SEARCH RESULTS
 
Showing 1-10 of 212 records
 
Expand article

Constant Patch Releases Forcing New IT Processes

2008-02-25 06:21:54 by Editor in Computerworld Security News
 
The ongoing release of patches from Microsoft and other large software vendors is forcing IT shops to create new processes to ensure that vulnerabilities are fixed as quickly as possible
 
 
 
 
 
Expand article

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle
 
...processes at Microsoft, and a lot more in the wide world. People sometimes want to argue because they think Microsoft uses the term threat modeling differently than the rest of the world. This is only a little accurate. There is a community which uses questions like whats your threat model to mean which attackers are you trying to stop?...
 
 
 
 
 
Expand article

Hansei and the CISO

The Article has images
2008-09-16 17:47:47 by Alex in RiskAnalys.is
...processes are in place?, How do you know that those are the processes that should be in place? If they are, what kind of job am I doing at those processes What is the quality of the skills and resources I have from a people perspective, and how do I know if they are adequate? How do I know that the training they petition me for will...
 
 
 
 
 
Expand article

Applying SDL Principles to Legacy Code

2008-10-27 17:24:00 by sdl in The Security Development Lifecycle
 
...processes ask that we help carry out parts of their process, from requirements analysis to penetration testing. Other clients need help defining their security processes, and we help define and kickoff a program based on the Microsoft SDL, other defined processes, or variations thereof, depending on the clients needs and abilities. Whether...
 
 
 
 
 
Expand article

Integrating Event/Incident and Problem Management

2008-10-14 18:00:59 by David Link in ScienceLogic
 
...processes is even more crucial in a virtualized environment So what does this mean for you? You will need to refine your incident and problem management processes with new technologies in order to reduce downtime and maintain end user performance. But of course even the most basic technologies are not well integrated even in todays world I...
 
 
 
 
 
Expand article

Henry Ford and Agility (Once you are secured - whats next?)

2008-06-05 14:04:00 by Allen Baranov, CISSP in Security Thoughts
 
...processes so that Information Processing and hence Business Decision Making can be done with the minimum amount of mess (think maximum amount of CIA The problem with doing this is that Information Security will start to make the business slower and more restricted as processes are followed HOWEVER, and this is where Henry Ford went wrong,...
 
 
 
 
 
Expand article

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management
 
...processes and operations are a mess, outsourcing them will not solve the problem. It is important to establish security processes and strengthen your operations before you outsource security. Outsourcing may help improve operational control, but the chances of success are increased if the firm has a clear understanding of the processes,...
 
 
 
 
 
Expand article

What can CISOs learn from the Societe Generale debacle

2008-02-19 09:17:17 by Khalid Kark in Security & Risk Management
 
...processes and has the ability to disable the alarms. It does drive home the point that the insider threat may not be the most popular form of attack, but it usually is the most damaging Monitor privileged access: I have had many conversations with CISOs who are reluctant to monitor their system administrators and privileged access users...
 
 
 
 
 
Expand article

Can security improve your bottom line?

2008-01-18 16:23:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...processes that you will become a more competitive company Notice the emphasis on business processes - this is where the real benefits come in. Security in itself can make you feel safer doing business, but the combined investment in security, infrastructure, business processes etc are what will make you stand out from the competition....
 
 
 
 
 
Expand article

Nevada Department of Public Safety applicants exposed

The Article has images