Enterprise Security


Open Source Intelligence Operations Part One

May 10, 2010 Added by:Bozidar Spirovski

Wikipedia defines Open source intelligence (OSINT) is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence. In reality, the methodology used in OSINT is the information gathering phase of every penetration phase. They only stuck a fancy name to the process.

Comments  (0)


Top Two Responses to a Security Threat

May 10, 2010 Added by:Danny Lieberman

How does your company mitigate the risk of data security threats? Is your company management adopting a policy of “It’s other peoples money”? In a recent thread on LinkedIn - Jody Keyser shared some quotes from David Vose’s book on risk, reliability and computerized risk modeling:  Risk Analysis a quantitative guide.

Comments  (0)


The cyber-gangsters' "weapons" and the state of Internet security

May 10, 2010 Added by:Roman Zeltser

Writing an article about Chinese hackers (all 3 parts were published here - please use the search to find them) I had to explain why it's difficult to fight against them due to a wide range of tools, methods and existing vulnerability of operating systems and applications in addition to the specific political conditions in China. Since this material turned to more than 15-page informati...

Comments  (0)


Seven Scary Cyber Scenarios

May 09, 2010 Added by:Richard Stiennon

Scenario planning is an important tool in the realm of cyber security.  Stakeholder teams are assembled to create plausible scenarios of possible future threats. Repercussions are predicted to help quantify risk and justify mitigating investments in technology and changes to policy and operations.

Comments  (1)


DATA LEAKAGE a la Digital Copy Machine

May 06, 2010 Added by:David Jordan

Why spend time attempting to HACK an enterprise network when the wanted data is rolling out the door of the target facility each time a copier is replaced!

Comments  (6)


Three Steps To Securing Your Network

May 06, 2010 Added by:Global Knowledge

Securing an organization's assets requires work, and there are many different ways to classify controls. This white paper examines three common types of controls are administrative, technical, and physical.

Comments  (2)


Should we be afraid of Chinese hackers? ...Or lost cyber war. (Part II)

May 03, 2010 Added by:Roman Zeltser

Internet users in China aged below 25 spend on average 50 percent of their leisure time online, according to this survey. Those surveyed in China demonstrated high levels of social media activity. Nearly 9 out of 10 Chinese respondents indicated that they actively read or contribute to blogs and 85 percent said they participate in chat rooms.

Comments  (2)


Under illumination variations, exploiting 3D image for ‘Face Authentication’ in Biometrics…

May 02, 2010 Added by:K S Abhiraj

This article shows some of the basic techniques through which, Biometic authentication worked before.. and a basic mean how it could be crooked up, for gaining authentication. Automatic recognition of human faces is extremely useful in a wide area of applications, such as face identification for security and access control, surveillance of public places, mug shot matching and other commerc...

Comments  (0)


Is it really important to have a structured security budget? (part3)

May 01, 2010 Added by:Dario Forte

One management practice that is often applied in structured organizations involves reporting the entire set of IT budget portfolio projects according to a view that links risk with value, as agreed between business functions and the IT department on the basis of predetermined yardsticks. 

Comments  (0)


What is a "Failure to Implement"?

April 30, 2010 Added by:Katie Weaver-Johnson

Recently, Awareity’s CEO, Rick Shaw, was asked to present at the Infotec conference in Omaha.   During his presentation, “The Truths (and Myths) About Assessments, Planning and Implementing”, Rick discussed the three-legged stool each organization is sitting on, and the importance of all three legs (Assessments, Planning/Developing and Implementing).

Comments  (3)


Is it really important to have a structured security budget? (part2)

April 30, 2010 Added by:Dario Forte

Company problems cannot be resolved with software. Another factor that I have noticed in my recent work as security advisor is the divergence between the enthusiasm of providers for the growth in security budgets, as reported in the surveys of recent years, and reality. It is probable that more is invested in security hardware and software, but this does not necessarily mean increasing security...

Comments  (0)


Google Hack Whacks Passwords

April 30, 2010 Added by:Robert Siciliano

Code named Gaia after “Greek Goddess of Earth” a Google single sign on password system was hacked in December. Google is a significant part of many individuals and businesses online activities. Millions rely on Google every day to be fast, functional and most important, secure. A breach such as this may erode the confidence of Google users, but for many, they have all their egg...

Comments  (2)


Carl Levin Poses Several Cyber Scenarios

April 29, 2010 Added by:Richard Stiennon

Today’s hearing on the nominations of Keith Alexander to head CYBERCOM (and Admiral Winnfield to head NORAD and NORTHCOM) were the first time that  operational responsibilities of CYBERCOM have been discussed in a public forum.

Comments  (0)


On Secure and Agile Collaboration

April 29, 2010 Added by:Danny Lieberman

One of the biggest challenges in global multi-center clinical trials (after enrollment of patients) is collaboration between multi-center clinical trial teams: CRAs, investigators, regulatory, marketing, manufacturing, market research, data managers, statisticians and site administrators.

Comments  (1)


Congressional Briefing: The Economics of Cybersecurity

April 26, 2010 Added by:Marjorie Morgan

On May 7, 2010, the Internet Security Alliance (ISA) and the American National Standards Institute (ANSI) will brief members of Congress and their staff on their new publication, The FinancialManagement of Cyber Risk: An Implementation Framework for CFOs.

Comments  (0)


Risk Mitigation through Collaborative Innovation

April 26, 2010 Added by:Steven Fox, CISSP, QSA

Did you innovate today? Let’s say that you did! Good job! Did you get the idea from a podcast or webinar? Maybe. Odds are that you got wind of an interesting idea when you sat with a different team during lunch. Perhaps you attended a presentation by the business analysis group after the cancellation of an audit meeting. In either case, a synergy occured between new and acquired knowledge &n...

Comments  (0)

Page « < 73 - 74 - 75 - 76 - 77 > »
Most Liked