SEARCH RESULTS
 
Showing 1-10 of 11 records
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...significance of the information involved, legal requirements, and the seriousness of threats to data privacy Under a separate category of management, information security managers should organize and implement the organizations information security program, including its monitoring (testing) program Although business managers often try to...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Index on Censorship: Shifting Borders

2007-12-18 11:23:50 by Steven J. Murdoch in Light Blue Touchpaper
 
...significance of barriers that stem from industry structure which companies are hosting controversial information, where they do business, what markets do they compete in and what corporate partnerships are involved. The direction these take will have a significant impact on the scale of Internet censorship The rest of the journal is well...
 
Tags: censorship, internet censorship, internet, article, nart villeneuves article, journal index, journal, ross anderson, national boundaries
 
 
 
 
Expand article

The National Cyber Exercise

2008-02-06 13:29:21 by Burton Group in Security and Risk Management Strategies Blog
 
...significance Large scale exercise through simulated incident reporting only no actual impact or attacks on live networks Specifically directed by Congress ... and coordinated with DHS National Exercise Program In short, the exercise objective was to pretend that a faux "Worldwide Anti-Globalization Alliance (WAGA)" was attacking U.S. and...
 
Tags: cyber, national cyber exercise, exercise, exercise objective, security, exercise results, international, international government participants, security contact
 
 
 
 
Expand article

The National Cyber Exercise

2008-02-06 13:29:21 by Burton Group in Security and Risk Management Strategies Blog
 
...significance Large scale exercise through simulated incident reporting only ??? no actual impact or attacks on live networks Specifically directed by Congress ... and coordinated with DHS National Exercise Program In short, the exercise objective was to pretend that a faux "Worldwide Anti-Globalization Alliance (WAGA)" was attacking U.S. and...
 
Tags: cyber, national cyber exercise, exercise, exercise objective, security, exercise results, international, international government participants, security contact
 
 
 
 
Expand article

Is security really a business enabler?

2008-05-01 08:00:00 by Stuart King in Stuart King's Security and Risk Management Blog
 
...significance of a pie charted extract of the firewall logs. If you want to convince the business then you have to cut out the techie chat. The key points I made are that we need to - Take a risk based approach - Focus on business needs - Talk the language of the business - Dont make wild statement about cost savings and ROI - Work to reduce...
 
Tags: security, business, security professionals, metrics, meaningful security metrics, solid built-in security, financial services industry, business buy-in, services
 
 
 
 
Expand article

Two HSBC breaches with similar circumstances

The Article has images
2008-06-02 09:40:52 by Evan Francen in The Breach Blog
...significance of the papers although Mrs Stewart immediately did She said: "Reece had been to get his ball back after it had bounced into a sub-station and says he saw a pile on top of the transformer and they were whistling around in the gale But it was Jessica who grabbed one as it blew past her in the street and showed it to me I have...
 
Tags: customers, bank customers, bank, bank officials, bank bag, bag, bank branch after-hours, street bank hsbc, street
 
 
 
 
Expand article

Meet ratproxy, our passive web security assessment tool

2008-07-01 16:49:00 by Niels Provos in Google Online Security Blog
 
Posted by Michal Zalewski We're happy to announce that we've just open-sourced ratproxy , a passive web application security assessment tool that we've been using internally at Google. This utility, developed by our information security engineering team, is designed to transparently analyze legitimate, browser-driven interactions with a tested...
 
Tags: web, information, information leakage scenarios, information security, contemporary web technologies, information security community, web property, community, web applications
 
 
 
 
Expand article

Dan Wallach on Electronic Voting Machines

2008-07-02 06:15:27 by schneier in Schneier on Security
 
...significance. Hopefully, legislators and election administrators are smart enough to grasp the vendors behavior for what it actually is and take appropriate steps to bolster our election integrity. Until then, the bottom line is that many jurisdictions in Texas and elsewhere in the country will be using e-voting equipment this November with...
 
Tags: dan wallach, attacks, excellent blog post, vendors, vendors behavior, equipment, procedures, machine companies, texass dres
 
 
 
 
Expand article

Poor security quality in software. Someone is watching over me.

The Article has images
2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit
...significance are like this. But we must do it. The inertia of culture and status quo is difficult to overcome, but overcome it we can; otherwise, we would not have the better parts of the world we enjoy today I believe the technology space is no different. We are just a little dazed and bewildered by all the changes technology has introduced...
 
Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance
 
 
 
 
Expand article

Poor Security Quality In Software; Someone Is Watching Over Me

The Article has images
2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit