Items Tagged with "Security Strategies"
November 09, 2010 Added by:Jon Stout
The state of our cyber defense was summarized by Michael Chertoff when he concluded that it may take a digital 9-11 to get business, consumers and governments to fortify their cyber security defenses. In effect we are fighting an asymmetrical war and, at present, we appear to be losing...
November 09, 2010 Added by:Global Knowledge
A security breach may require you to notify people outside the company, particularly if the incident affects your compliance with PCI, GLBA, or HIPAA. If you want to pursue criminal charges or recover damages, you should contact your local law enforcement’s cybercrime unit or national law enforcement...
November 07, 2010 Added by:Richard Stiennon
New threats and new measures to counter them call for a reorganization of IT security teams. The rise of targeted attacks must be met by organizational enhancements. The roles and responsibilities described here are required to mount an effective cyber defense...
November 07, 2010 Added by:Anton Chuvakin
Mini-MetriCon 5.5 is a forum for quantifiable approaches and results to problems afflicting information security today, with a bias towards specific approaches that demonstrate the value of security metrics with respect to a security-related goal...
November 04, 2010 Added by:John McGloughlin
This is the first in a series of articles defining a computer security incident response capability (CSIRC) framework and an implementation schema for computer security incident response teams (CSIRT). If you don’t have either of these plans in your organization, you should...
October 07, 2010 Added by:Rahul Neel Mani
A new generation of CEOs — not necessarily young but innovative —have embraced CIOs as strategic business peers. Charles Cadell, CEO, Lowe Lintas India is certainly one of them. In an interview with Ashwani Mishra, Cadell shares his thoughts on the role and expectations from his CIO...
October 06, 2010 Added by:Daniel Ruggles
DARPA in June 2010 announced the Clean‐Slate Design of Resilient, Adaptive Secure Hosts - CRASH. It relies on human biology to develop super-smart, highly adaptive, supremely secure networks. CRASH program looks to translate human immune system strategies into computational terms....
February 11, 2010 Added by:K S Abhiraj
Cloud computing has become a huge ‘buzz-phrase’ in last few years, but you’d be forgiven for not knowing what the term actually means indeed. Different people interpret “cloud computing” in different ways. That’s the dilemma because computing “in the cloud” may be important for you and your organization, but if it’s not clear what it actually m...
January 27, 2010 Added by:Ken Leeser
As more and more critical applications and services move to the cloud, organizations are increasingly receptive to the idea of using a managed security service to protect their network and information assets.
From the Web
December 17, 2009 from: AEON Security Blog
Cloud Computing evangelists would have you believe that security in the cloud is relevant when reality paints a far different picture. Security managers should know that; “you can transfer risk but never responsibility.” Now add this statement to memory: “No cloud provider will give you the security you need.” Seriously.
From the Web
December 11, 2009 from: hackyourself.net
These days, security advisors talk a lot about Best Practices: establishes procedures that are generally held to yield good results. Deploy Best Practices in your organization, the advisors say, and your security will improve. That's true, as far as it goes, but often we can make more progress by working to eliminate Worst Practices.
November 11, 2009 Added by:Stephen Primost
Risk assessments for application software is not a matter of a quick penetration test nor a matter of code reviews at a single point in time. It is a process of moving through the application/solution's Software Development Life Cycle (SDLC) and evaluating the results of the controls that are put in place at each phase. Whether it is waterfall, or agile method, waiting for the end of the final del...
November 02, 2009 Added by:Stephen Primost
Vulnerability testing at the acceptance stage of an application's Software Development Life Cycle (SDLC) will not compensate for the lack of an understanding of what is being done during the software development even though you may not have control over the development efforts. You need a plan that puts those controls in place and allows that governance. Ignoring vulnerabilities will not prevent b...
October 26, 2009 Added by:Stephen Primost
With the level of security concerns about security, it is interesting that there is not more concern with a holistic focus on application security. Numerous articles are citing chilling statistics about security breaches, with the majority (some use the figure of 80%) being related to applications. It is not for lack of information as to what constitutes an “application problem”. One j...