SEARCH RESULTS
 
Showing 1-10 of 155 records
 
Expand article

Thoughts on ISO 27005

2009-01-06 17:10:59 by Alex in RiskAnalys.is
 
...purpose of risk management. I believe that the purpose of risk management is to align the risk exposure of an organization to that organizations risk tolerance. The ISO, not so much In section 7.1 (which seems awfully late in the document to start discussing the reason were all here today) 27005 states It is essential to determine the purpose...
 
Tags: risk, risk based, risk estimation, actual management, estimation, management, executive management, risk management, portfolio risk
 
 
 
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...purpose. Security professionals have various frameworks on how to define safe that usually factor in some of the following considerations 1) Value of protected assets 2) Assumptions about the sophistication of and level of resources available to an attacker. Defining attacker can cover a spectrum that ranges from a well intentioned but...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

Laptop bought on eBay contained "highly confidential" Home Office disk

The Article has images
2008-02-28 16:10:38 by Evan Francen in The Breach Blog
...purpose. But why and by whom Technicians at the shop called police who sent around anti-terrorist officers to confiscate the machine The Home Office said investigations were under way into the incident The laptop had been taken into the Leapfrog Computers store by a customer who bought it on the internet auction site When engineers took...
 
Tags: home office, disk, laptop, source home office, home office spokesman, director lee bevan, lee bevan, highly confidential, leapfrog computers
 
 
 
 
Expand article

The C-I-A Triad weighed and found wanting

The Article has images
2007-04-12 04:54:18 by Perry Carpenter in Security Renaissance
...purpose.The explicit aim of a Denial-of-Service (DOS) attack is to compromise the availability of systems/data Possession : Holding, controlling, and having the ability to use information. Possession is the ability to truly own and control information and how it is used. We normally think of this as unauthorized or unintentional copying of...
 
Tags: information security, information, parkerian hexad, parkerian hexad model, control information, principles, security principles, personal health information, parkerian hexad augments
 
 
 
 
Expand article

The DDoS Attack Against CNN.com

The Article has images
2008-04-22 19:30:53 by HASH0x8b2d1ec in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...purpose of attacking CNN.com CNN.com was indeed inacessible for a period of three hours according to NetCraft , and literally any web site performance monitoring too with a historical perspective for a host can prove the same The CNN News website has twice been affected since an earlier distributed denial of service attack last Thursday....
 
Tags: ddos, ddos-ing cnn, cnn, ddos people, warfare, information warfare attack, attack, ddos attack, chinese script kiddies
 
 
 
 
Expand article

Hacking tool guidance finally appears

2007-12-31 17:50:32 by Richard Clayton in Light Blue Touchpaper
 
...purposes, and the bad guys use it for bad. The bad guys are of course committing an offence, and the good guys are not but the complexity surrounds distribution, if a good guy runs a website and a lot of bad people download the tool from it, has the good guy committed an offence The actual wording of the offence says "supply or offer to...
 
Tags: bad, bad people download, cma offence, offence, bad guys, guys, offence stage, tool, article widely
 
 
 
 
Expand article

Article: Analytics Brief: Securing The New Data Center

The Article has images
2008-01-07 05:28:32 by Editor in Security Links
...purpose operating systems.As such, hypervisors represent a relatively slim attack vector as theyre often implemented in less than 100,000 lines of code. When compared with the millions of lines that make up a general-purpose operating system, creating a bulletproof hypervisor is a more realistic goal, but flaws will still exist, and exploits...
 
Tags: virtual environment, environment, virtual appliances range, virtual appliances, security, tools, security tools, develop security, security holes
 
 
 
 
Expand article

Bad Phorm

2008-03-18 14:26:32 by Stuart King in Stuart King's Security and Risk Management Blog
 
...purpose other than routing between the ISP and the end-user, then in my mind you're also opening up that same system to the risk of abuse. There's some good commentary on the issues on this blog here . While Phorm and the ISPs signing up say users will be able to opt out, but they dont say whether everyone will be opted out or in...
 
Tags: phorm, system, webwise system, users, strongly suspect, real purpose, strongly, virgin forum, opt
 
 
 
 
Expand article

Waukesha County job applicant data exposed in mailing

The Article has images
2008-07-15 08:07:06 by Evan Francen in The Breach Blog
...purposes," the application reads Ray Pollen , an attorney with Crivello Carlson, at first said it was no mistake that Matthews received the uncensored applications Evan] So Mr. Pollen sent the information on purpose. Did he stop to think that there might be a problem here? Did it occur to anyone that they should redact the most sensitive...
 
Tags: job, information, personal information, county, waukesha county, senstive information, confidential information, sensitive information, salary information
 
 
 
 
Expand article

Are Stolen Credit Card Details Getting Cheaper?

The Article has images
2008-07-15 15:36:12 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge