Blog Posts Tagged with "Enterprise Security"
October 09, 2012 Added by:Tripwire Inc
In the corporate world, we talk a lot about corporate goals & objectives. In the US Government, you hear a lot about “The Mission,” which is the unifying goal that ties an agency (or multiple agencies) together in a shared sense of purpose. I’m a big believer in connecting our actions as information security professionals to The Mission...
October 08, 2012 Added by:Stephen Marchewitz
For those of you that have taken steps to build a security risk management program, sooner or later you will come to the point where you have to start quantifying risk in some meaningful way. So here are ten qualities to assess your choices against...
October 08, 2012 Added by:Thomas Fox
Even in this age of documenting, checking, measuring, stress testing and reassessing every conceivable type of risk, what is the one which is never tested? She believes that the answer is “the chief executive gets so high on power that he or she losses the plot...”
October 07, 2012 Added by:Bill Gerneglia
The report found that the majority of employee’s phones and smart devices did not have any form of security software loaded nor were company materials protected. The new report provides detailed assessments of the mobile security threat and the growing market for security solutions...
October 04, 2012 Added by:Brent Huston
Once we’ve embraced the fact that we need better detection and response mechanisms, we start to see how honeypots can help us but also how creating better awareness within our users can be the greatest investment an organization might make in detection...
October 03, 2012 Added by:Ben Rothke
Social media makes it easy for organizations to find and retain customers and increase sales, amongst many other benefits. At the same time, it can expose an organization to significant and highly-expensive legal risks and issues, and find themselves at the receiving end of a subpoena...
October 01, 2012 Added by:Tripwire Inc
As security is becoming more important in the overall risk posture of organizations, boards are becoming more interested hearing directly from security executives which requires a different level of communication that CISO/CSOs may not be used to presenting...
September 30, 2012 Added by:Thomas Fox
The backbone of the revision process is how your company captures, collaborates and preserves “all of the comments, notes, edits and decisions during the entire project," and you should assess “the best application to launch your Code and whether it includes a certification process..."
September 26, 2012 Added by:Will Tarkington
The method I used for this particular tactic was to monitor the conversational rhythm. Then inject into it and take it over allowing me to guide the conversation. The skill set that allows you to walk into a conversation and take it over can’t be understated...
September 26, 2012 Added by:Brent Huston
One of the most difficult tasks for an organization is conveying the importance of discretion for employees who use social media. Not only are organizations at risk from having their networks attacked, but they must protect their reputation and proprietary ideas...
September 26, 2012 Added by:Ben Kepes
The decision was made during the consultation process that universal design and accessibility issues should be outside the scope of the document. That was a necessary decision as the drive was to come up with a readily consumable document that vendors could easily comply with...
September 26, 2012 Added by:Thomas Fox
Compliance violation perpetrators will often grow the fraud in magnitude, sometimes increasing the number of participants. They will rarely cease on their own accord. This fits into Sir John’s analysis of the everyman of battle: What they did and how they did it...
September 20, 2012 Added by:Tripwire Inc
We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?
September 19, 2012 Added by:Stephen Marchewitz
Every time I read something regarding the core terminology in security and risk management, I start to question whether they really know what they’re talking about. Even worse, some speak with so many words and such arrogance, I start question whether I know what I’m talking about...
September 19, 2012 Added by:David Navetta
The BYOD movement, barring a black swan event, is likely to continue to gather steam – though not without detractors. And as the Toolkit notes, BYOD remains a nascent movement with real concerns and numerous issues to be worked through, along with the establishment of new practices...
September 17, 2012 Added by:Tripwire Inc
How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013