SEARCH RESULTS
 
Showing 1-10 of 25 records
 
Expand article

Verizon Business Report Speaks Volumes

The Article has images
2008-06-12 01:14:00 by Richard Bejtlich in TaoSecurity
...Score of 21,900 Insiders pose the least threat (18%), and achieve the greatest impact (375,000 compromised records), resulting in a Pseudo Risk Score of 67,500 Partners are middle in both (39% and 187,500), resulting in a Pseudo Risk Score of 73,125 While these are rudimentary numbers, the relative risk scores are reasonable and...
 
Tags: compromise, simply system compromise, data compromise investigation, data covers, data, data compromise, verizon, verizon business, risk
 
 
 
 
Expand article

SmartWater Works

2008-01-21 12:17:39 by schneier in Schneier on Security
 
...scored out of ten by respondents in regard to deterrent value, SmartWater was awarded the highest average score (8.3 out of a score of 10) compared to a range of other crime deterrents. CCTV scored 6.2, Burglar Alarms scored 6.0 and security guards scored 4.9 Of course, we don't know if the study was sponsored by SmartWater the company, and...
 
Tags: smartwater, smartwater products, deterrent, smartwater postersign, reasonable deterrent, deterrent factor, study, strong, strong deterrent effect
 
 
 
 
Expand article

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle
 
...score summarized below D (Minimal Protection C (Discretionary Protection C1: Discretionary Security Protection C2: Controlled Access Protection B (Mandatory Protection B1: Labeled Security Protection B2: Structured Protection B3: Security Domains A (Verified Protection A1: Verified Design In the 1990s, the US and other nations combined...
 
Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection
 
 
 
 
Expand article

GRC is Dead

2008-05-13 20:26:58 by rmogull in securosis.com
 
...score. Someday Id like a moderate score for a little extra financial security, but Im not about to compromise my lifestyle or values to get it. As a business I know who my customers are and I make every effort to provide them with as much value as possible Thats why I dont grok this whole GRC obsession (Governance, Risk, and Compliance) among...
 
Tags: grc, call grc tools, grc tools, todays grc tools, grc obsession, call grc, grc tool, internal, internal auditors
 
 
 
 
Expand article

Logging Poll #8 Analysis: Needed Log Context

The Article has images
2008-06-03 08:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...score higher. I also suspect that people were confused by "logs ABOUT the same systems" (what I meant is, for example, use firewall logs that mention the system which log we are now analyzing) and this should score higher Seventh , anything fun in the "Other" category? Yes, there were a few insightful ones: first, results of a Google search...
 
Tags: log, recent log entry, strange log entry, log time stamps, log record, heavy log, log entry, complement logs, logs
 
 
 
 
Expand article

The top 10 spam characteristics (#6-10)

2006-09-27 06:01:03 by Administrator in Email security & compliance blog
 
...score for each spam characteristic. If a message includes several spam characteristics and reaches a spam threshold, the email can safely be considered as spam I have numbered each spam characteristic according to the frequency in which it is found in todays spam mails, where #1 is the spam characteristic that Red Earth Software found to be...
 
Tags: spam, spam characteristics, spam characteristic, todays spam mails, mails, email address, complete email address, detect spam, spam messages include
 
 
 
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...SCORE Checklist Project: ISO 17799 9. The Center for Internet Security 10. The Information Systems Security Association (ISSA 11. The Computer Security Division (CSD) of the National Institute of Standards and Technology (NIST) , including the Federal Information Security Management Act (FISMA) library 12. Information Security Governance:...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Ed Light: Ten Easy Ways to Score Fast CPE Credits

2007-07-10 08:00:00 by Editor in IT Compliance
 
If you've earned a professional certification, you're ahead of the game. Now, don't let that new load of continuing education requirements drag you down. Here are 10 ways to earn education credits at little or no cost, often at your own keyboard, while learning something useful at the same time
 
Tags: education requirements drag, earn education credits, professional certification, cost, time, ahead, game, load, keyboard
 
 
 
 
Expand article

DRM Scorecard Makes Me Wonder: The Media Industry and the TSA, Sadistic or Incompetent?

2007-08-02 08:19:00 by Eric Marvets in The Security Samurai
 
...scorecard where the box score reads Hackers 1000, Industry 0 This all goes back to the simple fact that all DRM is based on encryption, and that its illogical to give someone the decryption key that is required to enable what the media industry views as authorized behavior (media playback) without expecting someone else to utilize that...
 
Tags: media industry, industry, media industry views, illogical behavior impedes, drm, behavior, drm scorecard, secret, secret internal referendum
 
 
 
 
Expand article

Blue Box #73: SIP security issues at IETF 70, Skype security, vulnerabilities in Cisco and Nokia phones, Vietnam's cyberdissidents, VoIP security news

2007-12-31 18:08:58 by HASH0x89ff4a8 in Blue Box: The VoIP Security Podcast
 
...Score and SRTP Key Disclosure and Updates to Asserted Identity also covered in SPITting in your general direction SIP - Media Identity and DTLS Framework MMUSIC - big news was that ICE is now in the queue to be issued as an RFC BEHAVE - TURN P2PSIP interesting discussion on NAT in P2P SIP and security in P2P SIP Comment (email) from Frank...
 
Tags: voip security news, news, voip, protect voip communications, security, sip, skype security, sip security issues, voip news