Policy

3e35900ae6facc6c146a85c435c71d82

Computer Incident Response and Product Security

April 03, 2011 Added by:Ben Rothke

Be it a IRT, CIRT, CERT, or CSIRT, whatever the term used, companies desperately need a team to formally respond to computer security incidents. The simple equation is that to the degree the incident is quickly identified, handled and ameliorated, so is the damage contained...

Comments  (0)

44a2e0804995faf8d2e3b084a1e2db1d

Dutch National Cyber Security Strategy - Blessing or Curse?

March 31, 2011 Added by:Don Eijndhoven

For now, very few experts take these measures seriously and fear that our National cyber defense posture will be weakened rather than strengthened. Let´s hope that this is not the case, because various research papers already point to The Netherlands as a haven for malware...

Comments  (2)

9259e8d30306ac2ef4c5dd1936e67634

Seven Steps for Implementing Policies and Procedures

March 17, 2011 Added by:Dejan Kosutic

Have you ever been given the task to write a security policy or a procedure, but you don't want your document to end up gathering dust in some forgotten drawer? Here are some thoughts that might help you...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Telecoms to Cap Bandwidth and Impose Usage Fees

March 15, 2011 Added by:Headlines

Services like Netflix and other companies that provide streaming media could be impacted, as users would need to limit themselves to an average of less than ninety minutes of media per day to avoid the increased fees...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Corporations Not Entitled to Personal Privacy Under FOIA

March 12, 2011 Added by:David Navetta

The Court's decision reversed a Court of Appeals’ holding that corporations could prevent the release of information subject to a FOIA request on the basis of an exemption that shields information that "could reasonably be expected to constitute an unwarranted invasion of personal privacy”...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Senator Pushes for Federal Cyber Security Progress

March 11, 2011 Added by:Headlines

Senator Sheldon Whitehouse is turning up the heat on the Obama administration to follow through on a comprehensive federal cyber security overhaul. During a Senate hearing this week, Whitehouse pressed Homeland Security Secretary Janet Napolitano for updates on the administration's position...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Psychology of 'Secure Code': A Tale of 2 Dev Shops

March 10, 2011 Added by:Rafal Los

Security generally slows down development, adds cost, and increases test time, so it is not seen as a general practice. In fact, the dedicated dev house has an incentive not to have security as a core requirement. Why? Simple - they want to churn out code/projects faster...

Comments  (0)

509ea0c1f4a210534eb004d35c10aa2d

ISA Endorses Civil Liberties Cybersecurity Document

March 07, 2011 Added by:Marjorie Morgan

"When it comes to enhancing our nation’s cyber security we understand that the devil is in the details. That’s why we have worked over the past six months to hammer out very specific policy positions... in a way that protects our national security, our economy and our civil liberties..."

Comments  (0)

47d6748b0a28ace8263ed75fec1afe4c

Information Security Policies and Procedures Part 1

March 04, 2011 Added by:Alex Hamerstone

It is important to note that certain policies may be confidential according to an asset classification program. A Network Security Policy delineating requirements for protections such as connection restrictions or intrusion protection and detection may be valuable for an attacker...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Developer Psychology - The Infinite Feedback Loop

March 02, 2011 Added by:Rafal Los

Developers are having issues understanding us as Infosec people. We need to be less alarmist, and more sensitive to their time lines and goals, and we also need to be able to speak "developer", which means not sending over huge reports with thousands of pages of vulnerabilities...

Comments  (0)

B44a73900ca3197c2d8f148e303b3faa

Building Out a Security Skills Matrix

February 24, 2011 Added by:Brad Bemis

As the manager of a security operations team, I needed a way to track the current skills/knowledge levels of my team, and its progress over time. That’s what this matrix did for me – and it could do the same for you to – IF you’re willing to take the time to build one that is...

Comments  (1)

B44a73900ca3197c2d8f148e303b3faa

Changing Infosec Perceptions by Being 'Nice'

February 22, 2011 Added by:Brad Bemis

Pardon my language, but in my experience you don’t have to be a prick to be an effective security professional – in fact, being a prick is counterproductive in almost every way imaginable. Being nice however, will serve you in ways that I can’t even begin to explain...

Comments  (1)

7e6249b5c7f6b63c28587c820b16edcb

Digital Forensics and E-Discovery on OpenVMS

February 21, 2011 Added by:Robert Gezelter

OpenVMS system managers need to develop the plans, processes, and procedures to respond to legal process requests. Correctly dealing with these requests minimizes the impact on production systems. Failure to address these situations can expose the organization to significant liability...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Shoring Up National Cyber Security Infrastructure

February 21, 2011 Added by:Robert Siciliano

Corporations and government agencies are legally required to secure their systems. But no such standards exist for the consumer. No laws require you to take a single step for the sake of your own security. Software vendors should certainly be held accountable if their products aren’t secure...

Comments  (0)

972cda1e62b72640cb7ac702714a115f

Managing the Infosec Investigative Function

February 13, 2011 Added by:Kurt Aubuchon

Conducting effective investigations requires specialized knowledge, skills, and abilities. It is not necessarily the case that the Infosec analyst who can manage a tight network perimeter can also conduct a good investigation. Investigations are risky and politically sensitive affairs...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Security Risks: Betting With Other People's Money

February 11, 2011 Added by:Rafal Los

The company made a conscious decision, at the board level to stick its head in the sand. After doing some complex mathematical calculations and figuring out what a full-scale Software Security Assurance program would cost versus what it costs to pay fines and lawyers, they've decided on the latter...

Comments  (2)

Page « < 31 - 32 - 33 - 34 - 35 > »