Enterprise Security
Computer Security or Information Security? What are we talking about?
June 10, 2010 Added by:Jorge Mieres
I usually receive consultations in which, conceptually speaking, there is a notable confusion about the difference between computer security and information security. Therefore, we will try to clarify the issue in question.
Comments (1)
Choosing an Infosec Consultancy
June 09, 2010 Added by:Javvad Malik
First off you need to decide why you actually need an infosec consultancy. Is it because the work can't be done in-house? Or there are confidentiality issues? Or someone at the golf course just mentioned how their infosec team can sort out all of your problems?
Comments (1)
PineApp CEO Hezi Erez: Recession Threatens Security
June 08, 2010 Added by:Anthony M. Freed
I recently had the opportunity to discuss enterprise security issues with Hezi Erez, CEO at PineApp, a leading security solution provider for Information Technology. Mr. Erez is a 1986 graduate of the Technion, the Israel Institute of Technology, and he specializes in telecommunication, microelectronics, computers and optics, and Mr. Erez has 20 years of extensive experience as an executive in Hi-...
Comments (0)
Similarities and differences between ISO 27001 and BS 25999-2
June 08, 2010 Added by:Dejan Kosutic
At first glance, information security and business continuity don’t have much in common – some would add that the only similarity is that they are both about IT.Information security management is best defined in the International standard ISO/IEC 27001, while business continuity management is defined in the British standard BS 25999-2 – therefore, if we want to compar...
Comments (0)
Choosing Endpoint DLP Agents
June 07, 2010 Added by:Danny Lieberman
There is a lot to be said for preventing data loss at the point of use but if you are considering endpoint DLP (data loss prevention), I recommend against buying and deploying an integrated DLP/Anti-virus end-point security agent. This is for 4 reasons:
Comments (2)
Don't Ask..Don't Yell
June 07, 2010 Added by:Ron Baklarz
In case you have not been following the current slew of cyber security-related legislation that has been penned during the 111th Congress, there are currently 35 different laws in various stages of the legislative process. Melissa Hathaway, former White House cyber security advisor, has recently released a study of these legislations
Comments (0)
Some words about Information Security
June 07, 2010 Added by:Jorge Mieres
Organizations are increasingly dependent on their computer networks and a problem affecting them, no matter how small, can compromise the continuity of operations, a situation which inevitably results in economic loss. An increasing number and complexity of new computer attacks, becoming more specialized skills whose goals are an economic nature for the benefit of the attackers also in the mi...
Comments (0)
What Penetration Testing and patios have in common
June 07, 2010 Added by:John Verry
Had an interesting (and familiar) call with a potential client yesterday regarding a Penetration Testing proposal. "We really like your proposal, but honestly, we are trying to figure out why you are so much cheaper than the other firm that we are looking at ... "
Comments (6)
Data-centric security
June 06, 2010 Added by:Eli Talmor
IT security professionals engaged in a game of cat and mouse with hackers as fast as they deploy security countermeasures, these rogue elements discover loopholes or entirely new avenues of attack. Traditional security methods have relied upon closely guarding the perimeter of a company's network.
Comments (0)
Why Enterprise Rights Management software should work on all operating system platforms
June 01, 2010 Added by:Peter Abatan
Google’s decision to start moving away from the Windows operating system because of its vulnerabilities in my opinion represents a seismic shift in the IT industry. Although Google is still silent on this matter, if true many big enterprises will start to look into the feasibility of migrating to other operating systems like Linux, OS X and in the future Chrome OS.
Comments (5)
Main obstacles to the implementation of ISO 27001
June 01, 2010 Added by:Dejan Kosutic
You have this great idea that ISO 27001 will help you achieve compliance, attract new customers, decrease cost of incidents, and streamline your core IT processes? The idea is nice, but when it comes to implementation, things are getting complicated.
Comments (3)
Irrefutably Identifying Ourselves
June 01, 2010 Added by:Ron Lepofsky
A deluge of compliance requirements have inundated organizations, which obligate information security officers to protect; sensitive personal and corporate data from theft; critical data from theft and corruption; medical and health data from theft, surveillance, and destruction.
Comments (0)
What is the Value of a Trade Secret?
May 30, 2010 Added by:Danny Lieberman
My guess is that the value of software patents is on the decline, taking value as the net of the economic upside of the software patent less the cost of patent development, application and enforcement.
Comments (3)
Document Management for ISO 27001 and BS 25999-2
May 28, 2010 Added by:Dejan Kosutic
Why is it that ISO 27001 and BS 25999-2 put such an emphasis on the control of documents? Both standards define very strictly how the documents must be managed, and require that the organization must have a documented procedure for managing documents – even worse, you won’t get certified unless you have such a procedure.
Comments (0)
Information security policy – how detailed should it be?
May 26, 2010 Added by:Dejan Kosutic
Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to how many numerical digits a password should contain. The only problem with such policies is that they contain 50 or more pages, and - no one is really taking them seriously. They usually end up serving as artificial documents whose sole purpose is to satisfy the ...
Comments (4)
How to deal with failure to keep the bad guys out.
May 26, 2010 Added by:Eli Talmor
More money is now being made from cybercrime than the billions that come from drug trafficking, AT&T's Chief Security Officer Edward Amoroso has told a US Senate Commerce Committee. Some $1 trillion annually is being siphoned off by cyber criminals according to the security chief.
Comments (0)
- Singapore Health Database Hit by 'Major' Cyberattack
- Q3 Oracle CPU Preview: Fewer Java SE Patches May Not Mean Fewer Flaws
- Memory Protection beyond the Endpoint
- Intent Based Networking: Turning Intentions into Reality
- Science Fiction Come True: Weaponized Technology Threatens to Shatter Security, Critical Systems
- Navigating Dangerous Waters: the Maritime Industry’s New Cybersecurity Threat as Technology Innovation Grows
- Is User Training the Weakest Link for Your Email Security Approach?
- Least Privilege Access – Still at the Front Lines of Security
- "Can you Hear Me Now?” - Security Professionals Warn about Who May Be Listening
- Every Business Can Have Visibility into Advanced and Sophisticated Attacks