Items Tagged with "Best Practices"


C787d4daae33f0e155e00c614f07b0ee

Security's Fundamental Truth and Problem

April 03, 2012 Added by:Robb Reck

It’s very nature makes security difficult for people to readily accept. Security really is hard. It is inconvenient. It takes a 10 minute process and turns it into 11, 15, 30 or 60 minutes. Why wouldn’t our people give pause when security comes with these kinds of burdens?

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Innovation and Compliance

March 26, 2012 Added by:Thomas Fox

Can compliance be innovative? Or can innovation inform your compliance program? Innovation in the compliance arena is key. As compliance programs mature and as companies mature in their approach to compliance, innovation will continue to lead best practices...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Fifteen Unsafe Security Practices that Lead to Data Breaches

March 21, 2012 Added by:Kelly Colgan

Database security is an essential element of overall security maturity at enterprise level. Underestimating its value and not dedicating sufficient attention to developing a comprehensive data security plan can, in many instances, lead to data compromise...

Comments  (1)

Ae27d21943468124221937d59167fff8

Location, Location, Location: It Works in Risk Management

March 21, 2012 Added by:Edwin Covert

With the increase in cybercrime costs, organizations need to be able to ensure they are maximizing their return on risk management investment. An effective way of doing this is making sure the information security or risk management team is properly aligned within their organization...

Comments  (0)

5029f8f9d65d988cb378fc0290f86cc4

Compliance: Moving Off Dead Center

March 19, 2012 Added by:Mary Shaddock Jones

The cost of implementing a compliance program will vary, however, it isn’t expensive enough to find yourself in front of the DOJ explaining why you spend money on air travel or paper clips than you do on a compliance program. Trust me, you don’t want to be in that position...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Security Depends on IT Maturity

March 18, 2012 Added by:Robb Reck

Signs of an organization’s security fitness in metrics like patch levels, web application vulnerabilities, and firewall configurations. But in order to see the real state of our security programs, we need to include measures that capture the state of IT governance overall...

Comments  (3)

0a8cae998f9c51e3b3c0ccbaddf521aa

Three Key Take-Aways from Black Hat Europe 2012

March 18, 2012 Added by:Rafal Los

Every year we see tons of new development frameworks from IP telephony to something else the business wants - mobility, cloud, consumerization - that information security professionals only start to address and understand just as they're starting to go out of style...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Enterprise Security's Achilles Heel

March 16, 2012 Added by:Rafal Los

Have you ever wondered why enterprise security people are so downtrodden? Baffled by the impossible arrogance of penetration testers when they laugh at corporate security postures? The bottom line: people have always been and will always be the Achilles heel...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

NIST Guidance on Wireless Local Area Network Security

March 14, 2012

NIST has released a guide for enhanced security for wireless local area networks (WLAN) which provides recommendations on standardizing WLAN security configurations including configuration design, implementation, evaluation and maintenance and monitoring tools...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Assumptions: A Common but Dangerous Programming Practice

March 13, 2012 Added by:Fergal Glynn

Whatever the intended use of your input may be, even if you employ best practices to prevent data tampering, verifying individual pieces of data both at the reading and writing stage is a good defense in depth measure that can be taken with minimal effort...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

INSA Report: Cloud Computing for the Intelligence Community

March 13, 2012

The INSA white paper provides critical analysis of current cloud computing adoption best practices, and discusses potential cost savings, likely impacts on government organizational culture, potential deployment models and necessary security measures...

Comments  (0)

6462807771e81d9c33eb99307f5f3e77

On Effective Risk Handling

March 08, 2012 Added by:Michele Westergaard

An effective risk management process allows for decision making by management with the best likelihood of achieving the desired results. It is not meant to create a brick wall for management to operate within, but more of recommended parameter within which to operate...

Comments  (0)

39728eff8ac87a48cfb050f0df29ceaa

A Situational Problem Requires a Situational Solution

March 07, 2012 Added by:John Linkous

There is no one type of cyber or insider attack, each is deliberately designed by the perpetrator to use an infrastructure against its owner and to enable the attacker to get as quickly as possible to the intended target and get out again undetected...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Building an AppSec Training Program for Development Teams

March 07, 2012 Added by:Fergal Glynn

A holistic application security approach that includes integrating developer training with static analysis and advanced remediation techniques will help reduce overall risk across your enterprise application portfolio and will strengthen your security program...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Twelve Security Best Practices for USB Drives

March 06, 2012 Added by:Kelly Colgan

Portable and mobile storage devices are significant players in most corporate offices. Ensuring proper protection with a best practices policy and strict enforcement offers significant risk reduction—and can prevent long nights on data breach investigations...

Comments  (1)

59d9b46aa00c70238bb89056cfeb96c0

Improving Compliance Performance in Your Supply Chain

March 05, 2012 Added by:Thomas Fox

One of the areas moving towards being incorporated into compliance programs is the supply chain. While many companies have focused significant compliance efforts towards the sales chain, the supply chain is now viewed as an area which requires compliance scrutiny...

Comments  (0)

Page « < 4 - 5 - 6 - 7 - 8 > »