Enterprise Security


From the Web

Effectiveness of User Training… and Security Products in General

March 17, 2010 from: Rsnake's blog at ha.ckers.org

It’s not every day I come across real wisdom in research but I saw a link yesterday to So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users which is a research paper written by one of the guys at Microsoft. There are some amazingly choice quotes in there, like

Comments  (0)


From the Web

Relationships with Foreign Business Partners

March 15, 2010 from: Greg George

As business leaders continue to reach out and embrace global opportunities, the ability to recognize and mitigate operational threats is paramount....a recent memorandum discusses 28 countries having serious deficiencies in their strategies for countering money laundering and financial terrorist activities

Comments  (0)


From the Web

Analyst Study Shows Employees Continue to Put Data at Risk

March 10, 2010 from: Office of Inadequate Security

...the results from the annual "Human Factor in Laptop Encryption" study performed by Absolute Software and the Ponemon Institute reveal some very interesting metrics about the use/adoption of encryption software and the risk posed to businesses from the loss of unencrypted media.

Comments  (1)


From the Web

Even Einstein Can’t Track Google’s “Script Kiddie” Hackers

March 09, 2010 from: AEON Security Blog

News surrounding the attacks at Google and other companies are a dime a dozen and, while we have not seen any evidence publicly disclosed, we too can speculate along with everyone else. My first thoughts surrounding the news of the attack led me to believe that the compromise may have been an inside job.

Comments  (4)


From the Web

21 more business sector breaches from 2009

February 27, 2010 from: Office of Inadequate Security

Maryland has updated its web site to provide breach notifications that it has received since its last update.  The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010

Comments  (0)


From the Web

A rise in cyber attacks by one third saw 100 per cent of enterprises experience cyber losses in 2009

February 25, 2010 from: Saumil's Infosec Blog

According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.

Comments  (0)


From the Web

Advanced Persistent Errata – Defending The Castle Part 1

February 23, 2010 from: AEON Security Blog

Cross-Posted from the AEON Security Blog: In today’s blog entry, I bring to you: “Advanced Persistent Errata – Defending The Castle;” in other words, “Blocking ANYONE you damn well choose to block.” 

Comments  (3)


From the Web

Today’s threat: computer network terrorism

February 08, 2010 from: Saumil's Infosec Blog

“Carry out all my demands or the entire country’s electricity will be cut off.” Is this another line from a suspense film, or is it a palpable threat made possible with a computer keyboard? “Today, there is a growing trend amongst hackers around the world to threaten national infrastructures for ransom,” says Dr. Yaniv Levyatan, an expert in information war at the Uni...

Comments  (1)


From the Web

Heartland breach shows why compliance is not enough

January 06, 2010 from: Office of Inadequate Security

The [Heartland] intrusion led to the “stark realization that passing a PCI security audit does not make a company secure,” said Avivah Litan, an analyst at research firm Gartner Inc. “This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face of companies complying with PCI,” she said.

Comments  (0)


From the Web

Pssst… For A Cup of Coffee, I’ll Say Your Cloud Is Secure

January 05, 2010 from: AEON Security Blog

In an article entitled “Cloud computing is a trap, warns GNU founder Richard Stallman” [1] the context couldn’t have been worded better:“It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign” … “Somebody is saying this is inevitable – and whenever you hear somebody saying that, it’s very likely...

Comments  (0)


From the Web

Cloud Security: Want Some Fake Fries With That Vapor Shake?

December 30, 2009 from: AEON Security Blog

Recently I stumbled upon the Cloud Security Alliance’s “Security Guidance for Critical Areas of Focus in Cloud Computing V2.1” [1] and took a quick step back at this statement: Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties. In being fair and logical about my interpret...

Comments  (1)


From the Web

Hacking the US Government Is Cheap – Costwise

December 21, 2009 from: AEON Security Blog

Anyone who follows information security news is probably wondering this week: “What in the hell is up with security in this country”. At least for those of us living in the United States, this should of been the statement of choice.

Comments  (1)


From the Web

Many More Government Records Compromised in 2009 than Year Ago, Report Claims

December 03, 2009 from: Office of Inadequate Security

If you’re bummed about the data in your department that just got breached, you have some cold comfort. Although the combined number of reported data breaches in the government and the military has dropped in 2009 compared to last year, many more records were compromised in those breaches, according to recent figures compiled by a California nonprofit.

Comments  (0)


From the Web

ICO publishes guide to Data Protection Act

November 30, 2009 from: Office of Inadequate Security

The Information Commissioner’s Office (ICO) has produced a new plain English Guide to Data Protection to provide businesses and organizations with practical advice about the Data Protection Act and dispel myths. The guide will help organizations safeguard personal data and comply with the law. The guide takes a straight-forward look at the principles of the Data Protection Act and uses pract...

Comments  (0)


From the Web

Update: Stolen BCBS hard drives had data on 2 million insured

November 16, 2009 from: Office of Inadequate Security

One of Tennessee’s largest holders of personal information confirms that an October theft from a Chattanooga office affects about 2 million of its clients. Blue Cross Blue Shield said 68 computer hard drives that contained Social Security numbers and other sensitive information were taken from the office.

Comments  (0)


From the Web

Senate Panel Clears Data Breach Bills

November 05, 2009 from: Office of Inadequate Security

The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration.

Comments  (0)


« First < Previous   | 1 - 2 |   Next > Last »