Blog Posts Tagged with "Policy"

3e35900ae6facc6c146a85c435c71d82

Security Strategy: From Requirements to Reality

December 13, 2010 Added by:Ben Rothke

Without a deeply embedded structured approach to security systems design, Anderson argued that we find ourselves in the situation we are in today, with applications and operating systems full of bugs, vulnerabilities and other serious security flaws...

Comments  (0)

37d5f81e2277051bc17116221040d51c

IRS Remains Fully Reliant on Social Security Numbers

December 05, 2010 Added by:Robert Siciliano

At present, the IRS, along with many other government agencies and corporations, relies on Social Security numbers and will do so for years to come. This continued reliance will inevitably result in additional data breaches and therefore, more stolen identities...

Comments  (0)

959779642e6e758563e80b5d83150a9f

What is Security?

November 19, 2010 Added by:Danny Lieberman

It’s clear that a driver with a lighter foot will get better mileage, and perhaps spending less money on security technology and more on security professionals will get you better return on your investment. Challenge your assumptions about what is effective security in your organization...

Comments  (9)

1f2f664e68a603b3c54890fbbcd37857

Security Awareness in a Connected World

November 16, 2010 Added by:Mark Gardner

In a new more open internet age, where privacy is somewhat discarded, the threat to the enterprise is increased, because of the blurring between home and work. It is only by shouting above the noise to get the security message across, can the enterprise be protected...

Comments  (0)

16443e0c6f6e4a400fd0164b3c406170

Are You a Demanding User?

November 12, 2010 Added by:Christopher Burgess

When we raise our heads and look into our infrastructure, at times we are thwarted due to the lack of similar technology being availed or an information technology implementation policy standing between us and the new capability. The reality is, we aren't alone...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Social Media, Infosec and the War on Drugs

November 08, 2010 Added by:Javvad Malik

More and more companies are finding their employee’s are addicted to the latest drug. A drug that is freely available and most addicts need to take several times a day. It’s the drug of social media.But what does this have to do with information security? Perhaps a bit more than you thought...

Comments  (0)

509ea0c1f4a210534eb004d35c10aa2d

Internet Security Alliance and Shaping Cyber Policy

November 08, 2010 Added by:Marjorie Morgan

Melissa Hathaway will be discussing ongoing efforts to develop and promote concrete solutions for mitigating cyber risk. She led President Obama’s 60-day cyber space policy review. ISA and ANSI published The Financial management of Cyber Risk in direct response to Obama’s 60 day review...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Five Ways to Create High Quality Security Policies

November 03, 2010 Added by:Robb Reck

Security policies are the foundation of an enterprise information security program. Without a solid foundation in place you simply cannot build a sturdy long-lasting structure; be it a building or a security program. Here are five things that can help you ensure your foundation is strong...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Zero Trust Security – The Technical Discussion

November 02, 2010 Added by:PCI Guru

It takes strong leadership to keep security off of the back burner. Without that leadership, security will fall into a rut and an incident will occur. So while I think Zero Trust is probably the approach we should all work towards, it will take a lot of effort to make it a reality...

Comments  (1)

F8f122d50eba11c3af5607575b277bc6

Pen Testing for Low Hanging Fruit - Part 6 of 7

November 02, 2010 Added by:Bryan Miller

Policies and procedures are often the IT stepchild and receive the least amount of effort. Nobody likes to write them and few people read them. But they are critical to the success of any information security and privacy plan and should drive the configuration of all security devices...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Zero Trust Security – The Cultural Discussion

October 28, 2010 Added by:PCI Guru

For what this approach requires is that you tell your employees that they cannot be trusted. If that does not scare the daylights out of you, it will sure scare it out of your human resources executives and probably a few, if not all, of the rest of your senior managers...

Comments  (2)

99edc1997453f90eb5ac1430fd9a7c61

On Security and Motivation

October 04, 2010 Added by:Javvad Malik

There probably aren’t many companies who practice good security just for the sake of security. Security is driven by other objectives such as trying to impress another company so as to win business, because the regulators told them they had to, or because a rival company had just been breached...

Comments  (1)

4085079c6fe0be2fd371ddbac0c3e7db

Are You Using Deprecated Security Guidelines?

September 29, 2010 Added by:Jamie Adams

Whether you adhere strictly to a particular set of industry standards or define your own security policies based on industry standards, you must be able to assess your server OSs on a regular basis and provide proof that they meet security requirements...

Comments  (1)

0d27688c61c5a172e8e45956cd70cba2

A Delicate Balance: DLP and Privacy

September 07, 2010 Added by:Michael Cohen

When applying DLP to an organization’s email server, IT managers need to maintain a delicate balance between their company’s security interests and user’s privacy, which is possible through a coherent policy aligned with the management of sensitive data in all facets of the organization...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Divine Security Policy

June 12, 2010 Added by:Javvad Malik

So companies spend countless hours writing their security policies and this isn't an easy task. Each policy has to be drafted, proof read, re-drafted, re-proof read and then published. It's at this point that the real fun begins where users have to be educated in the ways of the new policy. Gap analysis have to be conducted and new baselines set.

Comments  (0)

39b6d5c1d3c6db11155b975f1b08059f

Anti-Social Networking Sites: Part 2

October 09, 2009 Added by:Ron Lepofsky

Since the last blog there has been a steady stream of news about more security threats originating at web sites, particularly from social networking sites.  Profit motive appears to be the primary intent of the threats.  The methodology is committing identity theft for profit.   Below are a sample of four  web based news articles to which I refer:

Comments  (0)

Page « < 5 - 6 - 7 - 8 - 9 > »