Blog Posts Tagged with "Policy"


SMBs and Disaster Recovery Planning

January 31, 2011 Added by:Ben Kepes

Mozy estimated that more than 50% of SMBs that suffer a major data loss will be out of business in 12 months. If one accepts these assumptions, then clearly some education beyond simply creating a pseudo data loss situation will go a long way to encourage SMBs to think about disaster recovery...

Comments  (0)


Compliance is Not Just a HIPAA - HITECH Issue

January 23, 2011 Added by:Jack Anderson

Failure to maintain an effective compliance program as determined by OMIG may subject a provider to sanctions, including termination from the Medicaid program. If this sounds familiar it is because it is nearly identical to HIPAA compliance rules...

Comments  (0)


Communication is the Key to Security

January 19, 2011 Added by:Mike Meikle

There is a sea change taking place in information technology however. The consumerization of the enterprise by the infiltration of mass market technology has lowered the drawbridge and allowed many unauthorized devices and services to stream in and out of the corporate network...

Comments  (0)


Federal Cyber Security and Executive Mobility

January 17, 2011 Added by:Jon Stout

As the Federal Government grows larger and larger, the vulnerability to cyber attack of its agency systems grows geometrically. And, since the entire network of diverse agencies and users is becoming more integrated, multiple access points open the entire system to attack...

Comments  (0)


PCI Lessons We Can Learn From the WikiLeaks Debacle

January 13, 2011 Added by:PCI Guru

Requirement 7 of the PCI DSS is all about access to cardholder data and verifying that those users continue to require access. The user management situation with the Net-Centric Diplomacy database is why requirement 7 was put into the PCI DSS...

Comments  (4)


Internet Security Alliance to Present at RSA Conference

January 10, 2011 Added by:Headlines

ISA will present on "How to Assess the Financial Impact of Cyber Risk" at the RSA conference. ISA’s mission is to integrate advanced technology with the realistic business needs of its members and enlightened public policy to create a sustained system of cyber security...

Comments  (0)


When Computers Watch Us, Who Watches Them?

January 10, 2011 Added by:Theresa Payton

When security guards use surveillance TVs they apply acumen, logic, intuition and skill. Computers use face recognition software and behavior patterns. This has far reaching opportunities to improve lives but potentially at the cost of your privacy. That does not mean I am opposed to it...

Comments  (0)


Commerce Department to Reign Over Cyber Identities

January 08, 2011 Added by:Headlines

"We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities..."

Comments  (0)


Retraction: White House Strategy to Prevent Leaks is Leaked

January 07, 2011 Added by:Infosec Island Admin

The document cited in this article, "M-11-08, Initial Assessments of Safeguarding and Counterintelligence Postures for Classified National Security Information in Automated Systems", was in fact not "leaked", as the article states...

Comments  (3)


CIOs Must Keep the Focus on the Big Picture

January 07, 2011 Added by:Rahul Neel Mani

A smart CIO knows when to stay out of tactical initiatives within the company, let his team get on with it, and keeps the focus on the big picture, says Anjan Bose, CIO Haldia Petrochemicals Ltd. Bose equips himself to see IT as a component of business, and never business as means to deploy IT...

Comments  (0)


Why QA Doesn't Do Security Testing

January 06, 2011 Added by:Rafal Los

Just because you're checking for the existence of the password requirement, or making sure pages aren't accessible without authentication doesn't actually mean you're doing security testing. In reality, this is just a small part of the overall security testing that applications require...

Comments  (1)


Phishing for Mobile Users? They Are Taking the Bait

January 05, 2011 Added by:Katie Weaver-Johnson

It is critical for organizations to implement clearly defined policies for using mobile devices. It is also important that organizations continue to update their employees as risks, threats, requirements, etc. change on an ongoing basis. A once-a-year general training program is not enough...

Comments  (0)


Upcoming Events at the Internet Security Alliance

January 04, 2011 Added by:Headlines

ISA is a unique multi-sector trade association which provides thought leadership and strong public policy advocacy. ISA’s mission is to integrate advanced technology with the realistic business needs of its members and enlightened public policy to create a sustained system of cyber security...

Comments  (0)


America's “There is No Security Anymore” Policy

December 28, 2010 Added by:Dan Dieterle

This is a change in policy from trying to keep people out, to monitoring and limiting the damage done when they do get in. And get in they have, numerous reports of large corporations, government, and military breaches have made headline news over the years...

Comments  (0)


Less Privacy, Better Security

December 18, 2010 Added by:Rahul Neel Mani

Information is the lifeblood of not just corporations but organized crime and terrorism, says Steve Durbin of the Information Security Forum. Durbin says we may have to give up some individual privacy in return for security...

Comments  (0)


Vivek Kundra's 25 Point IT Management Reform Program

December 15, 2010 Added by:Kevin L. Jackson

The shift to “light technologies,” that is, cloud services, which can be deployed rapidly, and shared solutions will result in substantial cost savings, allowing agencies to optimize spending, and allowing agencies to reinvest in their most critical mission needs...

Comments  (0)

Page « < 5 - 6 - 7 - 8 - 9 > »