Latest Blog Posts

8d04c13e080ecc73656118e7650fbb4c

Lies, Damn Lies, Statistics & Risk Management

October 24, 2009 Added by:Todd Zebert

Past willful risky behavior, and then outright foolishness, we have Risk Mismanagement. We’ve all head the quote “Lies, damned lies, and statistics” (author unknown) with its intention that statistics can be used to lie persuasively or lend credence to otherwise suspect arguments. With Risk Management we’ve layered Management on top of statistics - this is where things can ...

Comments  (0)

Abceedf5017915685f379075f00a5ccd

Useless Account Control

October 22, 2009 Added by:Sudha Nagaraj

In these days of heightened security awareness, I would think any and every operating system should boast of a robust anti-virus software suite. The fact that Microsoft released its much-awaited and highly proclaimed Windows 7 OS today without built-in anti-virus software continues to puzzle me.

Comments  (0)

Abceedf5017915685f379075f00a5ccd

A Host of Insecurities about Security

October 21, 2009 Added by:Sudha Nagaraj

Security concerns will continue to dominate the IT sphere for a while. Governments are crying hoarse to put in preventive measures, the security industry is struggling to make up for losses suffered in a recessionary environment, enterprises are growing paranoid about the ‘insider threat’ and the small and medium enterprises are waking up to the need for security management.

Comments  (0)

B038fefd7a19c26505d1f0671609d8ce

Mitigating Risks by Leveraging a Core Business Process

October 20, 2009 Added by:Mike Cuppett

When it comes to audits and other compliance requirements - think Sarbanes-Oxley, PCI-DSS, internal and external audits, etc. - people tend to get a bit uptight and flustered. Fortunately, by keeping a calm head and a rational perspective, your reaction to these challenges can be cool and calm, allowing you to leverage a methodology you already know - risk mitigation.

Comments  (0)

B32b392ce3a707f05f4838c48c67d9cf

Should SSL be enabled on every website?

October 14, 2009 Added by:Christopher Hudel

Using SSL to secure all websites may seem like an odd choice; most websites contain no "nuggets" worth taking, SSL apparently slows the page load time (especially on over provisioned hosting platforms), and it's not clear if doing so will kibosh any search engine optimizations. 

Comments  (10)

Abceedf5017915685f379075f00a5ccd

My Mind is Wave-ering on the Utility, Security and Privacy Aspects

October 14, 2009 Added by:Sudha Nagaraj

Like many other Wave-wannabes, I am also awaiting an invite from Google to try out their all-in-one communication solution Google Wave. But I have my trepidations: over making my private work public, over opening up for comment work that is still being worked out, over messing up “my thoughts” with a thousand other theories, over starting something with the full knowledge that it could...

Comments  (0)

C7159a557369b66632c4b54bf746b69e

The parallels between Information Security & Sun Tzu’s-The Art of War

October 13, 2009 Added by:Sean Inman

Correlations between Sun Tzu's Art of War and Information Security from Steve Pinman. "I think most organizations can demonstrate a well thought out plan(s) for dealing with “predictable” security attacks such as viruses and DDoS attacks, but how many organizations are actively engaged in planning for new threats and new attack vectors?"

Comments  (1)

Abceedf5017915685f379075f00a5ccd

Spammers Feasting on the East

October 13, 2009 Added by:Sudha Nagaraj

In India, Diwali or the ‘Festival of Lights’ is round the corner. As the D-day draws closer, Indians are flocking to malls and travel operators to shop and make reservations for the up-coming holidays. At this juncture, Symantec has released an advisory warning users against emails that offer discounts, holiday deals and other enticing subject lines which feature the word Diwali.

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Preventative Measures for Drive-by Malware

October 12, 2009 Added by:Ron Lepofsky

This article identifies preventative measures that both end users and web site managers can implement to protect all concerned from the dangers of drive-by malware.

Comments  (0)

Abceedf5017915685f379075f00a5ccd

Squinting at Cloud Formations

October 12, 2009 Added by:Sudha Nagaraj

The problem with the cloud is that it can evaporate leaving no trace behind! The weekend thunderbolt that hit over a million subscribers of T-Mobile Sidekick, operated by the Microsoft subsidiary, Danger Inc in the US, is standing testimony to the whimsical nature of cloud computing.

Comments  (0)

1edd33b030fca4ea748c10bae11a7946

The Fully Auditable Cloud - Fact or Fiction

October 12, 2009 Added by:Bob Broda

Cloud computing is a rapidly growing phenomena that is being evaluated by companies of all sizes.   Though it has many positives, much of corporate America is not yet ready to accept migrating major applications to the cloud until concerns about security, privacy, and reliability are addressed.

Comments  (0)

C7159a557369b66632c4b54bf746b69e

Vishing scams are making a return

October 11, 2009 Added by:Sean Inman

On Friday 10/09/2009 it was reported in a ISC Diary update a new Vishing scheme is making its way across AT&T, Sprint and T-Mobiles networks.  Vishing is the cousin of Phishing, but this latest attempt indicates that its still a practical method of attack.  The recent attack starts with a text message that reports a problem with the victims account. They’re instructed to dial a...

Comments  (0)

C7159a557369b66632c4b54bf746b69e

Does your Security Program align with the organizations goals?

October 11, 2009 Added by:Sean Inman

Do you know the GOALs of your organization?  Why does the organization exist?  What’s theorganization’s purpose?  Even if you work for a “security company,” the organization’s main goal is not going to be security (or at least it shouldn’t be).

Comments  (1)

39b6d5c1d3c6db11155b975f1b08059f

Anti-Social Networking Sites: Part 2

October 09, 2009 Added by:Ron Lepofsky

Since the last blog there has been a steady stream of news about more security threats originating at web sites, particularly from social networking sites.  Profit motive appears to be the primary intent of the threats.  The methodology is committing identity theft for profit.   Below are a sample of four  web based news articles to which I refer:

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Anti-Social Networking Sites

October 09, 2009 Added by:Ron Lepofsky

Over the last two weeks security news reports identify social networking sites as distribution points for malware of all sorts and flavours and as botnets for distributing more of the same.  In addition, site users seem enthusiastic to reveal personal information to those who would gladly accept the information for purposes of identity theft

Comments  (1)

6f611188ad4a81ffc2edab83b0705d76

Good Job!

October 09, 2009 Added by:Sandra Avery

CNN Money.com released its pick for the 50 best jobs in America.   IT won 3 of the 10 spots, with  Computer/Network Security Consultant coming in at number 8.  They describe the job as “protecting computer systems and networks against hackers, spyware, and viruses” and list pre-requisites for the job as “major geekdom”.

Comments  (0)


« First < Previous | 469 - 470 - 471 - 472 - 473 | Next > Last »