Blog Posts Tagged with "Security"
SEC Issues Guidance on Security Incident Disclosure
October 31, 2011 Added by:David Navetta
What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...
Comments (0)
How to Plan Security and Meet Your Compliance
October 27, 2011 Added by:Gabriel Bassett
If you feel a bit lost with what tools you have in your (defenses, sensors, response) toolbox, you're in luck! The good news is the toolbox is already sitting on your hard drive. The bad news is, it's your compliance controls...
Comments (0)
#EntSec -- Not Business Relevant
October 26, 2011 Added by:Ali-Reza Anghaie
Enterprise Security is Not Business Relevant. Now, that's quite the inflammatory statement but unless your business is security then it's true in practice today. Before the flaming begins let me start by saying I believe firmly it ~IS~ business critical but I want to make it actually relevant...
Comments (0)
There's a Sucker Born Every Minute – and Charlatan’s to Make Sure They Pay for It
October 26, 2011 Added by:Ben Rothke
So why would anyone in their right mind buy something that is free? It seems that indeed there's a sucker born every minute and they are buying books by Kevin Roebuck. If buyers would do the slightest bit of analysis, they would see this deception.Unfortunately, Emereo is polluting the waters...
Comments (2)
Multi-Function Printers and Security Beyond Compliance
October 20, 2011 Added by:David Sopata
Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your Multi-Function printers or other devices, but since most organization generally want to do the right thing, it may be required to go beyond compliance...
Comments (1)
Security versus Compliance - A Simple Graphic
October 18, 2011 Added by:Javvad Malik
Taken from the ever popular Security Vs Compliance Video is a poster that sums it up so you can share with colleagues or use it in presentations. Because we know nothing spices up a boring powerpoint presentation than a badly edited photo. Hey, it’s better than clip art...
Comments (1)
Impact: The Biggest Security Breaches of All Time
October 17, 2011 Added by:Headlines
While 2011 may be the year of the breach, the record for overall breach impact is still held by credit card payment processor Heartland Payment Systems with over 130 million accounts affected and costs in the neighborhood of seven billion dollars...
Comments (1)
Experts, Charlatans, and the Intelligence Committee
October 14, 2011 Added by:Infosec Island Admin
We live in “Interesting Times” as the Chinese say, and we certainly do not need to have Congress led further astray by those without experience in the subject matters at hand. Lets hope that the House looks into Evans’ history and decides he is not an expert on any of the topics at hand...
Comments (1)
Security Metrics and the Balanced Scorecard
October 13, 2011 Added by:Steven Fox, CISSP, QSA
The business process metric ensures processes are meeting business requirements. The security team can use this information to identify where threats may have the greatest impact, to identify risks that are relevant, and to plan controls from the perspective of an attacker...
Comments (0)
Security Risk Management
October 07, 2011 Added by:Tony Campbell
The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...
Comments (0)
Legal Consequences of Breaches to Security and Privacy
October 01, 2011 Added by:Craig S Wright
Intermediaries have the ability to stop transgressions on the Web now, but the lack of clear direction and potential liability associated with action remains insufficient to modify behavior. In the face of tortuous liability, the economic impact of inaction is unlikely to lead to change...
Comments (0)
Security Trends: Which to Avoid and Which to Embrace
September 30, 2011 Added by:Ken Stasiak
With Enterprise Risk Management (ERM) comes a comprehensive risk assessment equation and process. Defining one process that can be used and incorporated into the entire organization will allow for conformity, efficiency, and effective alignment between departments...
Comments (0)
Compliance Is Not Security – Busted!
September 17, 2011 Added by:PCI Guru
there is no such thing as a perfect security framework because as I have said time and again – wait for it – security is not perfect. For those of you that are implicitly selling security to your management as perfect need to stop it. You are doing the security profession a disservice...
Comments (4)
Strutting and Fretting Upon the Security Stage: The Players
September 16, 2011 Added by:Infosec Island Admin
There will always be elements within the company with impetus to not take your advice on security matters and maybe even give you a large amount of pushback. This is especially true of any company that has little to no security posture to start with. So who are the key client players?
Comments (1)
Strutting and Fretting Upon the Security Stage: Intro
September 14, 2011 Added by:Infosec Island Admin
I have heard others lament the state of the “security industry” and have posted about my own adventures in the land of FUD and Security Theater as well as a side trip into the lands of denial. My goal with this series is to cover the players, the game, and the realities of the security business...
Comments (4)
Customize Your Flash Drive – Infosec Style
September 12, 2011 Added by:Kanguru Solutions
Every organization has different needs. What works for one may not work for another. Size, budget, personnel, and structure all play a factor in determining what an organization will do in terms of IT security. There generally is no “one size fits all” solution when it comes to Infosec...
Comments (0)
- Every Business Can Have Visibility into Advanced and Sophisticated Attacks
- 4 Cybersecurity Tips for Staying Safe During the World Cup
- Machine Learning vs. Deep Learning in Cybersecurity – Demystifying AI’s Siblings
- Building a Strong, Intentional and Sustainable Security Culture
- The 3 Must Knows of Sandboxing
- Valve Patches 10-Year Old Flaw in Steam Client
- Infrastructure Under Attack
- How to Prevent Cloud Configuration Errors
- SOC Automation: Good or Evil?
- Can Organisations Turn Back Time after a Cyber-Attack?