SEARCH RESULTS
 
Showing 1-10 of 16 records
 
Expand article

Protect your data: everything else is just plumbing

The Article has images
2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security
...constitutes a large part of your business, and your data that is most attractive to attackers Why, then, is there still so much emphasis on protecting all the plumbing that moves the data around, but little interest in protecting the data itself? My guess: old habits die hard. For most of the history of information security, emphasis on...
 
Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes
 
 
 
 
Expand article

What Constitutes A $7B Control Failure?

2008-01-25 16:01:33 by Chris McClean in Security & Risk Management
 
The media yesterday ( Wall Street Journal , Associated Press , Economist , etc.) were all over 31-year-old Jérôme Kerviel, the trader at Frances Société Générale who has apparently confessed to fraudulent trades resulting in an estimated loss of roughly $7.2 billion In further coverage , we hear that the bank has apologized to share...
 
Tags: wall street journal, control failure, risk, 31-year-old jrme kerviel, companys risk management, story, kerviel, story reminds, coverage
 
 
 
 
Expand article

New Privacy Policy Wrinkles: Online Behavioral Advertising; and Potential new EU Data Protection Policy

2008-01-31 11:24:31 by Geoffrey Turner in Security & Risk Management
 
...constitutes sensitive data and whether the use of sensitive data should be prohibited, rather than subject to consumer choice The staff is seeking additional information about whether tracking data is being used for purposes other than behavioral advertising and whether such secondary uses, if they occur, merit some form of heightened...
 
Tags: consumer, consumer protection, privacy policy, consumer choice, consumer data, constitutes sensitive data, sensitive data, protection, ftc staff
 
 
 
 
Expand article

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security
 
...constitutes a good password; personally, Im a fan of length rather than complexity. A simple 15-character passphrase (think short sentence) is easy to remember, quick to type, and far stronger than any short complex password. A passphrase like this will withstand any kind of automated password attack, including those based on rainbow tables....
 
Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site
 
 
 
 
Expand article

Reducing MP3 copyright risks

2008-02-13 00:00:00 by HASH0x8b3cce8 in Network World on Security
 
MP3 music files likely take up a nontrivial amount of a corporations shared file-server resources. This not only constitutes misuse of corporate resources but also, at its worst, could expose the company to copyright-infringement violations for inadvertent housing of illegally obtained MP3 files
 
Tags: resources, file-server resources, mp3 music files, constitutes misuse, mp3 files, nontrivial amount, corporations, worst, expose
 
 
 
 
Expand article

Oh No! Security Metrics!

2008-04-18 12:43:00 by sdl in The Security Development Lifecycle
 
...constitutes a "real, objective metric" is often based on individual preference, I think both the efficacy of SDL and the industry as a whole would benefit from this discussion Interestingly, Mr. Lindstrom has at times pointed to vulnerability counts as an interesting (but not perfect) metric One final comment: If the Microsoft product...
 
Tags: bugs, implementation bugs, fewer security bugs, fewer, security bugs include, security, metrics, security metrics, security bugs
 
 
 
 
Expand article

Appropriate funding

2008-05-13 12:24:49 by JonesJ in RiskAnalys.is
 
...constitutes appropriate funding. Its naive (or arrogant) to believe that I as an information security professional am in a position to understand the incredible mix of business issues that determine the right risk-balance for an organization. Running a business requires weighing the various risk-domains management faces (investment,...
 
Tags: risk, risk information, risk tolerance, risk-domains management, management, business considerations management, business, business objectives, business issues
 
 
 
 
Expand article

"many of Colt's clients" affected by breach, CNET included

The Article has images
2008-06-25 11:25:20 by Evan Francen in The Breach Blog
...constitutes a compromise Colt has also informed us that they reported the break-in to Walnut Creek police and to REACT High Tech Crimes Task Force in Silicon Valley when they discovered the burglary and that there is an ongoing criminal investigation report number 08-12367 In speaking directly with the Walnut Creek Police on June 12, 2008,...
 
Tags: information, personal information, information security, confidential information, protect information, breach, sensitive information, information security requirements, colt
 
 
 
 
Expand article

The Governments Top Hackers?

2008-07-01 18:40:47 by Chris Eng in Zero in a bit
 
...constitutes penetrating the target. Others would disagree How about personnel? I thought this was an englightening and accurate statement from the unnamed NSA source And like any good geek at a desk talking to a guy with a really cool job, I wondered just where the NSA finds the members of its superhacker squad. The bulk is military...
 
Tags: team, nsa red team, red team, team sound, red team operations, nsa, red, red teams charter, enterprise security team
 
 
 
 
Expand article

Seven steps to managing IT Risk

2008-07-21 21:34:00 by Ryan Shopp in practical risk management
 
...constitutes a risk event or "near miss" so that incidents can be mapped to specific risks Determine the threat level, and focus on those risks with the highest impact on performance Establish levels of controls for processes commensurate with the perceived threat Record and retain risk incident and near-miss information Conduct periodic risk...