Blog Posts Tagged with "Vendor Management"

3071bd3c5c013c8c3defcccad0259c16

If you are not serious enough about your security don’t expect your IT service provider to care

December 10, 2012 Added by:Hani Banayoti

Another year coming to a close and I am full of hope for new thinking on security for the road ahead. One particular aspect in our profession that I would like to see change in the very near future is the typical approach to incorporating security in contracts with IT Service Providers...

Comments  (0)

44fa7dab2a22dc03b6a1de4a35b7834a

CIOs Seek Value But See Challenges with Cloud Computing

September 16, 2012 Added by:Bill Gerneglia

The face of corporate IT changes dramatically with a move to the cloud – no longer do people need to spend time racking and stacking servers, patching software and other low level tasks – the fact is that in the long run individual organizations will not have email server administrators, desktop software support personnel or systems administrators...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Security Mistakes You Will Make on Your Next Cloud Project

July 18, 2012 Added by:Danny Lieberman

The Cloud Security Control model looks great, but it doesn’t mitigate core vulnerabilities in your software. Once you choose the right service model and vendor, put aside the security reference models and focus on hardening your application software. It’s your code that will be running in someone else's cloud...

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Navigating the Minefield of Mobile Technology Purchasing

July 10, 2012 Added by:Patrick Oliver Graf

In organizations, there is a constant struggle between satisfying the technological needs of workers while maintaining an adherence to compliance and security. Remote access represents the next major iteration of this battle. This complexity also means there’s far more overlap between the pain points...

Comments  (0)

0ff0a77035f9569943049ed3e980bb0d

Security Vendors: Absit Reverentia Vero

July 09, 2012 Added by:

Vendors are driven to sell and sell at all costs. Product features stagnate, services under perform. We the customers suffer and the security postures of all organizations plummets. Adversaries can spend less on penetration innovation while at the same time more easily bypass our defenses...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Five Reasons Why You Need an Application Security Program

June 28, 2012 Added by:Fergal Glynn

Many organizations looking at application security for the first time struggle with why they should take a programmatic approach to tackling application security. The simple fact is that if someone wants your intellectual property, they are going to use software you bought, built or outsourced to get at it...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Center for Internet Security Unveils Trusted Purchasing Alliance

June 28, 2012 Added by:Headlines

“The mission of the Alliance is to maximize buying power to improve the cyber security posture of governments and not-for-profits... to help organizations in the public sector procure solutions to address cyber security... [a] trusted environment public sector organizations can turn to for expert guidance..."

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Breached! Now What? Seven Steps to Avoid Failure Panic

May 07, 2012 Added by:Rafal Los

To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...

Comments  (1)

3071bd3c5c013c8c3defcccad0259c16

Reaching for the Cloud: A Contemporary Infosec Perspective

March 21, 2012 Added by:Hani Banayoti

We need to entrust information security to professionals who not only know the fundamental principles and technologies, but are also able to understand and support the business's goals in order to influence and contribute positively to the ongoing infosec challenge...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud - What's the Deal with Cloud Security?

March 14, 2012 Added by:Rafal Los

Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Improving Compliance Performance in Your Supply Chain

March 05, 2012 Added by:Thomas Fox

One of the areas moving towards being incorporated into compliance programs is the supply chain. While many companies have focused significant compliance efforts towards the sales chain, the supply chain is now viewed as an area which requires compliance scrutiny...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud - Security and Incentives

March 04, 2012 Added by:Rafal Los

A cloud service provider who isn't doing well at meeting security controls and requirements has two options - ignore the voluntary attestation and stay off the STAR registry, or only answer certain parts. This makes it impossible to have a level playing field...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Cross-Border Sovereignty Issues in the Cloud

March 02, 2012 Added by:Rafal Los

It's about due care, process, and not rushing into a cloud computing migration. Take a rational approach and first understand the parameters you need to operate. Then enforce with prejudice those requirements on your vendors and know the way cloud computing is delivered...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Cyber Insurance: Efficient Way to Manage Risk in the Cloud?

February 27, 2012 Added by:David Navetta

While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want - especially where Cloud providers refuse to accept that risk contractually). Cyber insurance may be a solution to help solve the problem...

Comments  (0)

3750d420f6c2a9844b529978894dc0be

Database Security TLAs Make Me LOL

February 15, 2012 Added by:Josh Shaul

I can only imagine what folks go through when they’re shopping for solutions to improve databases security. Do you want DAM? DAP? DAMP? DSP? DLP? WAF? To improve the security of your databases, you’re probably going to need some or all of the following capabilities...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Penny Wise, Pound Foolish: Avoiding Security Spend Pitfalls

February 07, 2012 Added by:Fergal Glynn

Knowing how much money you’re going to spend upfront is a challenge until you have the application inventory, until you know what your risk tolerances are, and until you have a fair idea of what the problems are. You’ll have to start slow and realize the number may grow...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »
Most Liked