SEARCH RESULTS
 
Showing 1-10 of 20 records
 
Expand article

How to Sell Security

2008-05-26 05:57:29 by schneier in Schneier on Security
 
...equal, we tend to be risk-adverse when it comes to gains and risk-seeking when it comes to losses This cognitive bias is so powerful that it can lead to logically inconsistent results. Google the "Asian Disease Experiment" for an almost surreal example. Describing the same policy choice in different ways--either as "200 lives saved out of...
 
Tags: security, loss, risky loss, risky larger loss, gain, risky larger gain, security purchase, directly, security directly
 
 
 
 
Expand article

Excellent Schneier Article on Selling Security

The Article has images
2008-05-26 11:31:00 by Richard Bejtlich in TaoSecurity
...equal, buyers would rather take the chance that the attack won't happen than suffer the sure loss that comes from purchasing the security product Security sellers know this, even if they don't understand why, and are continually trying to frame their products in positive results. That's why you see slogans with the basic message, "We take...
 
Tags: security, security purchase, security directly, security product, product, security breach, include security, include, security sellers
 
 
 
 
Expand article

Security Between Virtual Machines?

The Article has images
2008-06-22 15:30:57 by John Peterson in Security In The Virtual World
...equal one so therefore it will return a TRUE result to the password checker and the OR says use the password typed in (password doesnt matter) OR check to see if one is equal to one. If its true then the password is valid for this user which is Admin Now that the user is on the web server, he probably has the ability to connect to the...
 
Tags: web, web page, web site sends, server, file server, database backend server, web front, vulnerable web site, database server
 
 
 
 
Expand article

EU mandates Energy Star compliance for future IT purchases

2007-07-11 08:00:00 by Editor in IT Compliance
 
EU-wide law may save power equal to that used by Hungary
 
Tags: save power equal, eu-wide law, hungary
 
 
 
 
Expand article

The High Price of Things that are Free

2007-08-01 19:26:00 by jack in adware and spyware
 
...equal. Some of the free spyware and adware protection programs mentioned above can only do one type or protection and some can do both. It is better to get a free spyware and adware protection program that can do both for better value and risk management
 
Tags: free, adware protection, adware, free items, secure free spyware, adware protection programs, free programs, spyware, spyware programs
 
 
 
 
Expand article

Lock-In

2008-02-12 06:08:15 by schneier in Schneier on Security
 
...equal security; and this sort of control-based security is very difficult to get right , and sometimes makes us more vulnerable to other threats. Perhaps this is why Microsoft is quietly killing NGSCB -- we've gotten BitLocker, and we might get some other security features down the line -- despite the huge investment hardware manufacturers...
 
Tags: lock-in, software, software development kit, custom software, software company, security, hardware, special security hardware, security mechanism
 
 
 
 
Expand article

Is Jerome Kerviel Hacking?

2008-01-28 00:17:00 by Richard Bejtlich in TaoSecurity
 
...equal and opposite sale, or short position, reaping a profit from any gaps between the values of the two transactions The SocGen trader did hedge the first position with a second, but the trades in that portfolio were fake . So the bank was unwittingly holding long futures positions without cover, leaving it exposed to the risk that prices...
 
Tags: computer, computer systems, fake, kerviel, fake trades, trades, low residual risk, risk, socit gnrale chairman
 
 
 
 
Expand article

Is IT Risk Management the Union of IT Security & IT Operations?

2007-12-18 13:32:00 by Ryan Shopp in practical risk management
 
...equal consideration is given to areas like system continuity and service delivery that support operational measures. It's the blending of business necessity with core methods for data security that ensures overall risk management snip Over the last couple years I've read and heard about the pending convergence of Security & Operations...
 
Tags: risk management, security, risk, operations, risk management initiatives, data security, operations management, security focuses, operations focuses
 
 
 
 
Expand article

Chip & PIN terminals vulnerable to simple attacks

The Article has images
2008-02-26 20:33:32 by Saar Drimer in Light Blue Touchpaper
...equal Common Criteria Certified (no PEDs are CC Certified). What APACS means by Evaluated is that an approved lab has performed the evaluation, but unlike CC Certified products, the reports are kept secret, and governmental Certification Bodies do not do quality control This process causes a race to the bottom, with PED developers able to...
 
Tags: peds, popular peds, protect cardholder data, peds processor, pin, cardholder data, data, encrypt data, governmental certification bodies
 
 
 
 
Expand article

Study: Digital universe and its impact bigger than we thought

2008-03-11 13:00:00 by Editor in Computerworld Security News
 
By 2011, there will be 1,800 exabytes of electronic data in existance or 1.8 zettabytes (an exabyte is equal to 1 billion gigabytes). In fact, the number of bits stored already exceeds the e