Blog Posts Tagged with "Risk"
January 13, 2016 Added by:InfosecIsland News
Chief risk officers (CRO) will need to keep close watch on a number of strategic, operational, and external risks this year. Effective risk management and mitigation will be critical, since companies' strategies, business models, operations, reputations, and, ultimately, survival are on the line.
The Technical Limitations of Lloyd’s Cyber Report on the Insurance Implications of Cyberattack on the US Grid
July 31, 2015 Added by:Joe Weiss
The recent Lloyd’s report on cyber implications of the electric grid serves an important need to understand the insurance implications of a cyber attack against the electric grid. Unfortunately, I believe the technical aspects of the hypothesized attack in the Lloyd’s study are too flawed to be used.
September 19, 2012 Added by:Stephen Marchewitz
Every time I read something regarding the core terminology in security and risk management, I start to question whether they really know what they’re talking about. Even worse, some speak with so many words and such arrogance, I start question whether I know what I’m talking about...
May 06, 2011 Added by:Thomas Fox
Both risk and compliance are converging. Your company should review its compliance program in these three areas to determine if any of its business relationships are on the lists set out in this article. Not only does it make business sense, but it may keep you out of regulatory scrutiny..
April 21, 2011 Added by:kapil assudani
Business use cases must be consumed by the IT group to build functional/non-functional requirements. Security mis-use cases in their remediated language turn into functional/non-functional requirements. If security is engaged - we translate them into detailed technical requirements...
April 19, 2011 Added by:Sasha Nunke
Vulnerabilities in web applications are now the largest source of enterprise security attacks. Web application vulnerabilities accounted for over 55% of all vulnerabilities disclosed in 2010, according to an IBM X-Force study. That may be the tip of the iceberg...
April 18, 2011 Added by:kapil assudani
In many companies, the culture is to embrace security only where it is absolutely necessary, and this usually comes through corporate security policies and industry regulations. Beyond these, security groups hardly have any teeth - unless its a critical security issue...
March 16, 2011 Added by:Pete Herzog
Routines make us predictable which, becomes our flaw. The problem with "patching" these flaws is that they are design features which are the product of being human. In addressing those flaws we will also ruin many of the good things about people which make them creative, social, and productive...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015