Blog Posts Tagged with "Best Practices"
Tribute to Stan The Man and 11 Rules for Compliance Success
January 21, 2013 Added by:Thomas Fox
These insights could help you improve your compliance program. And while it doesn’t have quite the same rhyming scheme as Paul Simon’s Mrs. Robinson, here’s to you Stan ‘The Man’ Musial. I hope that you enjoy an inning or two at the great game in the hereafter...
Comments (0)
2013 - Year of the D(efense)
December 26, 2012 Added by:Matthew McWhirt
Many of the security incidents encompassing 2012 could have been mitigated, and some even fully prevented, if fundamental information security best practices had been reviewed and assessed, and controls encompassing incident response phases had been fully vetted...
Comments (0)
Risky Business
December 03, 2012 Added by:Randall Frietzsche
In the broad spectrum of activities which might be called Information Security, we must always first and foremost implement, execute and follow through with risk management. Risk management is the backbone or foundation of any good information security program...
Comments (0)
Third Party Application Analysis: Best Practices and Lessons Learned
November 02, 2012 Added by:Fergal Glynn
Communication and execution are crucial to successful third party analyses. A huge contributing factor for these best practices is project management. Project management activities such as status meetings, enterprise follow-ups, and open discussions will facilitate the analysis process...
Comments (0)
Four Best Practices for BYOD Policies
October 16, 2012 Added by:Robert Siciliano
Bringing your own device is not a right but a privilege. If your employer doesn’t allow it there is generally a good reason. Data breaches cost thousands and in some cases millions. So if you are lucky enough to be privileged, protect that mobile device with the guidance of the IT department...
Comments (0)
Ten Musts for a Good Security Risk Equation
October 08, 2012 Added by:Stephen Marchewitz
For those of you that have taken steps to build a security risk management program, sooner or later you will come to the point where you have to start quantifying risk in some meaningful way. So here are ten qualities to assess your choices against...
Comments (0)
The Face of Battle: Sir John Keegan and the Individual in Compliance
September 26, 2012 Added by:Thomas Fox
Compliance violation perpetrators will often grow the fraud in magnitude, sometimes increasing the number of participants. They will rarely cease on their own accord. This fits into Sir John’s analysis of the everyman of battle: What they did and how they did it...
Comments (0)
An Open Letter to Senator Rockefeller
September 20, 2012 Added by:Richard Stiennon
Like in many matters involving science and technology, scientists and technologists should be brought into future deliberations on cyber legislation. The technologists that make the Internet operate and the security experts that battle to defend it need to be brought to the table...
Comments (0)
Security and the Enterprise: Connect What?
September 20, 2012 Added by:Tripwire Inc
We’re going to use the phrase “Connecting security to the business” with almost annoying frequency because it can change the way the business views security, and vice versa. This begs a primer of sorts: What do we mean by all this “connecting security to the business” talk?
Comments (0)
Seven Tips to Improve Patch Management
September 12, 2012 Added by:Dan Dieterle
The amount of time many companies spend on patching, the problems they have deploying patches, the perception that patching causes problems, and a general lack of understanding about what it takes to patch, all combine to make patching such a major issue...
Comments (0)
Will the Rise of Tablets Affect Security Measures in the Workplace?
September 11, 2012 Added by:Robert Siciliano
While your company’s IT guy has a relative hold on the work laptops and desktops, and even some of the mobiles, he is quickly losing control when you bring your new Droid and connect it to the corporate network. Now he has to worry if that last app you downloaded will infect the network...
Comments (0)
Internally Funding Your Compliance Program
September 11, 2012 Added by:Thomas Fox
Big banks are not doing too well these days in the compliance arena. From money-laundering operations for drug cartels to trading losses, big banks seem to be more in the news these days for compliance failures rather than successes...
Comments (0)
The Right Way to Handle Shrinking Budgets
September 09, 2012 Added by:Robb Reck
We add new security tools by seldom get rid of the old ones. So, it’s no surprise that when our companies require us to reduce our budgets we don’t really know how to do it. In the face of these tightening budgets we need to adapt and survive. This leaves us with three options...
Comments (0)
Error Logs and Apollo 11: One Giant Step For Risk Management
September 09, 2012 Added by:Tripwire Inc
Although Neil Armstrong is the hero of the Apollo 11 story, the planning, management, complexity and technology for the mission is often overlooked. Iit were not for testing and assessing risks associated with the systems the lunar landing would not have been a success...
Comments (0)
DMTF's Cloud Infrastructure Standard
September 07, 2012 Added by:Ben Kepes
CIMI is arguably more complex than a simple standard – it reflects that people want to rubber stamp a standard, but also want to deliver proprietary functionality as a point of differentiation from the competition. CIMI is a positive initiative, but the proof is in the pudding...
Comments (0)
Finishing the Security Automation Job
September 06, 2012 Added by:Tripwire Inc
SACM needs to grow upward and outward from where the SCAP efforts have gotten – move from controls into control frameworks and support the policies, processes, and procedures derived from Operational Risk Management. We’ve got a lot of work ahead. It’s all worth it...
Comments (3)
- Over-Sharing Riskier than Government Snooping
- 20 Critical Security Controls: Control 13 – Boundary Defense
- Redefining Social Networking
- Creating Your Own Privacy & ROI
- Security Intelligence for the Enterprise - Part 1
- Why are Cybercrimes NOT Always White-collar Crimes?
- From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget
- Balancing Act Between Privacy and Security
- The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers
- NSA Surveillance Is Legal And Not Targeting Average Americans, Says Texas A&M Professor