SEARCH RESULTS
 
Showing 1-10 of 40 records
 
Expand article

Rational Risk Management, Angry Italians, and Irrational Security Analysts

2008-11-17 16:43:15 by Alex in RiskAnalys.is
 
...rationality in the data owner. Someone who sees you as a speedbump on the route to progress they may not be ready to appreciate your point of view even if it is stated in the most rational manner possible. But its worth noting (and Stuarts example is indicative of this point) that risk analysis does not create rationality in the analyst,...
 
Tags: risk, risk tolerance, risk models, practical risk analysis, strong risk anlayses, generous risk geeks, immature risk analysis, quote chris hayes, chris hayes
 
 
 
 
Expand article

Links for 2008-01-16 [del.icio.us]

2008-01-17 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Security and Disruptive Innovation Part I: The Setup Storm, Nugache lead dangerous new botnet barrage This is the future of malware and it's not a pretty picture. What it is, is a nightmare: a new breed of malicious software developed, tested and sold by professionals and engineered to change on the fly, adapt to its...
 
Tags: security space saas, security space, security, disruptive innovation, information security risks, disruptive, rational survivability, security altogether, disruptive element
 
 
 
 
Expand article

So Logically, If She Weighs The Same As A DuckShes A Witch!

The Article has images
2008-09-18 14:59:47 by Alex in RiskAnalys.is
...rationalism, I have to recognize that this discussion is really just about the act of observation using different metrics of measurement But how were going about observing does not change the fact that there is measurement based on observation. So if Im working with you I can easily turn your qualitative scale into a quantitative one, and...
 
Tags: risk, financial risk, poor risk management, operational risk, outcome, exploit outcome, probability, qualitative models, models
 
 
 
 
Expand article

Links for 2007-12-20 [del.icio.us]

2007-12-21 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: The Seesaw CISO...Changing Places But Similar Faces... 've talked about the fact that "security" should be a business function and not a technical one and quite frankly what Dennis is hearing has been a trend on the uptick for the last 3-4 years as "information security" becomes less relevant and managing ris Data And...
 
Tags: security, security investments, application security, information security, application, users data, data, data protection, security growth
 
 
 
 
Expand article

Links for 2008-01-09 [del.icio.us]

2008-01-10 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Are Virtualization Laws That Are Immutable, Disputable If you thought 'Security '07' was hairy, just wait | Tech News on ZDNet Three predictions for identity management in 2008 - Network World EventSource Newsletters - Jan 08 The secret to effective log management is to gather ALL of the data. The aspects of LM that...
 
Tags: security, security predictions, log management, effective log management, data, data collection, predictions, security warrior, anton chuvakin blog
 
 
 
 
Expand article

Links for 2008-01-25 [del.icio.us]

2008-01-26 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Pushing Reset On the IT vs. SCADA Security Debate Schneier on Security: Hacking Power Networks Vmyths on SCADA - SANS director confirms the CIA confirmed ... absolutely nothing Majority of VISA Merchants are Compliant as of Jan. 22, 2008 Payment Card Security & IT Controls Explained Targeted Trojan Attacks EETimes.com...
 
Tags: security, payment card security, scada, scada security, sets practical guidelines, sans director confirms, intel rosi paper, silent rampage wipes, apple hack news
 
 
 
 
Expand article

Benevolent Worms

2008-02-19 06:57:11 by schneier in Schneier on Security
 
...rational network administrator, regardless of intent A good software distribution mechanism has the following characteristics People can choose the options they want Installation is adapted to the host it's running on It's easy to stop an installation in progress, or uninstall the software It's easy to know what has been installed where A...
 
Tags: software worms spread, worms, software, bad software distribution, worm, successful worm, beneficial worms, software distribution mechanism, worm quieter
 
 
 
 
Expand article

Overcoming Bias: The Affect Heuristic

2008-01-03 21:32:58 by Chris Wysopal in Zero in a bit
 
...rational and dont understand statistics People believe that benefit and risk are intertwined. They think a highly beneficial thing is also a less risky thing even though you can have low risk and high risk things, both with great benefits. People also dont know how to calculate risk in percentages. Absolute numbers seem to resonate. Security...
 
Tags: simply people, low risk, people, risk, affect heuristic, highly beneficial, highly, security measurement, security metrics
 
 
 
 
Expand article

Top 10 Security Stories of 2007

2007-12-27 04:53:17 by Bill in Grumpy Security Guy
 
...Rational. If the products remain as standalone offerings though is unclear 4. Full Disclosure Dies - 2007 will go down as the year full disclosure died. Crappy treatment from vendors and now web site owners has driven the good guys out and the only people left are the bad guys that are in it for the money. Which leads to 3. Russian Business...
 
Tags: top, security stories, top security stories, business, russian business network, web application security, bad guys, pci, ibm acquires watchfire
 
 
 
 
Expand article

2008 - The Year of IT Risk Management?

2008-01-04 13:23:00 by Ryan Shopp in practical risk management
 
...Rational Survivability snip Compliance stops being a dirty word & Risk Management moves beyond buzzword Today we typically see the role of information security described as blocking and tackling; focused on managing threats and vulnerabilities balanced against the need to be "compliant" to some arbitrary set of internal and external...