Blog Posts Tagged with "Third Party"
February 27, 2012 Added by:Enno Rey
The approach to be developed is meant to work on the basis of several types of remote connections in which each determines associated security controls and other parameters. At the first glance, not overly complicated, but – as always – the devil is in the details...
February 19, 2012 Added by:Robb Reck
nd. Information security must not be the roadblock that prevents the adoption of such technology. By thinking ahead about the kinds of risks that outsourcing our systems will involve, we can be ready to quickly and securely lead our organization into the cloud...
February 19, 2012 Added by:Fergal Glynn
We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...
February 08, 2012 Added by:Electronic Frontier Foundation
The DOJ has been unequivocal that cloud users have no right to challenge government access to "non-content" information held by Cloud systems - their location, their contacts, their communications patterns and more. Lawyers call this the "third party problem"...
January 19, 2012 Added by:Bill Mathews
Where the rubber meets the road: I am a firm believer that security systems should be able to hold up to open scrutiny but often I’m alone in that. If this code leak really makes Symantec’s software useless for securing systems I would contend they’re doing it wrong...
January 08, 2012 Added by:Allan Pratt, MBA
I have heard from several colleagues that their blogs have been compromised. While a security breach may be inevitable – heck, branches of the Federal Government and national financial institutions have been hacked – there are steps you can take to protect the valuable data...
January 02, 2012 Added by:Bill Gerneglia
"Instead of requesting that a third-party security vendor conduct testing on the enterprise's behalf, the enterprise will be satisfied by a cloud provider's certificate stating that a reputable third-party security vendor has already tested its applications."
October 12, 2011 Added by:Headlines
Sony Corporation have yet again been breached, compromising 60,000 PlayStation and 33,000 Online Entertainment accounts. The source of the attack is unknown, but reports in indicate that the infiltrators used login credentials from an unnamed third-party to gain access to the systems...
September 29, 2011 Added by:Brian McGinley
We have moved from being a computer-assisted society to one that is computer-dependent. Control is critical to maintaining a secure operation. That requires assistance from technical experts. But good control begins with a company’s employees, an area you can’t afford to ignore...
August 06, 2011 Added by:Anton Chuvakin
When a SIEM vendor tries to sell you services, it is NOT vendor greed – but simply common sense. And if you say “no”, it is not “saving money” – but being stupid. SIEM success out-of-the-box, while real in some cases, is a pale shadow of what a well-thought through deployment looks like...
July 03, 2011 Added by:Simon Heron
When your data is “in the cloud” there is the clear and unmistakable risk that you could be sharing resources with not-so-ethical companies who may suddenly end up under investigation. Suddenly, you could lose your server and your website without notice, bringing business to a halt...
June 29, 2011 Added by:Rafal Los
When I go to see my stats I get this lovely looking pop-up box asking me to provide my Twitter credentials, and telling me all about what capabilities this app will have once is has access to my profile. Maybe I'm just entirely too paranoid - but what to you think... would you allow this?
May 15, 2011 Added by:Kelly Colgan
Governments, like many big businesses, have robust security programs, a layered cyberdefense plan. It’s nice to have all the tech tools at hand to prevent a breach, but they don’t amount to much if no one knows how to extract intelligence from them...
April 10, 2011 Added by:Allan Pratt, MBA
What were the service level agreements, and did they outline precautions that Epsilon would take to prevent such incursions? If none of this information was included in the SLAs, perhaps, it’s time for data-driven companies to include their information security strategies in SLAs...
April 04, 2011 Added by:Headlines
The company states that their systems experienced and unauthorized access event that has exposed the names and email addresses of the customers the company's clients serve. Initial reports indicate that no financial data was revealed in the breach...
March 31, 2011 Added by:David Navetta
The Act seeks to establish standards to govern the use and disclosure of utility data (including personal information) by electric utilities, and requires electric utility companies to maintain the confidentiality of customer data and allow customers to access the data...
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015
PCI Security Standards Council Statement on ... on 03-17-2015