SEARCH RESULTS
 
Showing 1-10 of 101 records
 
Expand article

CHECKLISTS ARE NOT FOR DUMMIES, BUT THEY SURE ARE DUMB!

The Article has images
2008-06-11 13:51:33 by Alex in RiskAnalys.is
...Nature. State of Nature just means what the current state is. There are two ISSA Journals on my desk right now - State of Nature statement State of Knowledge : Analysis derived from examination of State of Nature. One of these ISSA Journals has an article co-authored Donn Parker on ROI. Ive read it, and it makes some statements he regards as...
 
Tags: checklists, article checklists, article, mmmmm-mmmmmmm checklists, nice checklists, provide analysis, provide, nature, nature statement
 
 
 
 
Expand article

HMRC loses data cartridge that affects 6,548 pensioners

The Article has images
2007-12-31 23:30:11 by Evan Francen in The Breach Blog
...nature of the medium on which the data is held. [Evan] Security through obscurity doesn't work. This is one of the oldest security fallacies in the book. Don't count on the nature of the medium to provide adequate security We are taking this loss extremely seriously and have done everything possible to locate the data cartridge. We would...
 
Tags: data, data cartridge, hmrc, lost hmrc cd, prime data, confidential data, hmrc breach, consult hmrc, hmrc encrypts
 
 
 
 
Expand article

The Fox and the Henhouse

2008-01-28 15:02:17 by Burton Group in Security and Risk Management Strategies Blog
 
...nature: one trader, responsible for plain vanilla futures hedging on European equity market indices, had taken massive fraudulent directional positions in 2007 and 2008 beyond his limited authority Three things about this sentence are worrying. First, the fraud is described as "exceptional in size and nature". The good ones always are...
 
Tags: societe generale, societe generale begins, yesterday societe generale, societe generale appears, risk management lessons, risk management, risk management personnel, plain vanilla futures, apparently
 
 
 
 
Expand article

The Fox and the Henhouse

2008-01-28 15:02:17 by Burton Group in Security and Risk Management Strategies Blog
 
...nature: one trader, responsible for plain vanilla futures hedging on European equity market indices, had taken massive fraudulent directional positions in 2007 and 2008 beyond his limited authority Three things about this sentence are worrying. First, the fraud is described as "exceptional in size and nature". The good ones always are...
 
Tags: societe generale, societe generale begins, jerome kerviel, kerviel, yesterday societe generale, apparently, bank apparently, bank, prevent kerviel
 
 
 
 
Expand article

A Localized Bankers Malware Campaign

The Article has images
2008-03-25 14:59:06 by HASH0x8b6136c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...nature of the campaign , and the use of a Russian free web space provider as a hosting provider for the malware Now on the cyber deception issue. Basically, you have a malware campaign targeting Portuguese speaking end users, that's been emailed using Brazilian mail servers through a set of hardcoded and already breached local email acounts,...
 
Tags: malware, bankers malware campaign, malware malware, malware campaigns, malicious malware, banker malware, bankers malware, malware authors, campaign
 
 
 
 
Expand article

Week in review

2007-03-11 07:41:17 by Perry Carpenter in Security Renaissance
 
...nature run amuck Fired employee speaks out LA Times analysis (which sites my initial speculation As I stated in my Computerworld article The world is in a security and privacy renaissance. Ethical questions related to government and employer surveillance are being raised and reraised. Security and privacy advocates exist on both sides of the...
 
Tags: security, security smack-down, security industry, industry, security postures, security professional, security renaissance, security community, security catalyst
 
 
 
 
Expand article

Measuring Vulnerability

The Article has images
2008-04-14 14:31:38 by JonesJ in RiskAnalys.is
...nature (e.g., weather events), the distribution is probably pretty close to being bell-shaped (i.e., the majority of threat agents fall somewhere below those who are most capable and above those who are least capable A 100% secure control (if such a thing existed) could be illustrated as existing outside of the threat community capability...
 
Tags: threat capability curve, capability, human capability, human threat capability, describe control strength, control strength, capability curve, threat community capability, control
 
 
 
 
Expand article

New DIY Malware in the Wild

The Article has images
2008-04-29 16:06:55 by HASH0x8b1f28c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...nature , following the logic that based on the fact that few people will have it, it would somehow remain undetected for a longer period of time. The applied logic is however, excluding the possibility of used to recently purchased good as a bargain to obtain or improve the chances of obtaining access to another good or a service in the face...
 
Tags: diy malware, malware, diy malware droppers, do-it-yourself malware, novice malware coder, malware authors, source malware, malware loader, multi-feature malware crypter
 
 
 
 
Expand article

Communicating about risk - part 1

The Article has images
2008-05-05 18:12:14 by JonesJ in RiskAnalys.is
...nature of some risk scenarios I can live with this Lets say that youve done an analysis and the results look something like whats shown in the charts below (Ive included both a qualitative and a quantitative version At first glance, a decision maker might think This doesnt look so bad. I can live with this level of risk . But thats not...
 
Tags: risk, effective, cost-effective risk management, fragile condition exists, condition, unstable condition, risk qualifiers, risk condition, risk chart perspective
 
 
 
 
Expand article

Can you hear me now?

2008-06-27 10:56:10 by Gunnar Peterson in 1 Raindrop
 
...nature of web security to blame here in Web services world. Paraphrasing Jeff Williams , the problem is that an attacker can just try an attack if it doesn't work, try again, again, and so on. This partially because of the loosely coupled nature of the systems, but it is also because commonly used information security protocols have diverged...