Enterprise Security


Main obstacles to the implementation of ISO 27001

June 01, 2010 Added by:Dejan Kosutic

You have this great idea that ISO 27001 will help you achieve compliance, attract new customers, decrease cost of incidents, and streamline your core IT processes? The idea is nice, but when it comes to implementation, things are getting complicated.

Comments  (3)


Irrefutably Identifying Ourselves

June 01, 2010 Added by:Ron Lepofsky

A deluge of compliance requirements have inundated organizations, which obligate information security officers to protect; sensitive personal and corporate data from theft; critical data from theft and corruption; medical and health data from theft, surveillance, and destruction.

Comments  (0)


What is the Value of a Trade Secret?

May 30, 2010 Added by:Danny Lieberman

My guess is that the value of software patents is on the decline, taking value as the net of the economic upside of the software patent less the cost of  patent development, application and enforcement.

Comments  (3)


Document Management for ISO 27001 and BS 25999-2

May 28, 2010 Added by:Dejan Kosutic

Why is it that ISO 27001 and BS 25999-2 put such an emphasis on the control of documents? Both standards define very strictly how the documents must be managed, and require that the organization must have a documented procedure for managing documents – even worse, you won’t get certified unless you have such a procedure.

Comments  (0)


Information security policy – how detailed should it be?

May 26, 2010 Added by:Dejan Kosutic

Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to how many numerical digits a password should contain. The only problem with such policies is that they contain 50 or more pages, and - no one is really taking them seriously. They usually end up serving as artificial documents whose sole purpose is to satisfy the ...

Comments  (4)


How to deal with failure to keep the bad guys out.

May 26, 2010 Added by:Eli Talmor

More money is now being made from cybercrime than the billions that come from drug trafficking, AT&T's Chief Security Officer Edward Amoroso has told a US Senate Commerce Committee. Some $1 trillion annually is being siphoned off by cyber criminals according to the security chief.

Comments  (0)


Giving information security a KISS!

May 25, 2010 Added by:Security Ninja

The KISS I’m talking about giving to information security is the KISS principle: Keep It Short and Simple (or Keep It Simple Stupid)

Comments  (6)


Defining Identity Standards and the Cloud

May 22, 2010 Added by:Lauren Twele

With the formation of the Open Identity Exchange and OASIS Identity in the Cloud TC there is a renewed interest in Identity Management Standards and a new focus on the Cloud model. This has led to some recent discussions such as "What standards to use?", "How to derive value from standards (old and new)?", and "What resources to leverage in delivering standard...

Comments  (1)


Reasons to love infosec

May 22, 2010 Added by:Javvad Malik

Infosec sometimes unfairly gets a lot of bad press for being a barrier to business goals and objectives. How infosec professionals don’t understand business needs and drivers. How pouring money into security is about as good as burning it. But infosec has improved the quality of working and the lives of workers the world over.

Comments  (0)


ALL Security is Local

May 22, 2010 Added by:Ron Baklarz

Thomas P. O’Neill, former speaker of the US House of Representatives Tip O’Neill’s father, once said that “all politics is local.”  He postulated this axiom upon his son’s experiencing his first, and last, political loss.  What the wise father was advising his son was that he needed to be aware of and work harder on the political issues in his ow...

Comments  (0)


CFOs Need To Sober Up to Security Realities

May 19, 2010 Added by:Anthony M. Freed

For many organizations, network security issues are still considered technical cost-centers that are approached from the standpoint of compliance and the anticipated return on investment, with little consideration of the very real threat to overall enterprise risk.

Comments  (9)


Why do you work in Infosec?

May 19, 2010 Added by:Javvad Malik

I was at a social event the other day and got chatting to a few people sat around my table. People are curious creatures, so the topic of conversation quickly moves onto what you do for a living. I tend to adopt a formula to determine if they are worth continuing having a conversation with. A lot of times people reply with "oh I work in banking". So I take a look at them, T.M Lewin ...

Comments  (6)


Standardize Screening for Network Security Risks

May 18, 2010 Added by:Danny Lieberman

Best practices for data security are still evolving – as there are no industry-standard data security metrics and a confusing array of regulatory compliance and industry standards – PCI DSS 1.2, Sarbanes-Oxley, FISMA, ISO2700x – just to name a few.

Comments  (0)


Becoming the ultimate CISO

May 18, 2010 Added by:Javvad Malik

Every organisation has one. The ones that don’t; definitely need one. We’re talking about a Chief Information Security Officer. The alpha dog of security professionals within any given organisation. The person who sits at the board and convinces all them other executives to make sure the company protects their and their customers information.

Comments  (5)


Impact of Online Intelligence Searches part II

May 17, 2010 Added by:Bozidar Spirovski

In our previous article - "Open Source Intelligence Operations" we looked at the generic process of information gathering. But what is this process looking for? The answer to this question is important to all parties..

Comments  (0)


Data Mining Analysis vs. Predictive Modeling

May 16, 2010 Added by:Michael O'Connor

Fraud prevention and risk management professionals are familiar with both data mining/analysis and predictive modeling as tools of the trade, and the two are often discussed in conjunction with each other.

Comments  (0)

Page « < 73 - 74 - 75 - 76 - 77 > »