SEARCH RESULTS
 
Showing 1-10 of 111 records
 
Expand article

"Walking" with the SDL - Part 3

2008-07-23 16:43:00 by sdl in The Security Development Lifecycle
 
...valuable reference tools. Use them to perform evaluate your security from multiple angles Think about component-level architecture List common pitfalls in writing code, or begin defining and building test cases Code reviewers can reference threat models and attack surface documents to verify specific attacks were addressed in the code...
 
Tags: security requirements serve, security requirements, security development lifecycle, security development, requirements, lifecycle, security lifecycle, security, security ecosystem
 
 
 
 
Expand article

What's your data worth? More importantly, to whom?

2007-10-25 06:49:21 by Steve Riley in Steve Riley on Security
 
...valuable it might be to an attacker. Always, instead, consider how valuable it is to you I know, it seems so simple when you see it in print. But, surprisingly, many people take the opposite approach. "We don't have anything of value to anyone else, we don't need security." There's no more dangerous statement than this. Resist the urge to...
 
Tags: data, data accessible online, valuable, security, security wrong, opposite approach, approach, bad guys, worth
 
 
 
 
Expand article

Lost laptop = Lost data!

2007-08-18 08:28:15 by RaviC in Musings on Information Security
 
...valuable company data or valuable personal data may not be possible It is very important for us to be "laptop data aware" i.e. the categories of data it has and the consequences of lost data. A good practice is to treat your laptop like your wallet I found these 9 tips on Microsoft website . These tips are really thoughtful and well written...
 
Tags: data, lost data, lost, lost laptop, laptop, laptop data aware, lost brand, aware, laptop security device
 
 
 
 
Expand article

An old/new kind of cybercrime/cybercriminal

2008-04-23 10:13:09 by HASH0x8b4a8bc in StillSecure, After All These Years
 
...valuable than gold, more valuable even that gasoline! So to my mind this is more a case of corporate espionage where a company that is competitive to Lending Tree infiltrated their networks through people, rather than technology to gain access to their corporate crown jewels This sort of stealing your competitors information has been going on...
 
Tags: financial gain type, financial gain, gain, information breach, information, gain access, access, competitors information, cybercrime
 
 
 
 
Expand article

An old/new kind of cybercrime/cybercriminal

2008-04-23 11:13:09 by ashimmy in StillSecure, After All These Years
 
...valuable than gold, more valuable even that gasoline! So to my mind this is more a case of corporate espionage where a company that is competitive to Lending Tree infiltrated their networks through people, rather than technology to gain access to their corporate crown jewels This sort of stealing your competitors information has been going on...
 
Tags: financial gain type, financial gain, gain, information breach, information, gain access, access, competitors information, cybercrime
 
 
 
 
Expand article

The insider threat - jobs at risk!

2008-05-01 21:51:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...valuable can turn people". I started believing this after my car was broken into and it turned out to be a neighbor kid I firmly believe that taking temptation away (in this case not having access to data you should not) is a great strategy. Insider threats are more troubling, since this is targeted at the most sensitive and valuable data -...
 
Tags: valuable, valuable data, data, sensitive data, sensitive, car seat, access controls, outsider threat depends, access
 
 
 
 
Expand article

Can Moodys solve your third party assessment problem?

The Article has images
2008-05-28 12:36:33 by Khalid Kark in Security & Risk Management
...valuable time, is expensive, and most importantly, pulls resources away from doing actual security work within the company. On the other hand service providers are also having a hard time keeping up with these assessments. A compliance manager at a large service provider estimated that they responded to over 300 audit requests in 2007, and...
 
Tags: service provider environment, service, ratings service, vir service, service providers, service provider, assessment, service provider stays, moodys
 
 
 
 
Expand article

The Pros and Cons of LifeLock

2008-06-12 04:00:00 by Bruce Schneier in Wired Security
 
...valuable. LifeLock also opts its customers out of pre-approved credit card offers, further making them less valuable in the eyes of credit bureaus And, so began a smear campaign on the part of the credit bureaus. You can read their points of view in this New York Times article , written by a reporter who didn't do much more than regurgitate...
 
Tags: credit reports, credit, credit card, fraud alerts permanent, fraud, credit industry, experian credit bureau, lifelock, issue credit
 
 
 
 
Expand article

LifeLock and Identity Theft

2008-06-17 06:51:25 by schneier in Schneier on Security
 
...valuable. LifeLock also opts its customers out of pre-approved credit card offers, further making them less valuable in the eyes of credit bureaus And, so began a smear campaign on the part of the credit bureaus. You can read their points of view in this New York Times article , written by a reporter who didn't do much more than regurgitate...
 
Tags: identity theft, credit reports, credit, identity, credit card, fraud alerts permanent, fraud, credit industry, experian credit bureau
 
 
 
 
Expand article

Cyber espionage something to worry about?

2007-12-14 15:48:00 by Khalid Kark in Security & Risk Management