Articles Tagged with "Policy"


From the Web

Security test prompts federal fraud alert

August 28, 2009 from: Office of Inadequate Security

A sanctioned security test of a bank’s computer systems had some unexpected consequences this week, leading the federal agency that oversees U.S. credit unions to issue a fraud alert.

Comments  (0)


From the Web

Finance company identifies 294 recipients of non-payment legal threat

August 18, 2009 from: Office of Inadequate Security

A finance company has disclosed the email addresses of 294 customers that it says are behind in their repayments to the firm. The company emailed the customers but did not hide the addresses of everyone it contacted.

Comments  (0)


From the Web

Audit of Dept of Energy reveals unaddressed problems

August 18, 2009 from: Office of Inadequate Security

The Department of Energy and its contractors store and process massive quantities of sensitive information to accomplish national security, energy, science, and environmental missions. Sensitive unclassified data, such as personally identifiable information (PII), official use only, and unclassified controlled nuclear information require special handling and protection to prevent misuse of the inf...

Comments  (1)


From the Web

Overcoming Objections to an Application Security Program

August 17, 2009 from: Jeremiah Grossman's Blog

Today a large percentage of security professionals truly “get” application security. They understand the importance, the best-practices, the value, etc. What inhibits their success the most in building an effective application security program is a lack of buy-in from the business and support from development groups.

Comments  (1)


From the Web

Security Religions and Risk Windows

August 09, 2009 from: Jeremiah Grossman's Blog

Information security threats are way up, fraud losses continue to rise, regulatory fines are increasingly common, and budget dollars to solve the myriad of problems are in short supply. Hampered by a sluggish economy, organizations simply cannot afford to hire all the talent they need, implement every best-practice, or buy every blinking light widget out there. Sacrifices are unavoidable, risk mus...

Comments  (0)


From the Web

TNCC computer tech says access now cut off

August 03, 2009 from: Office of Inadequate Security

Last week, the Daily Press reported that a former part-time computer help desk technician at Thomas Nelson Community College claimed that he had been laid off almost three weeks earlier, but that he still had computer access to the records and Social Security numbers of every student in the Virginia Communit...

Comments  (0)