SecurityRatty: tag: consistent

Comparing Cybersecurity to Early 1800s Security on the High Seas

2008-04-16 14:27:30 by schneier in Schneier on Security

...consistent and reactionary. The private sector has often been left to fend for itself, and sporadic policy statements have left U.S. government organizations, private enterprises and allies uncertain of which tack the nation will take to secure the cyber frontier This should be a surprise to no one What to do? With that goal in mind, let us...

Making Risk Measures Agree with Accounting 100%

2006-12-26 05:27:00 by Jomni in Risk Management Quant

...consistent with accounting results to the last cent. I guess this is the ideal state that everyone wants to achieve but is this really necessary Though related, I believe that risk measurement and accounting are serving different purposes. Risk measurement need not be exact because of the uncertainty of risk. Because of the future-centric...

Tags: risk, risk software, software, risk measurement, values, exact market values, exact, exact cent, cent

Stolen Wendy's laptop affects 1,092 employees

2008-01-03 14:08:27 by Evan Francen in The Breach Blog

...consistent with Wendy's data security policies and exceptions Evan] This is the one statement that is the most troubling to me. The letter was written by the Wendy's Chief Information Officer (CIO) and you would think that a person in this position would know without too much investigation. Information security policies must be clear and...

Tags: sensitive personal information, personal information, information, information security, confidential information, information security policies, wendy, breach description, breach

Article: Analytics Brief: Securing The New Data Center

2008-01-07 05:28:32 by Editor in Security Links

...consistent deployment with relatively little expertise required from the installer. Applications for virtual appliances range from grid computing to SaaS to security Though a virtual appliance can be created for any virtualization environment, VMware is ahead of the field and has created a marketplace along with a try-before-you-buy Web site....

Tags: virtual environment, environment, virtual appliances range, virtual appliances, security, tools, security tools, develop security, security holes

July 2007 - Operating System Vulnerability Scorecard

2007-08-16 22:47:26 by jrjones in Jeff Jones Security Blog

...consistent over time, at least in 2007 The other thing I find a bit interesting is the Server charts that incorporate the reduced set of Linux packages. For those Linux server builds, I eliminated everything GUI, X11, Gnome, KDE-related, firefox and all optional client-type application components and just kept a minimalist server with the...

Tags: server, linux server builds, server charts, charts, ytd charts, non-linux products, linux products, linux products comments, common server roles

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle

...consistent products and messages to our customers. We also need to encourage customization and specificity, so that the process is as prescriptive as we can make it. Doing so allows you to make it more prescriptive, appropriate and evocative for your users

Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats

Making Threat Modeling Work Better

2007-10-17 00:23:53 by sdl in The Security Development Lifecycle

...consistent errors that we see Where Trust Boundaries Show Up We used to give people clear guidance that trust boundaries should only intersect with data flows. After all, you cant really have a process thats half-running as admin, and half as a normal user. Logically, you have two entities. And people kept drawing trust boundaries across...

Tags: threat, process, process helps ensure, developers threat model, database design process, security, trust boundaries, threat model, security experts

Antivirus companies aim to set standards for testing

2008-02-04 00:00:00 by HASH0x8b3c538 in Network World on Security

Antivirus software companies and software testers created a new organization Monday with the goal of providing consistent information about the effectiveness of antivirus products

Tags: antivirus software companies, software testers, antivirus products, consistent information, organization monday, goal, effectiveness

What can CISOs learn from the Societe Generale debacle

2008-02-19 09:17:17 by Khalid Kark in Security & Risk Management

...Consistent monitoring triggers may be a bellwether of a bigger issue. Societe Generale had challenged Kerviel several times about risky operations, and each time he produced fictitious documents to justify himself. Eurex, a derivatives exchange, alerted Societe Generale in November 2007 about the positions taken by Jerome Kerviel. Not heeding...

Tags: security, formal security strategy, societe generale, security technology, external security challenges, implement security, access, security products, access users

Been there, done that and have the T-shirt and scars to prove it

2008-02-07 16:10:41 by HASH0x8bbda74 in StillSecure, After All These Years

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo