Items Tagged with "Infosec"
Time for a Change in our Attitude Around Risk
February 05, 2012 Added by:Norman Marks
When is the last time you saw an audit report that said management had too many controls or was not taking sufficient risk? When did you last hear a risk officer urging planners to move into a new market more quickly? The same thing applies to information security personnel...
Comments (2)
NETpeas is Taking Infosec Island to Black Hat Europe
February 02, 2012 Added by:Infosec Island Admin
NETpeas is sponsoring Infosec Island's presence at the Black Hat Europe conference in Amsterdam. The Island's Javvad Malik will be on site conducting video interviews and interjecting his trademark brand of humor while exploring cutting edge infosec trends and developments...
Comments (1)
Put Away the Pitchforks: RSA Grants BSides Sponsor Waivers
February 01, 2012 Added by:Jack Daniel
It looks like all is well, or at least functional. The folks at the RSA Conference are issuing waivers for RSA sponsors and exhibitors to participate in BSides San Francisco. Thank you to everyone who showed their support for BSides, the event and the community...
Comments (0)
Leaking Vault Update: Records Breached Figure Passes One Billion
January 31, 2012 Added by:Suzanne Widup
Although 2007 and 2008 grew the most in terms of additional incidents being disclosed, 2008 showed the highest number of additional records, with almost 95 million. Though 2011 is not the highest in terms of incidents, it is now the leader for records disclosed thus far...
Comments (0)
Tech Continues to Bedevil Infosec and Privacy Practitioners
January 30, 2012 Added by:Rebecca Herold
Organizations need to get off the stick, do risk assessment to determine the extent of personal computing device use within their organizations and then update their policies, create new procedures, and implement new technologies accordingly...
Comments (0)
Security BSides San Francisco 2012 Will Live On!
January 30, 2012 Added by:Security BSides
“Events like BSides are essential to the information security industry and the professional development of current and future information security leaders. Being in a position to provide the necessary financial support to guarantee that BSidesSF takes place is a blessing..."
Comments (1)
ENISA Report on Network Information Security in Education
January 30, 2012
ENISA's Report on Network Information Security in Education comes at a time when education and ITC are interconnected more than ever. The challenge of the digitally active citizen is to remain informed on the news coming from the dynamic field of Information Security...
Comments (0)
BSides San Francisco Feels RSA Conference Pressure
January 30, 2012 Added by:Jack Daniel
The RSA Conference organizers are enforcing a non-compete clause in their sponsor and exhibitor agreements which is forcing several Security BSides sponsors to withdraw their funding, leaving the free community-oriented BSidesSF event at risk...
Comments (0)
A Failed Attempt at Optimizing an Infosec Risk Assessment
January 28, 2012 Added by:Bozidar Spirovski
Having a standardized method for risk assessment in infosec based on hard numbers would be great. But since the factors included in any incident are complex and varying, and consistent incident reporting is impossible, we will be sticking to the current qualitative methods...
Comments (3)
The Importance of Online Safety
January 28, 2012
Taking on the topic of not trusting people online, I thought it would be a good idea to make a PSA style video. Like most of my video’s, it turned out different than I initially envisioned it to be, and hence it’s a lot darker and more serious than my previous offerings...
Comments (0)
Urgent: Help Us Save Security BSides San Francisco
January 27, 2012 Added by:Security BSides
We initially received an overwhelming response from sponsors, but were recently notified that companies which sponsor RSA cannot sponsor another event in a five mile radius. If RSA enforces this, we could lose 90% of our funding and may not have an event in a few weeks...
Comments (3)
Psychology of Information Security - The God Complex
January 27, 2012 Added by:Rafal Los
I'm willing to bet that if you went down the list of all the security policies that your organization has, there would be at least a few that you break based on the 'this doesn't apply to me, I know better' principle. This is also know in psychology as the "God Complex"...
Comments (4)
The Myth of Defense in Depth
January 25, 2012 Added by:Rafal Los
There are two parts to the idea of defense in depth - there is the concept and the implementation. It's easy to talk about the concepts behind defense in depth - but to implement them effectively in today's technology landscape... well that is an entirely different cup of tea...
Comments (5)
Concerns About the New AOL Instant Messenger
January 25, 2012 Added by:Electronic Frontier Foundation
The new preview version of AOL Instant Messenger raised concerns for us when it was first introduced, first because it started storing more logs of communications and second, because it apparently scanned all private IMs for URLs and pre-fetched any URLs found in them...
Comments (0)
Can You Explain Encryption to Me?
January 23, 2012 Added by:Javvad Malik
I assumed that senior technology managers would have half a clue about technology. I have thought long and hard about this and think the easiest way to explain this would be to replace the word encryption with witchcraft. It too is misunderstood by the masses...
Comments (4)
IC3: Recovery from the Malicious Erasure of Files
January 23, 2012 Added by:Headlines
Cyber criminals can damage a victim's computer by changing or deleting files, wiping hard drives, or erasing backups to hide some or all of their malicious activity and tradecraft. The FBI and DHS encourage businesses and individuals to employ these mitigation strategies...