Blog Posts Tagged with "Security"
October 26, 2011 Added by:Ali-Reza Anghaie
Enterprise Security is Not Business Relevant. Now, that's quite the inflammatory statement but unless your business is security then it's true in practice today. Before the flaming begins let me start by saying I believe firmly it ~IS~ business critical but I want to make it actually relevant...
October 26, 2011 Added by:Ben Rothke
So why would anyone in their right mind buy something that is free? It seems that indeed there's a sucker born every minute and they are buying books by Kevin Roebuck. If buyers would do the slightest bit of analysis, they would see this deception.Unfortunately, Emereo is polluting the waters...
October 20, 2011 Added by:David Sopata
Compliance in many cases is one of the biggest drivers for security. Compliance may not exactly require you to secure your Multi-Function printers or other devices, but since most organization generally want to do the right thing, it may be required to go beyond compliance...
October 18, 2011 Added by:Javvad Malik
Taken from the ever popular Security Vs Compliance Video is a poster that sums it up so you can share with colleagues or use it in presentations. Because we know nothing spices up a boring powerpoint presentation than a badly edited photo. Hey, it’s better than clip art...
October 17, 2011 Added by:Headlines
While 2011 may be the year of the breach, the record for overall breach impact is still held by credit card payment processor Heartland Payment Systems with over 130 million accounts affected and costs in the neighborhood of seven billion dollars...
October 14, 2011 Added by:Infosec Island Admin
We live in “Interesting Times” as the Chinese say, and we certainly do not need to have Congress led further astray by those without experience in the subject matters at hand. Lets hope that the House looks into Evans’ history and decides he is not an expert on any of the topics at hand...
October 13, 2011 Added by:Steven Fox, CISSP, QSA
The business process metric ensures processes are meeting business requirements. The security team can use this information to identify where threats may have the greatest impact, to identify risks that are relevant, and to plan controls from the perspective of an attacker...
October 07, 2011 Added by:Tony Campbell
The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...
October 01, 2011 Added by:Craig S Wright
Intermediaries have the ability to stop transgressions on the Web now, but the lack of clear direction and potential liability associated with action remains insufficient to modify behavior. In the face of tortuous liability, the economic impact of inaction is unlikely to lead to change...
September 30, 2011 Added by:Ken Stasiak
With Enterprise Risk Management (ERM) comes a comprehensive risk assessment equation and process. Defining one process that can be used and incorporated into the entire organization will allow for conformity, efficiency, and effective alignment between departments...
September 17, 2011 Added by:PCI Guru
there is no such thing as a perfect security framework because as I have said time and again – wait for it – security is not perfect. For those of you that are implicitly selling security to your management as perfect need to stop it. You are doing the security profession a disservice...
September 16, 2011 Added by:Infosec Island Admin
There will always be elements within the company with impetus to not take your advice on security matters and maybe even give you a large amount of pushback. This is especially true of any company that has little to no security posture to start with. So who are the key client players?
September 14, 2011 Added by:Infosec Island Admin
I have heard others lament the state of the “security industry” and have posted about my own adventures in the land of FUD and Security Theater as well as a side trip into the lands of denial. My goal with this series is to cover the players, the game, and the realities of the security business...
September 12, 2011 Added by:Kanguru Solutions
Every organization has different needs. What works for one may not work for another. Size, budget, personnel, and structure all play a factor in determining what an organization will do in terms of IT security. There generally is no “one size fits all” solution when it comes to Infosec...
September 07, 2011 Added by:Craig S Wright
SCADA systems and other critical infrastructure is taken for granted and we forget just how much of our lives are managed through private systems. Exploits have been noted as being of critical concern in US government briefs. We also forget that SCADA systems are connected to the world...
September 06, 2011 Added by:Steven Fox, CISSP, QSA
Optimal utilization of security policies relies on the audience for which they are created. Policy creation and marketing must recognize and capitalize on organizational culture to promote its value proposition. People can be the strongest link in the security chain...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015