SEARCH RESULTS
 
Showing 1-10 of 33 records
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...sufficient resources to allow controls to be effective 2) The board of directors must provide oversight at a level above other business managers. The directors role in information security is to ask managers the right questions and encourage the right results. Directors must set the right tone at the top, communicating to executive management...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Changing the SSL cipher order in Internet Explorer 7 on Windows Vista

2007-11-07 05:37:47 by Steve Riley in Steve Riley on Security
 
...sufficient to protect the information you're exchanging over HTTPS However, if you require something longer, and want to change the default, you can. Here's how Open your group policy editor by entering gpedit.msc at a command prompt Choose Computer Configuration | Administrative Templates | Network | SSL Configuration Settings There's only...
 
Tags: sha, null sha, cbc sha p384, cbc sha, cbc sha p521, shorter bit lengths, bit lengths, cbc sha p256, 256-bit aes
 
 
 
 
Expand article

Protect your data: everything else is just plumbing

The Article has images
2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security
...sufficient: public, internal, confidential, and private Next, consider retention classifications. If you should ever be hauled into court for some reason, the discovery process will uncover a whole lot of your data. You could face major penalties if new information is discovered after a trial starts. Therefore, its necessary to follow a...
 
Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes
 
 
 
 
Expand article

Phishers, Spammers, and Malware Authors Clearly Consolidating

The Article has images
2007-12-09 21:14:53 by HASH0x89fa6a4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...sufficient doesnt seem to be a relevant one when it comes to a spammers results oriented attitude. Spammers excel at harvesting and purchasing email addresses , sending, and successfully delivering the messages, phishers are masters of social engineering, while on the other hand malware authors or botnet masters in this case, provide the...
 
Tags: malware, malware attachments, malware attack, malware authors, hand malware authors, spammers, modern malware, storm worm malware, emails courtesy
 
 
 
 
Expand article

Hard drive stolen from New Mexico State University was encrypted

The Article has images
2008-01-07 09:50:57 by Evan Francen in The Breach Blog
...sufficient, then I agree with the school's assessment that in all likelihood the data is safe Past Breaches Unknown
 
Tags: hard drive, external hard drive, information, personal information, employee information, computer hard drive, employee, employee hired, special events
 
 
 
 
Expand article

House committee issues report and finds fault with TSA web site

The Article has images
2008-01-15 09:35:53 by Evan Francen in The Breach Blog
...sufficient oversight of the website and the contractor The internal TSA investigation found that there were problems with the planning, development, and operation of the website and that the program managers were overly reliant on contractors for information technology expertise and had failed to properly oversee the contractor, which as a...
 
Tags: tsa, website, website contract, traveler redress website, tsa moved quickly, security breach, information security breach, security vulnerabilities, multiple security vulnerabilities
 
 
 
 
Expand article

SmartWater Works

2008-01-21 12:17:39 by schneier in Schneier on Security
 
...sufficient to put off most of the criminals the team interviewed Professor Gill said: "According to our sample, SmartWater provided a strong projected deterrent value in that 74 per cent of the offenders interviewed reported that they would in the future be put off from breaking into a building with a SmartWater poster/sign displayed Overall,...
 
Tags: smartwater, smartwater products, deterrent, smartwater postersign, reasonable deterrent, deterrent factor, study, strong, strong deterrent effect
 
 
 
 
Expand article

NERC CIP Rules Out - Logs In!

2008-01-24 13:06:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...sufficient detail to create historical audit trails of individual user account access activity for a minimum of ninety days and R6.4. The Responsible Entity shall retain all logs specified in Requirement R6 for ninety calendar days R6.5. The Responsible Entity shall review logs of system events related to cyber security and maintain records...
 
Tags: logs, review logs, preserve computer logs, responsible entity, security, cyber security, regulatory security guidance, guidance, review
 
 
 
 
Expand article

Microsoft IPsec diagnostic tool

2008-02-01 11:39:04 by Steve Riley in Steve Riley on Security
 
...sufficient to diagnose any network related issue. For further assistance, you can share the logs with network administrators or Microsoft support Get the tool here: http://www.microsoft.com/downloads/details.aspx?FamilyID=1d4c292c-7998-42e4-8786-789c7b457881&displaylang=en It works on these versions of Windows Windows Server 2003 Service Pack...
 
Tags: windows vista enterprise, windows vista, windows vista business, windows, windows firewall, windows server, ipsec, tool, diagnostic tool