Blog Posts Tagged with "Security"


SEC Issues Guidance on Security Incident Disclosure

October 31, 2011 Added by:David Navetta

What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...

Comments  (0)


How to Plan Security and Meet Your Compliance

October 27, 2011 Added by:Gabriel Bassett

If you feel a bit lost with what tools you have in your (defenses, sensors, response) toolbox, you're in luck! The good news is the toolbox is already sitting on your hard drive. The bad news is, it's your compliance controls...

Comments  (0)


#EntSec -- Not Business Relevant

October 26, 2011 Added by:Ali-Reza Anghaie

Enterprise Security is Not Business Relevant. Now, that's quite the inflammatory statement but unless your business is security then it's true in practice today. Before the flaming begins let me start by saying I believe firmly it ~IS~ business critical but I want to make it actually relevant...

Comments  (0)


There's a Sucker Born Every Minute – and Charlatan’s to Make Sure They Pay for It

October 26, 2011 Added by:Ben Rothke

So why would anyone in their right mind buy something that is free? It seems that indeed there's a sucker born every minute and they are buying books by Kevin Roebuck. If buyers would do the slightest bit of analysis, they would see this deception.Unfortunately, Emereo is polluting the waters...

Comments  (2)


Multi-Function Printers and Security Beyond Compliance

October 20, 2011 Added by:David Sopata

Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your Multi-Function printers or other devices, but since most organization generally want to do the right thing, it may be required to go beyond compliance...

Comments  (1)


Security versus Compliance - A Simple Graphic

October 18, 2011 Added by:Javvad Malik

Taken from the ever popular Security Vs Compliance Video is a poster that sums it up so you can share with colleagues or use it in presentations. Because we know nothing spices up a boring powerpoint presentation than a badly edited photo. Hey, it’s better than clip art...

Comments  (1)


Impact: The Biggest Security Breaches of All Time

October 17, 2011 Added by:Headlines

While 2011 may be the year of the breach, the record for overall breach impact is still held by credit card payment processor Heartland Payment Systems with over 130 million accounts affected and costs in the neighborhood of seven billion dollars...

Comments  (1)


Experts, Charlatans, and the Intelligence Committee

October 14, 2011 Added by:Infosec Island Admin

We live in “Interesting Times” as the Chinese say, and we certainly do not need to have Congress led further astray by those without experience in the subject matters at hand. Lets hope that the House looks into Evans’ history and decides he is not an expert on any of the topics at hand...

Comments  (1)


Security Metrics and the Balanced Scorecard

October 13, 2011 Added by:Steven Fox, CISSP, QSA

The business process metric ensures processes are meeting business requirements. The security team can use this information to identify where threats may have the greatest impact, to identify risks that are relevant, and to plan controls from the perspective of an attacker...

Comments  (0)


Security Risk Management

October 07, 2011 Added by:Tony Campbell

The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...

Comments  (0)


Legal Consequences of Breaches to Security and Privacy

October 01, 2011 Added by:Craig S Wright

Intermediaries have the ability to stop transgressions on the Web now, but the lack of clear direction and potential liability associated with action remains insufficient to modify behavior. In the face of tortuous liability, the economic impact of inaction is unlikely to lead to change...

Comments  (0)


Security Trends: Which to Avoid and Which to Embrace

September 30, 2011 Added by:Ken Stasiak

With Enterprise Risk Management (ERM) comes a comprehensive risk assessment equation and process. Defining one process that can be used and incorporated into the entire organization will allow for conformity, efficiency, and effective alignment between departments...

Comments  (0)


Compliance Is Not Security – Busted!

September 17, 2011 Added by:PCI Guru

there is no such thing as a perfect security framework because as I have said time and again – wait for it – security is not perfect. For those of you that are implicitly selling security to your management as perfect need to stop it. You are doing the security profession a disservice...

Comments  (4)


Strutting and Fretting Upon the Security Stage: The Players

September 16, 2011 Added by:Infosec Island Admin

There will always be elements within the company with impetus to not take your advice on security matters and maybe even give you a large amount of pushback. This is especially true of any company that has little to no security posture to start with. So who are the key client players?

Comments  (1)


Strutting and Fretting Upon the Security Stage: Intro

September 14, 2011 Added by:Infosec Island Admin

I have heard others lament the state of the “security industry” and have posted about my own adventures in the land of FUD and Security Theater as well as a side trip into the lands of denial. My goal with this series is to cover the players, the game, and the realities of the security business...

Comments  (4)


Customize Your Flash Drive – Infosec Style

September 12, 2011 Added by:Kanguru Solutions

Every organization has different needs. What works for one may not work for another. Size, budget, personnel, and structure all play a factor in determining what an organization will do in terms of IT security. There generally is no “one size fits all” solution when it comes to Infosec...

Comments  (0)

Page « < 8 - 9 - 10 - 11 - 12 > »