Latest Blog Posts
Sometimes, some stuff should just stay private...
April 01, 2010 Added by:Jason Remillard
As reported in the past few days, a site selling Durex condoms have had a small 'exposure' problem. As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login - simply by changing the order number!
Comments (0)
How to Avoid the New BOTNET Herders
March 31, 2010 Added by:Theresa Payton
There’s a new game in town offering jobs to anyone with a home office and a computer. Be careful what you or your kids accept when applying for jobs online. You or your kids may be accepting a job working for a cybercriminal outfit.
Comments (2)
Mitigating Risks of the IT Disaster Recovery Test
March 31, 2010 Added by:Bozidar Spirovski
The IT Disaster Recovery Test as part of the Business Continuity testing is becoming an annual event for most IT departments. It is mandated by a lot of regulators, nearly insisted upon by internal audit and ofcourse a very healthy thing to do.
Comments (0)
ISAlliance/ANSI Report: The Financial Management of Cyber Risk
March 30, 2010 Added by:Anthony M. Freed
According to the White House Cyberspace Policy Review (CSPR), between 2008 and 2009 American business losses due to cyber attacks had grown to more than $1 trillion of intellectual property - a staggering figure that impacts not only American business, but also our national security, which is dependent upon a robust and secure information infrastructure.
Comments (0)
Changing Your Security Requires Learning about Change
March 30, 2010 Added by:Danny Lieberman
Reading through the trade press, DLP vendor marketing collateral and various forums on information security, the conventional wisdom is that the key threat to an organization is trusted insiders.
Comments (0)
Social Media and Identity Theft Risks PT II
March 30, 2010 Added by:Robert Siciliano
Now that the 3 major search engines Google, Bing and Yahoo index real-time search for Twitter and other social networks, consumers and employees must be aware that not all relevant search is a safe click. Scammers and identity thieves see this as real-time free advertising for their malware.
Comments (2)
An Interview with Symantec CEO Enrique Salem
March 29, 2010 Added by:Rahul Neel Mani
Enrique Salem, President and CEO of Symantec, in a conversation with Vinita Gupta, discusses the new challenges that CIOs are facing and Symantec's roadmap for the years ahead.
Comments (0)
Accelerating Assessment with MS Security Assessment Tool
March 29, 2010 Added by:Bozidar Spirovski
When working on a security assessment, it is always helpful to use an automated tool that compares the key elements to the known best practices, and generates an overview result set.
Comments (0)
On The State of Global Information Security
March 28, 2010 Added by:Anthony M. Freed
Simply stated, the state of global information security efforts is dismal. Cybercrime, fraud, corporate espionage, and threats to critical infrastructure are escalating at a record pace, and we can all count on the fact that things are certain to become much worse over this decade.
Comments (5)
Is Security a Curse for the Cloud Computing Industry?
March 25, 2010 Added by:Richard Stiennon
In 1975 my father, a doctor, was approached by some entrepreneurs. They had a brilliant idea. They were going to purchase a mainframe computer and sell computing on a timeshare basis to anyone who wanted to connect to it. Charges would be based on compute cycles and applications would be provided pre-loaded. Sound familiar? That was cloud computing. Today’s clou...
Comments (3)
The Tao of GRC for CISOs and CSOs
March 25, 2010 Added by:Danny Lieberman
The GRC (governance, risk and compliance) market is driven by three factors: government regulation such as Sarbanes-Oxley, industry compliance such as PCI DSS 1.2 and growing numbers of data security breaches and Internet acceptable usage violations in the workplace. $14BN a year is spent in the US alone on corporate-governance-related IT spending .
Comments (2)
Social Media and Identity Theft Risks PT I
March 24, 2010 Added by:Robert Siciliano
Whether or not you believe social media to be as asset or liability to your organization, believe this; there are close to a half a billion people signed up to and involved in social media. Some say social media sites such as Facebook and other combined have close to a billion views per month. WEB 2.0 is alive and well and has changed the game for the IT professional.
Comments (0)
Cyber Crime & Terrorism Take a Dangerous Turn
March 24, 2010 Added by:Jenni Hesterman
Most would agree that globalization, fed by technological advances in the information system and telecommunications realms, has overwhelmingly been a "good thing". Our world is connected like never before, and those formerly isolated are now part of the landscape, able to access critical medical information, tap educational resources and answer almost any question in two clicks.
Comments (4)
Infosec Island Network Welcomes 1000th Member
March 23, 2010 Added by:Infosec Island Admin
The Infosec Island Network is pleased to announce the registration of our 1000th member since our launch September 1, 2009. Our community of professionals now represents more than 100 registered companies and organizations, and our traffic exceeds 40,000 visitors monthly.
Comments (0)
Interview with Former White House CIO Theresa Payton
March 23, 2010 Added by:Anthony M. Freed
I recently had the pleasure of making the acquaintance of the illustrious Theresa Payton, who's long and vibrant career has spanned multiple industry sectors and government service at the highest levels.
Comments (4)
Big Brother Has the Power to Turn Off Your Car
March 22, 2010 Added by:Theresa Payton
As our world becomes more automated and every day gadgets are infused with computer machinery, you are more at risk of a glitch, or worse. Over 100 car owners in Austin, TX had the worst surprise ever recently. Cars began behaving badly - they would not turn on or the horns were honking.