Items Tagged with "Risk Management"


7fef78c47060974e0b8392e305f0daf0

The FBI Discusses Internet Social Networking Risks

April 05, 2012 Added by:Infosec Island Admin

Social networking sites have created a revolution in connectivity. However, con artists, criminals, and other actors are exploiting this capability for nefarious purposes. There are primarily two tactics used to exploit social networks. In practice, they are often combined...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Data Classification: Why it is Important for Information Security

April 02, 2012 Added by:Christopher Rodgers

Once you know which data needs the most protection, you can properly allocate funds and resources to defend those assets. Employing a proper data classification scheme is cost effective, as it allows a business to focus on protecting its higher risk data assets...

Comments  (0)

1b061b1cec6b5898e5326992d9461610

Shackleford: What’s RIGHT with Infosec

April 02, 2012 Added by:Dave Shackleford

We are coming to the realization that we will be breached. This is a huge, fundamental shift in mindset that’s actually healthy, not redolent of defeatism. We have too much surface area to cover, not enough people and technology, and dammit, defense is hard...

Comments  (2)

9f19bdb2d175ba86949c352b0cb85572

Manage Risk Before it Damages You - Part Two

April 01, 2012 Added by:Neira Jones

For a CISO to be successful, they need not only to be prepared to eliminate redundant services and controls (ouch!), but also to promote the elimination of redundant assets which they will invariably not own. Enter the political CISO...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Metrics, KPIs and Making Business Sense of Infosec

March 27, 2012 Added by:Rafal Los

Does a 10% increase in IT Security spending really make us 10% safer? I refuse to buy-in to the saying that security is either avoiding cost, or a cost center and nothing more. This is simply untrue in my experiences. Good security is good for business, pure and simple...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Defining Success for Information Security Through KPIs

March 26, 2012 Added by:Rafal Los

In the world of software development the business just wants to release fast and functional while the security team would prefer slower and more 'secure'. So as security struggles to positively impact risk, I found 5 key performance indicators that bridge the two positions...

Comments  (1)

3071bd3c5c013c8c3defcccad0259c16

Reaching for the Cloud: A Contemporary Infosec Perspective

March 21, 2012 Added by:Hani Banayoti

We need to entrust information security to professionals who not only know the fundamental principles and technologies, but are also able to understand and support the business's goals in order to influence and contribute positively to the ongoing infosec challenge...

Comments  (0)

Ae27d21943468124221937d59167fff8

Location, Location, Location: It Works in Risk Management

March 21, 2012 Added by:Edwin Covert

With the increase in cybercrime costs, organizations need to be able to ensure they are maximizing their return on risk management investment. An effective way of doing this is making sure the information security or risk management team is properly aligned within their organization...

Comments  (0)

5029f8f9d65d988cb378fc0290f86cc4

Compliance: Moving Off Dead Center

March 19, 2012 Added by:Mary Shaddock Jones

The cost of implementing a compliance program will vary, however, it isn’t expensive enough to find yourself in front of the DOJ explaining why you spend money on air travel or paper clips than you do on a compliance program. Trust me, you don’t want to be in that position...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Cyber Security for 2012 Olympics Focus of Business Continuity Forum

March 19, 2012 Added by:Headlines

"The market-wide exercise showed that the banking community is prepared to handle some aspects of a cyber attack, but must shore up other areas. I encourage all managers to think about whether they are have adequate, practical plans in place..."

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

ENISA: Inventory of Public Sources on Information Security

March 16, 2012 Added by:Infosec Island Admin

ENISA has launched a stock taking exercise using a questionnaire to establish an Inventory of publicly available sources on Information Security. Therefore, collection and aggregation of existing data and sources is an effective tool to raise information security...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

The Patchwork Cloud - What's the Deal with Cloud Security?

March 14, 2012 Added by:Rafal Los

Since everything I've been reading from the press, my colleagues, and analysts I know has been telling me security is ranked high in the top five concerns for cloud computing adoption - an article on ARN by Spandas Lui was like a bucket of ice water to the face...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

CyLab Report: Corporate Boards Neglecting Cyber Security

March 13, 2012 Added by:Headlines

"Less than two-thirds of the Forbes Global 2000 companies surveyed have full-time personnel in key roles responsible for privacy and security in a manner that is consistent with internationally accepted best practices and standards..."

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

INSA Report: Cloud Computing for the Intelligence Community

March 13, 2012

The INSA white paper provides critical analysis of current cloud computing adoption best practices, and discusses potential cost savings, likely impacts on government organizational culture, potential deployment models and necessary security measures...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

Understanding Cloud Security Part One

March 11, 2012 Added by:Neira Jones

The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

IS Controls: Protective, Detective and Recovery

March 09, 2012

To manage risks better, you often have to recommend or examine controls. The types of controls can be broken down into three types, Protective, Detective and Recovery...

Comments  (0)

Page « < 5 - 6 - 7 - 8 - 9 > »