Blog Posts Tagged with "Practical Threat Analysis"

959779642e6e758563e80b5d83150a9f

Best Ways for Businesses to Prevent Data Breaches

February 01, 2012 Added by:Danny Lieberman

Most security breaches are attacks by insiders and most attackers are trusted people that exploit software system vulnerabilities (bugs, weak passwords, default configurations etc…). Neither security awareness nor UAC are effective...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Ten Steps to Protect Your Organization's Data

January 13, 2012 Added by:Danny Lieberman

Despite claims that protecting data assets is strategic to an enterprise, and IT governance talk about business alignment and adding value – my experience is that most organizations will not do anything until they’ve had a fraud or data security event...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Medical Device Security

December 27, 2011 Added by:Danny Lieberman

A threat analysis was performed on a medical device used in intensive care units. The analysis considers the security implications of deploying the devices inside a hospital network. Different stakeholders have different security and compliance concerns and therefore different agendas...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Case Study: A Cloud Security Assessment

December 13, 2011 Added by:Danny Lieberman

A client asked us to find a way to reduce risk exposure at the lowest cost. Using the Business Threat Modeling methodology and Practical Threat Analysis software, we were able to mitigate 80% of the total risk exposure in dollars at half the security budget proposed by the vendor....

Comments  (1)

959779642e6e758563e80b5d83150a9f

Case Study: SOX IT Compliance

December 01, 2011 Added by:Danny Lieberman

We performed a Sarbanes-Oxley IT top down security assessment for a NASDAQ-traded advanced technology company to evaluate internal and external threats that impact the company’s information assets. Using Business Threat Modeling, a practical threat analysis model was constructed...

Comments  (0)