Blog Posts Tagged with "Information Security"


Black Hats, White Hats, and LIGATT Security

February 07, 2011 Added by:Sam Bowne

I remain convinced that the world of infosec is really polarized. The "white hats" help protect society, obey the law, and can be trusted; while the "black hats" lie, steal, extort, hurt people, and cannot be trusted. There are exceptions, but that model describes the most common situations...

Comments  (5)


On Being the "Department of No"

February 03, 2011 Added by:Robb Reck

Being known as the “Department of No” is problematic. Once a reputation is established that information security is where good ideas go to die, people start finding ways around it. Projects get pushed through without security being involved or without being involved early enough to make a difference...

Comments  (7)


Top Ten Security Questions for CEOs to Ask

February 03, 2011 Added by:Headlines

Translating the jargon laden techno babble of information security into a language the CxO level can understand and find actionable is one of the biggest hurdles the infosec professional faces. In an article by Gary Loveland, the top ten questions CEOs need to ask about security issues are outlined...

Comments  (0)


The First Law of Risk Management

February 03, 2011 Added by:Healthcare CSO

Failure to escalate the risk to the management level with scope, authority and ability to manage the risk inevitably leads to a crisis. Every case of security crisis that I have ever been involved with inevitably had a situation where risk was being managed at the wrong level of the organization...

Comments  (0)


Webinar: ISO 27001 Foundations Part 2

February 02, 2011 Added by:Dejan Kosutic

This highly interactive live online training is designed to enable you to walk away with important skills for executing the planning phase of ISO 27001 in your organization. It contains 3 workshops where filling in the real ISMS documents is exercised, and private time with the trainer...

Comments  (0)


Defense in Depth: Security Strategy or Security Blanket?

January 26, 2011 Added by:Robb Reck

We have all heard that a defense in depth is required for an effective security program. But in many ways defense in depth has become a security blanket for companies, rather than a strategy. The number of different technologies may give a nice sense of security, but provides negligible added value...

Comments  (6)


Putting an End to Data Breaches as We Know Them

January 26, 2011 Added by:Robert Siciliano

The talk show pundits buzz that with the release of thousands of additional secret government documents, it leads to the conclusion that there is no way to protect sensitive data. If the government can’t even prevent a Private in the Army from stealing confidential data, what hope is there?

Comments  (21)


Insider Threats: Big Enough to be Parodied on The Simpsons

January 25, 2011 Added by:Headlines

If you have been parodied on the long running prime-time animated series The Simpsons, you can rest assured that you have finally arrived. The most recent member of the coveted Simpson parody club is, believe it or not, none other than the Insider Threat...

Comments  (0)


Getting Buy-In for Information Security

January 24, 2011 Added by:Robb Reck

The goal is an organization with workers who are focused on information security across all departments. Sitting in the CISO's office coming up with great ideas for security with a few InfoSec members will never be enough. We need employees thinking of security as a crucial part of their work...

Comments  (0)


Defending Against Advanced Threats and IPv6 Attacks

January 24, 2011 Added by:Dan Dieterle

So what will Cyber Defense look like in the future? I believe the answer will be a mix of high-speed hardware with offensive capabilities, network security monitoring & analysis and a united front from the government, private sector and our allies...

Comments  (1)


More than 88 Lines About Less than 44 Weeks in Infosec

January 21, 2011 Added by:Mark Evertz

It's a never ending journey that unearths painful truths, nerve-wracking challenges to your beliefs and confidence, and it keeps it's clutches in you with the lure of fighting the good fight or making an obscene amount of money and wreaking havoc on the world if you're donning the black hat...

Comments  (0)


WikiLeaks Lessons: What Exactly is Information Security?

January 20, 2011 Added by:Dejan Kosutic

What is needed is a comprehensive approach to information security - it doesn't matter whether you use ISO 27001, COBIT or some other framework, as long as you do it systematically. And it is not a one-time effort, it is a continuous operation...

Comments  (0)


ISO 27001 Foundations Part One

January 18, 2011 Added by:Dejan Kosutic

This highly interactive live online training is designed to enable you to walk away with important skills for executing the planning phase of ISO 27001 in your organization. It contains 3 workshops where filling in the real ISMS documents is exercised, and private time with the trainer..

Comments  (0)


Bulgarian News Reports Dancho Danchev Institutionalized

January 17, 2011 Added by:Headlines

An article on Bulgarian news website "Dnevnik" reports that security researcher Dancho Danchev was placed in a mental hospital in early December. Danchev, an information security researcher and author, was reported as missing since late summer 2010, according to an article in ZDNet...

Comments  (0)


Infosec Island January 2011 Newsletter

January 14, 2011 Added by:Infosec Island Admin

Infosec Island offers unprecedented networking, educational and business development opportunities. The high quality content from our members has spurred a rapid increase in website traffic, with the Island currently averaging over 60k unique visitors and more than 100k pageviews per month...

Comments  (2)


Information Security Resolutions for 2011

January 13, 2011 Added by:Robb Reck

Security does not exist in a vacuum. We are employed for the express purpose of helping our organization meet its objectives. If we accept that as true, shouldn't we also accept that in order to do our jobs properly we need to understand the company's objective?

Comments  (2)

Page « < 30 - 31 - 32 - 33 - 34 > »