Blog Posts Tagged with "Trust"

54a9b7b662bfb0f0445d1661d7ed180b

Taming the WWW or Wild Wild West

May 13, 2012 Added by:Jayson Wylie

There is a reason the security world refers to exploitation on the Internet to activity ‘in the wild’. A comparison can be made to the lawless, tough and unforgiving world of the Wild West in American history. You can get your stuffz or scalp taken...

Comments  (0)

Ee445365f5f87ac6a6017afd9411a04a

SOC 2: The Customer Security Questionnaire Killer

May 07, 2012 Added by:Jon Long

User organizations figured out a long time ago that if they want confirmation of how secure their suppliers are, they have to find out for themselves because a sufficient third party attestation did not exist. This is also where the challenge to service auditors is...

Comments  (0)

B35ca22fce3b7eb394e8f5f0094f495f

Understanding Trust

May 06, 2012 Added by:Kevin W. Wall

In computer security, we should strive to make all trust relationships explicit and leave nothing to chance or misinterpretation. That's one key step in defining a trust model. At its core, information security is largely about the two goals of “ensuring trust” and “managing risk”...

Comments  (4)

959779642e6e758563e80b5d83150a9f

Healthcare Data: I Trust You to Keep this Private

May 03, 2012 Added by:Danny Lieberman

In this article, Danny Lieberman talks about the roles that trust, security and privacy play in online healthcare interactions. At the end of the article, he introduces the idea of private social networking for healthcare – leaving the piece open for a sequel...

Comments  (2)

01ceb9281b3fb3dbb90c3efbe327717e

Law Of First Digits and How It Might Lead To More Trust

May 03, 2012 Added by:Alan Woodward

It might be as simple as whether an image has been altered to whether large data sets should be used to make a critical business decision. Benford's law and its generalized forms can help us decide whether or not we can trust some electronic data we may be about to rely upon...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Five Conversations that will Shape Your Cloud Security Model

May 03, 2012 Added by:Rafal Los

We need to move away from the control model into a governance model and acknowledge we're not going to have control over all of our risk. Any notion that you have control is a delusion. Assuming that if you control the environment you have better security is a fallacy...

Comments  (0)

71d85bb5d111973cb65dfee3d2a7e6c9

Phishing with PDF's and Why it Works

May 02, 2012 Added by:f8lerror

During many penetration tests the need to social engineer a target may be required. Let’s talk about something that completely relies on the user being conned into following the attackers instructions. The scenario is simple send the user a PDF form and have them submit the form...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

More on Banking 2.0 - Who Ya Gonna Trust?

May 01, 2012 Added by:Ben Kepes

Banks sit on a far higher level of the trust spectrum than do companies like Google and Apple – at least in consumers minds. A study commissioned in 2010 that found that telecoms were seen as the second most trusted group, after banks, for securing personal information...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Making an Intelligent, Defensible Trust Valuation

April 23, 2012 Added by:Rafal Los

Is trust a binary decision? Can you trust something to varying levels? These are important questions for any security professional to have good answers to. Applying this logic to computing - can we ever really trust any computer environment, system, or application?

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Fear and Loathing in Infosec: A Savage Journey

April 17, 2012 Added by:Infosec Island Admin

The players mime their passion plays to obtain the almighty dollar and make their daily bread. Grimy hands slither over every inch of the client while pouring soothing words, cooing in their ear about how their solutions will cure ills and make them more virile than the next guy...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Growing Importance of Protecting Certificate Authorities

April 08, 2012 Added by:Rafal Los

We've seen a few of the largest CAs get compromised and fake certificates end up in the hands of nation-states which wanted to spy on their population. It goes without saying that there are likely more attacks that we've simply either not picked up or were unreported...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Liars and Outliers: Enabling the Trust that Society Needs to Thrive

March 20, 2012 Added by:Ben Rothke

Liars and Outliers is an absolutely fascinating and groundbreaking book. In this election year where the candidates attempt to make sweeping simplistic promises to fix complex problems, Schneier simply answers that in our complex society, there are no simple answers...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

OTA Advocates Always On SSL

March 05, 2012 Added by:Headlines

Online Trust Alliance (OTA) is calling on the security, business and interactive advertising communities to adopt Always On SSL (AOSSL), the approach of using SSL/TLS across your entire website to protect users with persistent security, from arrival to login to logout...

Comments  (0)

0f57a863af3b7e5bf59a94319a408ff7

A Structured Approach to Handling External Connections

February 27, 2012 Added by:Enno Rey

The approach to be developed is meant to work on the basis of several types of remote connections in which each determines associated security controls and other parameters. At the first glance, not overly complicated, but – as always – the devil is in the details...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Seeks Proposals to Improve Trust in Cyberspace

February 10, 2012 Added by:Headlines

The National Institute of Standards and Technology (NIST) launched a competition for pilot projects to accelerate progress toward improved systems for interoperable, trusted online credentials that go beyond simple user IDs and passwords...

Comments  (0)

B09c361cbdc6cf629affdc7db30a186d

Designing Security with Brand in Mind

February 06, 2012 Added by:Steven Fox, CISSP, QSA

Why is it important to deliver security services consistent with your brand? The fundamental archetype created by your brand must be supported by behaviors which confirm its relevance. Performance that is inconsistent will lead your customers to question your brand promise...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »