organizations will not do anything until they’ve had a fraud or data security event...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Data Center Complexity and Clarity Around Outages

December 28, 2011 Added by:Ben Kepes

Things like physical security, multiple redundant power and networks to incredibly complex networking and load balancing components – the modern data center is an incredibly complex beast. And yet they still suffer outages...

Comments  (0)

8fcd3af85e00d8db661be6a882c6442b

SSAE 16 "First to Fail"?

December 27, 2011 Added by:david barton

So if First to File® is in the business of document management, how do their services have any relevance to a user entity’s financial statements? They are merely storing intellectual property (IP) in a web-based environment for their customers...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Transparency in Cloud Services from the Security Perspective

December 16, 2011 Added by:Rafal Los

There is an operational perspective in terms of provider transparency. We are now starting to see cases where a SaaS service offering is built on top of a PaaS service, built using multiple IaaS services and that is enough to make anyone's head spin...

Comments  (0)

8c4834b99847b9f7c9ee94b45df086f9

Importance of a Secure Supply Chain in Selecting IT Vendors

December 07, 2011 Added by:Emmett Jorgensen

There have been numerous reports of rootkits and trojans that have been installed on component level chips designed to infiltrate networks from the inside. Government agencies have stepped up their diligence regarding what products are allowed to protect infrastructure at high security levels...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Getting Past Security's Fuzzy Math ROI

December 05, 2011 Added by:Rafal Los

It seems that we're using statistics, metrics, surveys and 'studies' to demonstrate what we can't otherwise adequately explain. That would be all well and good, if the math wasn't all fuzzy. Numbers can't fib, only the people that manipulate them can be accused of that trespass...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Security – It’s All About Partnership

November 28, 2011 Added by:Ben Kepes

Cloud security is a two way street – both vendors and customers have a part to play in keeping it safe, and both parties need to bring something to the table. But, notwithstanding this fact, Cloud is still the best option for a number of SMB use cases...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Ineffective CISOs Foster Shady Vendor Practices

November 23, 2011 Added by:Boris Sverdlik

The question remains how much faith is too much to put in the hands of your vendors? Without a thorough analysis of the inner workings of your organization, it is impossible for any external entity to make recommendations on where your reactionary dollars are best spent...

Comments  (0)

0f57a863af3b7e5bf59a94319a408ff7

To iTrust or Not?

October 31, 2011 Added by:Enno Rey

Recently Apple launched its new offering iCloud. At this point, most infosec people start to worry a little bit: The common cloud concept of centralized data storage on premise of a third party does not cope well with the usual control focused approach of most technical infosec guys...

Comments  (0)

91648658a3e987ddb81913b06dbdc57a

A CISO's Security Vendor Bill of Rights

October 20, 2011 Added by:Ron Baklarz

Current economic times are tough, budgets are tight and security spending is either down or flat. Security vendors still have to make a buck, however here is a top ten list of annoyances I personally have with security vendors, now codified in my Ciso's Security Vendor Bill of Rights...

Comments  (4)

44fa7dab2a22dc03b6a1de4a35b7834a

Keys To Successful Cloud Application Deployment

October 05, 2011 Added by:Bill Gerneglia

It is imperative to select and deploy a proven set of cloud core services. These include storage management controls, hypervisors, security policies and security software including firewalls, disaster recovery and governance, and database administration and replication services...

Comments  (0)

E973b16363b3de77b360563237df7e32

Maintaining Quality in Outsourcing Telco Services

September 30, 2011 Added by:Bozidar Spirovski

The issue with telco services is that quality is difficult to define because there are parameters that are difficult to track: sound quality, response of system to tone-dial menu selection of an IVR, intermittent interruptions of communications, and temporarily unavailable service...

Comments  (0)

39728eff8ac87a48cfb050f0df29ceaa

WikiLeaks: An Insider's Perspective

September 08, 2011 Added by:John Linkous

Many asked why, given that Agencies had the latest incident and event management technologies, the breach had not at least been spotted sooner - even if they were unable to prevent it completely. What followed is a response unlike any I've seen to date in the commercial sector...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Seven Areas of Concern With Cloud Security

August 18, 2011 Added by:Brent Huston

Opportunities abound for those who desire to guide cloud computing. Those concerned with keeping cloud computing an open system drafted an Open Cloud Manifesto, asking that a straightforward conversation needs to occur in order to avoid potential pitfalls...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

The Great Cloud Blockage: 80/20

August 16, 2011 Added by:Ben Kepes

The Catch 22 situation – IT cannot free up sufficient dollars to move legacy applications to the Cloud. And because they therefore have to focus a significant proportion of their budget on keeping the lights on, the opportunities for investment in these activities are eroded...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »