SecurityRatty: tag: for-profit

Model Validation - Not Just for Quants

2006-12-26 05:10:00 by Jomni in Risk Management Quant

In an article recently published in the ERisk Monthly Newsletter , it is stated that model validation is not a purely quantitative endeavor. Below is a quote from the article Model validation is often thought of as a rather technical and mathematical exercise. However, bank losses from model risk are often caused by poor governance of the...

Tags: model validation, bank, senior bank executives, compliance, regulatory compliance reasons, purely quantitative endeavor, bank losses, poor, article recently

Security Policy Considerations for the Junk FAX Prevention Act

2007-12-27 08:56:05 by Editor in Information Security Policy Whitepapers

New FCC rules for the Junk Fax Prevention Act of 2005 have changed the way organizations must handle outbound customer communications via FAX technology. In this article we look at the main provisions of the recent ruling and suggest some audits of your information security policies that may help reduce the risk of violating the new FAX...

Tags: information security policies, fax requirements, fcc rules, main provisions, fax technology, audits, organizations, article, recent

The Return on Investment for Securing Information

2007-08-13 00:00:00 by Sean Kline in Speaking of Security, the RSA Blog and Podcast

There have been quite a few blogs written about the Return on Investment (ROI) of security. Amrit Williams has several links in his recent discussion of the topic. This reminds me of some work that I did with BearingPoint on the ROI of a Services-Oriented Architecture (SOA), a similarly challenging area in which to quantify value. The framework...

Tags: traditional roi metrics, roi, strategic drivers, distribution channels, difficulty, investment, risk reduction, return, business initiative

Will the recent cyber attacks on Estonia be a wake up call for European and U.S. leaders?

2007-07-02 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

Will the recent cyber attacks on Estonia be a wake up call for European and U.S. leaders? According to a Reuters story on Friday, June 30th, the answer is apparently yes at least on the other side of the Atlantic Ocean. What about the U.S

Tags: recent cyber attacks, leaders, reuters story, atlantic ocean, estonia, june 30th, call, european, apparently

White House issues updated guidance to federal agencies for safeguarding sensitive information

2007-05-30 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

On May 22, 2007, the U.S. Office of Management and Budget (OMB) issued new guidance to federal agencies for both safeguarding sensitive data and responding to a data breach if one occurs. The memo, entitled Safeguarding Against and Responding to the Breach of Personally Identifiable Information " was sent by Clay Johnson, Deputy Director of...

Tags: federal agencies, federal agencies respond, guidance, data breach, profile data breaches, breach, executive departments, deputy director, omb

Article: Dissecting and Digging Application Source Code for Vulnerabilities

2007-12-27 13:33:07 by Editor in Help Net Security - News

Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem as well. There are several security issues which are difficult to identify using

Tags: application source code, security issues, vulnerability detection, challenge, complex, difficult

Halvar Flake Denied Entry to U.S. for Black Hat

2007-07-29 12:39:01 by Editor in Cheap Hack

Respected security researcher Halvar Flake has been denied entry to the United States for his presentation at Black Hat. It's all over some stupid technicality of the contract with Black Hat being with him personally and not his company. In the process of interrogating him over it the DHS actually asked why the training he's doing couldn't be...

Tags: black hat, flake, computer security research, entry, stupid technicality, reactionary stupidity, process, business visa, dhs

Microsoft: Thank You For Buying Pirated Vista

2007-07-24 22:21:34 by Editor in Cheap Hack

Microsoft announced in a blog entry "the largest bust of counterfeit software manufacturing or distribution ever." A lot of pirated Windows Vista was sold by the gang that got busted. The main point of the blog is to celebrate the role of WGA (Windows Genuine Advantage, the copy protection in Windows) . People who bought the pirated copies tried...

Tags: windows, windows genuine advantage, copies, microsoft, blog entry, free genuine copies, blog, windows vista, counterfeit software

Dissecting and Digging Application Source Code for Vulnerabilities

2007-12-27 13:33:07 by Editor in Help Net Security - Articles

Application source code scanning for vulnerability detection is an interesting challenge and relatively complex problem as well. There are several security issues which are difficult to identify using

Tags: application source code, security issues, vulnerability detection, challenge, complex, difficult

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo