SEARCH RESULTS
 
Showing 1-10 of 37 records
 
Expand article

Security Consultant Hacks: Size Matters

2007-12-20 05:16:07 by Bill in Grumpy Security Guy
 
...consultants and how best to employ them Security consulting operations come in the standard small, medium and large sizes. Small shops are less than 30 consultants, medium 31-200, large 201 Small shops: Sometimes known as boutique firms or lifestyle firms (since the people that run them take jobs when they want and only when they want) can be...
 
Tags: security consultant, security consultant hacks, security, web application security, security consultants, consultants, grumpy security guy, medium shops, employ
 
 
 
 
Expand article

Skipton Financial Services personal customer data on stolen laptop

The Article has images
2008-01-04 22:21:58 by Evan Francen in The Breach Blog
...consultants, and contractors to the same security standards as those used within the organization. Customers (data owners) gave Skipton the information and Skipton is responsible for it until it is destroyed. No passing the buck allowed Skipton Financial Services told their customers about the missing data after advice from the Information...
 
Tags: skipton, information includes names, information, information security practices, skipton financial services, financial giant skipton, store confidential information, skipton spokesman, security
 
 
 
 
Expand article

Stolen laptop contained Centocor speaker-consultant information

The Article has images
2008-01-29 11:08:47 by Evan Francen in The Breach Blog
...consultants engaged by Centocor for the National Faculty and Rounds on the Road speakers programs. Centocor was notified by their IT vendor of the missing computers in early October, 2007, and was provided additional details on November 29th, 2007 Reference URL New Hampshire Attorney General breach notification Report Credit The New...
 
Tags: centocor, information, evan centocor, evan, time centocor, centocor facilities, facilities, centocor laptops, laptops
 
 
 
 
Expand article

Your ID is worth $2

2008-04-10 16:44:52 by Bill in Grumpy Security Guy
 
...Consultants This is part one of a continuing series about how to use information security consultants effectivel These are the crazy people in your security neighborhood - Part 2 Private Pyle When you have been around the IT/Security space as long as I have you run into to a lot of whacky pe Post from: Grumpy Security Guy Your ID is worth $2
 
Tags: worth, web site-specific vulnerabilities, vulnerabilities, market, market appears, grumpy security guy, hit home, fixed quickly, specific sites
 
 
 
 
Expand article

Evolution of IT Security to Risk; driving IT GRC acceptance?

2008-04-24 21:32:00 by Ryan Shopp in practical risk management
 
...Consultants to the IT organization would be this blog from Trent Henry over at Burton Group . Once these "Risk Consultants" are created, GRC provides the collaborative platform to conduct their more strategic initiatives mentioned; policy, risk & compliance monitoring, assessment program development, etc
 
Tags: risk, chief risk officer, grc, security, strategic risk centric, risk officer, internal risk consultants, operational security tasks, grc solutions
 
 
 
 
Expand article

5,000 Health Net employees affected by stolen laptop

The Article has images
2008-01-05 19:04:59 by Evan Francen in The Breach Blog
...consultants, etc. MUST be included in the organizational information security program I respect a CEO who speaks about information security matters, it shows that they recognize that the "buck stops" with them I am taking bets on how many mobile devices containing personal will be lost this year that were not encrypted. This is #5 on The...
 
Tags: employees, health net employees, health net, company vendor, vendor, health net vendor, information, personal information, laptop
 
 
 
 
Expand article

MUST-DO Logging for PCI?

2008-02-11 10:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...consultants tell you what you SHOULD be logging. There is no easy "MUST-log-this" list; it is pretty much up to individual auditor, consultant, vendor, engineer, etc to interpret (again, not simply 'read', but interpret!) the PCI DSS guidance (e.g. Requirement 10 that is dedicated to logging) in your own environment Our field engineers do...
 
Tags: pci, pci dss rules, pci dss compliance, pci dss guidance, compliance, log, must-log-this, pci book, log management
 
 
 
 
Expand article

Recession brings a downturn in security spending and jobs

2008-02-13 10:58:30 by Khalid Kark in Security & Risk Management
 
...consultants and contractors, and squeezing the most out of every buck that is spent for information security. This would also mean longer sales cycles for security vendors, cost taking precedence over functionality. From a CISO perspective, it means more justification for security budgets, begging other parts of the business to fund security...
 
Tags: security, information security, information security professionals, businesses, security businesses, fund security projects, real security folk, information security industry, security budgets
 
 
 
 
Expand article

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security
 
...consultants (stop looking around the room again!) know, attackers dont target only computers. They target people, often by concealing malicious software inside tempting packages delivered by e-mail or Web sites. We call this the dancing pig phenomenonno amount of self-control can stop someone from clicking on links or running attachments when...
 
Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site
 
 
 
 
Expand article

Problems With The Airport's Computer Security

2008-02-18 23:40:05 by Editor in Digg / Security