Blog Posts Tagged with "Trust"
Actual Cloud – The One To Chose
January 07, 2013 Added by:Ben Kepes
I’ve been a part of, or at least a witness to, a huge number of battles about what constitutes the “real cloud.” These battles seem to generally be fought on a Sunday afternoon U.S. time – that kind of suits me fine because it means the Monday mornings in my time zone have enough entertainment value to get me up and going.
Comments (0)
The Best in Practice
September 12, 2012 Added by:Randall Frietzsche
If we are charged with designing, architecting, implementing, deploying, integrating, training and supporting security technology, processes and policies within our organization, we might discover that this work is really an art more than a science...
Comments (0)
Lessons in the Evolution of Compliance in China
August 16, 2012 Added by:Thomas Fox
As Chinese companies engage with partners, globally and locally, their internal and external business practices are evolving. The article “The Myths of Gift Giving” found that many Chinese companies now put greater emphasis on professionalism and building trust and confidence in business capabilities...
Comments (0)
Losing Trust: Canadian Data Breach Spotlights Human Error
July 27, 2012 Added by:Kelly Colgan
It’s not just about protecting ourselves from identity theft or fraud like when our account number or government-issued ID numbers are exposed. It’s what I like to call privacy for the sake of privacy. Just knowing that someone could be looking at our personal histories doesn’t sit well with the public...
Comments (0)
Notifying Customers About a Data Breach: Five Rules
July 17, 2012 Added by:Megan Berry
Legal fees, clean-up costs, lost business and damage to an organization’s reputation: consequences of a business being hit with a data breach. Cost can be significant, which is why it is critical to properly respond after a data breach...
Comments (0)
BYOD: The Reality of Allowing Foreign Bodies into Your Network
July 12, 2012 Added by:Rafal Los
We're getting compromised left and right by devices we are delusional enough to think we can trust because we feel like we've got sufficient control... Where does it end? Here, right at the point where we become cognizant of the fact that no asset, corporate or otherwise, should ever really be trusted...
Comments (0)
Misunderstanding Trust
June 20, 2012 Added by:Kevin W. Wall
I thought that most of the properties of trust were obvious, but was surprised to see someone in security quote a Microsoft software developer that “trust is not transitive”. Apparently there are still software and security engineers who misunderstand trust. I will attempt to clear up this misunderstanding...
Comments (0)
The Path to NoOps is Through the Cloud
June 12, 2012 Added by:Rafal Los
So what is the single most valuable piece of technology that can push a development closer towards a NoOps methodology? I believe it's the adoption of cloud computing. While many of the security folks who read this blog are probably shaking their heads right about now, read on and let me convince you...
Comments (0)
How to Keep Healthcare Secrets Online
June 06, 2012 Added by:Danny Lieberman
When we share medical information with our healthcare provider, we trust their information security as being strong enough to protect our medical information from a data breach. Certainly – as consumers of healthcare services, it’s impossible for us to audit the effectiveness of their security portfolio...
Comments (0)
Social Engineering: A True Story of Incredible Deception
May 31, 2012 Added by:Ben Rothke
In the vernacular of infosec, Tania Head was a type of social engineer. In the book Social Engineering: The Art of Human Hacking, Christopher Hadnagy details how attackers use social engineering to manipulate people into performing actions or divulging information...
Comments (0)
IT Security: Preventing Insider Threats
May 24, 2012 Added by:Robert Siciliano
An employee at Fannie Mae, knowing he is about to be fired, installed a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars...
Comments (0)
Achieving Compliance in the Post-Acquisition Context
May 17, 2012 Added by:Thomas Fox
Trust cascades down each level of a company from the Board of Directors to employees and then to customers. Trust is equally important in the M&A context. These ideas are useful for the compliance practitioner when integrating a new acquisition into an existing compliance culture...
Comments (0)
Skype Malware Campaign Spreading Poison Ivy Trojan
May 16, 2012 Added by:Headlines
Malware researcher Dancho Danchev is reporting a widespread social engineering campaign on Skype that is spreading a variant of the Poison Ivy Trojan. Less than half of the 42 commercial antivirus solutions surveyed are able to detect the Trojan's signature...
Comments (0)
Some Observations on Klout Scores
May 15, 2012 Added by:Ben Rothke
Influence is extremely difficult to measure. In the academic world, the Hirsch number is an index that attempts to measure the impact of a published work, but like every index it can be manipulated. So is Klout an effective method of measuring online influence? From my analysis, no...
Comments (0)
Taming the WWW or Wild Wild West
May 13, 2012 Added by:Jayson Wylie
There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...
Comments (0)
SOC 2: The Customer Security Questionnaire Killer
May 07, 2012 Added by:Jon Long
User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)