Blog Posts Tagged with "Security"
October 18, 2011 Added by:Javvad Malik
Taken from the ever popular Security Vs Compliance Video is a poster that sums it up so you can share with colleagues or use it in presentations. Because we know nothing spices up a boring powerpoint presentation than a badly edited photo. Hey, it’s better than clip art...
October 17, 2011 Added by:Headlines
While 2011 may be the year of the breach, the record for overall breach impact is still held by credit card payment processor Heartland Payment Systems with over 130 million accounts affected and costs in the neighborhood of seven billion dollars...
October 14, 2011 Added by:Infosec Island Admin
We live in “Interesting Times” as the Chinese say, and we certainly do not need to have Congress led further astray by those without experience in the subject matters at hand. Lets hope that the House looks into Evans’ history and decides he is not an expert on any of the topics at hand...
October 13, 2011 Added by:Steven Fox, CISSP, QSA
The business process metric ensures processes are meeting business requirements. The security team can use this information to identify where threats may have the greatest impact, to identify risks that are relevant, and to plan controls from the perspective of an attacker...
October 07, 2011 Added by:Tony Campbell
The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...
October 01, 2011 Added by:Craig S Wright
Intermediaries have the ability to stop transgressions on the Web now, but the lack of clear direction and potential liability associated with action remains insufficient to modify behavior. In the face of tortuous liability, the economic impact of inaction is unlikely to lead to change...
September 30, 2011 Added by:Ken Stasiak
With Enterprise Risk Management (ERM) comes a comprehensive risk assessment equation and process. Defining one process that can be used and incorporated into the entire organization will allow for conformity, efficiency, and effective alignment between departments...
September 17, 2011 Added by:PCI Guru
there is no such thing as a perfect security framework because as I have said time and again – wait for it – security is not perfect. For those of you that are implicitly selling security to your management as perfect need to stop it. You are doing the security profession a disservice...
September 16, 2011 Added by:Infosec Island Admin
There will always be elements within the company with impetus to not take your advice on security matters and maybe even give you a large amount of pushback. This is especially true of any company that has little to no security posture to start with. So who are the key client players?
September 14, 2011 Added by:Infosec Island Admin
I have heard others lament the state of the “security industry” and have posted about my own adventures in the land of FUD and Security Theater as well as a side trip into the lands of denial. My goal with this series is to cover the players, the game, and the realities of the security business...
September 12, 2011 Added by:Kanguru Solutions
Every organization has different needs. What works for one may not work for another. Size, budget, personnel, and structure all play a factor in determining what an organization will do in terms of IT security. There generally is no “one size fits all” solution when it comes to Infosec...
September 07, 2011 Added by:Craig S Wright
SCADA systems and other critical infrastructure is taken for granted and we forget just how much of our lives are managed through private systems. Exploits have been noted as being of critical concern in US government briefs. We also forget that SCADA systems are connected to the world...
September 06, 2011 Added by:Steven Fox, CISSP, QSA
Optimal utilization of security policies relies on the audience for which they are created. Policy creation and marketing must recognize and capitalize on organizational culture to promote its value proposition. People can be the strongest link in the security chain...
September 06, 2011 Added by:Headlines
The Sony breach saga began in April when the PlayStation network servers had been hacked, exposing the records of more than 70 million customers. Sony then discovered that the Online Entertainment network had also been compromised, exposing another 25 million records...
September 06, 2011 Added by:Craig S Wright
So, when all is said and done, we have not really changed much as a species. We love to believe that we as a generation are forging something new and facing problems that no other has faced before, but in reality, the analogy remains as it is always likely to remain. Change is the only constant...
August 24, 2011 Added by:Headlines
"Any change to the way a customer accesses their account is going to take a while to get used to. But this small extra step delivers such an increase in security to our internet banking users, that we are confident we have got the balance right," an HSBC official said...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015