SecurityRatty: tag: processes

Constant Patch Releases Forcing New IT Processes

2008-02-25 06:21:54 by Editor in Computerworld Security News

The ongoing release of patches from Microsoft and other large software vendors is forcing IT shops to create new processes to ensure that vulnerabilities are fixed as quickly as possible

Tags: processes, software vendors, ensure, fixed, release, microsoft, vulnerabilities, shops, patches

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle

...processes at Microsoft, and a lot more in the wide world. People sometimes want to argue because they think Microsoft uses the term threat modeling differently than the rest of the world. This is only a little accurate. There is a community which uses questions like whats your threat model to mean which attackers are you trying to stop?...

Tags: threat, threat models, threat model, reasons threat, service threat, term threat, threat effectively, playsound threat model, development process

Hansei and the CISO

2008-09-16 17:47:47 by Alex in RiskAnalys.is

...processes are in place?, How do you know that those are the processes that should be in place? If they are, what kind of job am I doing at those processes What is the quality of the skills and resources I have from a people perspective, and how do I know if they are adequate? How do I know that the training they petition me for will...

Tags: risk management requires, risk management, risk, hansei, risk register, program, manage risk, manage, adrians program diagram

Applying SDL Principles to Legacy Code

2008-10-27 17:24:00 by sdl in The Security Development Lifecycle

...processes ask that we help carry out parts of their process, from requirements analysis to penetration testing. Other clients need help defining their security processes, and we help define and kickoff a program based on the Microsoft SDL, other defined processes, or variations thereof, depending on the clients needs and abilities. Whether...

Tags: legacy code, mature security processes, security processes, cross-component security requirements, security requirements, processes, code, requirements, legacy code poses

Integrating Event/Incident and Problem Management

2008-10-14 18:00:59 by David Link in ScienceLogic

...processes is even more crucial in a virtualized environment So what does this mean for you? You will need to refine your incident and problem management processes with new technologies in order to reduce downtime and maintain end user performance. But of course even the most basic technologies are not well integrated even in todays world I...

Tags: management, event management systems, event, management processes, management pieces, management systems, management integration, event management system, systems

Henry Ford and Agility (Once you are secured - whats next?)

2008-06-05 14:04:00 by Allen Baranov, CISSP in Security Thoughts

...processes so that Information Processing and hence Business Decision Making can be done with the minimum amount of mess (think maximum amount of CIA The problem with doing this is that Information Security will start to make the business slower and more restricted as processes are followed HOWEVER, and this is where Henry Ford went wrong,...

Tags: information security, information, henry ford, information security nirvana, henry ford lost, processes, tie processes, information flows, business

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management

...processes and operations are a mess, outsourcing them will not solve the problem. It is important to establish security processes and strengthen your operations before you outsource security. Outsourcing may help improve operational control, but the chances of success are increased if the firm has a clear understanding of the processes,...

Tags: security processes, establish security processes, security, processes, security controls, security managers cost, cost, security operations, security services

What can CISOs learn from the Societe Generale debacle

2008-02-19 09:17:17 by Khalid Kark in Security & Risk Management

...processes and has the ability to disable the alarms. It does drive home the point that the insider threat may not be the most popular form of attack, but it usually is the most damaging Monitor privileged access: I have had many conversations with CISOs who are reluctant to monitor their system administrators and privileged access users...

Tags: security, formal security strategy, societe generale, security technology, external security challenges, implement security, access, security products, access users

Can security improve your bottom line?

2008-01-18 16:23:00 by Manu Namboodiri in Data Protection, Management and Leakage

...processes that you will become a more competitive company Notice the emphasis on business processes - this is where the real benefits come in. Security in itself can make you feel safer doing business, but the combined investment in security, infrastructure, business processes etc are what will make you stand out from the competition....

Tags: business, business processes, security, bottom line, real benefits, challenge, harder challenge, benefits, roland cloutier

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo