SEARCH RESULTS
 
Showing 1-10 of 12 records
 
Expand article

So much to read, so little time - Top Information Security Risks for 2008

2008-01-16 13:32:00 by Ryan Shopp in practical risk management
 
...excessive or otherwise inadequate controls and practices selection, implementation, performance measurement, monitoring and/or auditing." Wow, that's a mouthful! But this is exactly what IT GRC is all about. Through using these software platforms you can evolve from poor, ad-hoc attempts at mitigating this risk while ensuring your enterprise...
 
Tags: controls, highlights non-technical controls, risks, section, controls section, quality controls, document, primary summary document, risk
 
 
 
 
Expand article

Corporate Spying

2008-01-16 12:21:41 by schneier in Schneier on Security
 
...excessive personal grooming, such as nervously picking lint off a jacket. This method was developed by former lie-detector experts from the C.I.A.'s Office of Security, which administers polygraph tests to keep agents honest and verify the stories of would-be defectors Most of the ex-agents' activities, from surveillance to lie detection,...
 
Tags: agents, intelligence agents, wal-mart, off-duty police officers, officers, wal-mart employee fired, cell-phone calls, phone calls, obtain
 
 
 
 
Expand article

Bruce Schneier's Security Matters: The Myth of the 'Transparent Society'

2008-03-06 02:00:00 by Bruce Schneier in Wired Security
 
Can you neutralize the harm caused by excessive government surveillance just by watching the watchers? No, actually
 
Tags: excessive government surveillance, watchers, harm
 
 
 
 
Expand article

UBS Explains Risk Management Gone Wrong

2008-04-23 16:49:32 by Chris McClean in Security & Risk Management
 
...excessive risk taking are among the high level issues addressed. Also in the report, however, are scores of more detailed explanations of control failures in more than 20 different categories. Specific problems on the list include Gaps in risk management expertise Failure to respond to wider industry concerns Lack of comprehensive Subprime...
 
Tags: risk management, risk management expertise, control failures, failures, report, wider industry concerns, cost justification support, list include, wall street journal
 
 
 
 
Expand article

Report: Government's Cyber-Security Plan Is Riddled With New Spying Programs

2008-05-15 19:30:00 by Threat Level in Wired Security
 
Major parts of the government's proposed $17 billion computer-security plan are actually spying programs, according to a Senate committee's budget report. The committee also faulted the plan for excessive secrecy around privacy and civil liberties issues and for funding experimental and possibly illegal technologies
 
Tags: plan, possibly illegal technologies, civil liberties issues, government, committee, excessive secrecy, budget report, programs, billion
 
 
 
 
Expand article

More on Airplane Seat Cameras

2008-06-04 12:05:37 by schneier in Schneier on Security
 
...excessive sweating. An innocent nose scratch won't see the F16s scrambled, but a combination of several threat indicators could trigger a red alert This pegs the stupid meter. All it will do is false alarm. No one has any idea what sorts of facial characteristics are unique to terrorists. And how in the world are they "testing" this system...
 
Tags: cameras, seat, airplane-seat camera system, system, detect, detect terrorists, people, terrorists, saves people
 
 
 
 
Expand article

US-CERT Gets New Boss

2008-06-06 02:51:45 by Dave Lewis in Liquidmatrix Security Digest
 
...excessive use of the word cyber Article Link
 
Tags: us-cert, security technologist, security, deputy director, director, homeland security, george washington university, replaces cheri mcguire, department
 
 
 
 
Expand article

Im Getting Annoyed With A Vendor

The Article has images
2008-06-11 01:45:36 by Dave Lewis in Liquidmatrix Security Digest
So, I discovered a vulnerability in a vendors software which I reported to them on January 18, 2008 to which they responded the same day All well and good Yes, its that blasted disclosure discussion again. Now, of the vendors I have dealt with up until now (save one other) the turnaround time has been phenomenal. They have been all easy to work...
 
Tags: products, vendors software, products fixed, software, fix, vendors, dev team, email, international versions
 
 
 
 
Expand article

Cost/Benefit of Terrorism Security

2008-09-12 06:32:33 by schneier in Schneier on Security
 
...excessive counter-terrorism measures is money we can't spend reducing the gap between white and indigenous health -- or, if that doesn't appeal, on buying Olympic medals
 
Tags: measures involves costs, costs, measures, cost, benefits, produce benefits, pro-active measures, entail costs, additional defensive measures
 
 
 
 
Expand article

Wakeup Call for Risk Management

2008-09-19 10:11:09 by Burton Group in Security and Risk Management Strategies Blog
 
...excessive leverage and centralization; ill-constructed risk analysis models; risk obfuscation; and a failure of caveat emptor seem to be common problems. Please take this as a wakeup call to sharpen up the risk management thinking, process, and execution