August 04, 2014 Added by:Rebecca Herold
Information security and privacy have a lot of overlaps, but they ultimately involve different actions and different goals, and require those performing them to be able to take different perspectives.
July 30, 2014 Added by:Joe Weiss
My database of actual ICS cyber incidents is >350 and growing. I certainly hope people wake up before it is too late.
July 22, 2014 Added by:Joe Weiss
It is important to understand the validity of the observations and conclusions as this report is being widely quoted.
July 21, 2014 Added by:PCI Guru
Apparently, I struck a nerve with small business people trying to comply with PCI. In an ideal world, most merchants would be filling out SAQ A, but we do not live in an ideal world. As a result, I have collected some ideas on how merchants can make their lives easier.
July 16, 2014 Added by:Rafal Los
Compliance attestations. Quality seals like “Hacker Safe!” All of these things bother most security people I know because to us, these provide very little insight into the security of anything in a tangible way. Or do they?
July 08, 2014 Added by:Joe Weiss
This is actually two blogs in one. The first is about DHS releasing critical information they weren’t even asked for. The second is about the lack of progress on addressing a subject that DHS made public.
July 03, 2014 Added by:PCI Guru
All of you service providers out there that have remote access to your customers managed by some enterprise credential management solution, please implement a strong two-factor authentication solution on your customer credential management solution before you too become a newspaper headline.
July 02, 2014 Added by:Joe Weiss
The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT.
June 30, 2014 Added by:Rebecca Herold
The power of big data analytics is so great that in addition to all the positive business possibilities, there are just as many new privacy concerns being created. Here are ten of the most significant privacy risks.
June 19, 2014 Added by:Mike Meikle
If the healthcare organization deploys an operating system patch or places their standard endpoint protection on the device, they run the risk of the vendor halting support during a device issue until the offending patch or software is removed.
Health Insurance Firmly in the Crosshairs... milk tran on 03-25-2015
You Make the Rules ... milk tran on 03-25-2015
Stop Relying on IP-based Security Before My ... milk tran on 03-25-2015