tagged w/ Best practices
-
Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it’s a tool made by Microsoft!
http://information-security-resources.com/2009/11/19/windows-security-logs-and-ms-log-parser/Reading through a Windows security log or any other log can be very difficult and time... more
-
-
-
“First, the President is correct in his appreciation of the need to view cyber security as not just a technical and security issue, but as an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other.” ~ Congressional Testimony
http://information-security-resources.com/2009/11/18/isalliance-cyber-security-is-economic-issue/“First, the President is correct in his appreciation of the need to view cyber... more
-
-
-
In its recently released Global CIO Study, IBM found that 83% of respondents identified business intelligence and analytics as the best way to help enhance their organizations’ competitiveness. At the company’s Information on Demand conference in Las Vegas, IBM outlined a series of new products and services. It includes tools to analyze the increasing volumes of unstructured data found on Web sites, on social networking sites and in digital files.
http://information-security-resources.com/2009/11/16/new-ibm-analytics-for-business-intelligence/In its recently released Global CIO Study, IBM found that 83% of respondents... more
-
-
Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.
http://information-security-resources.com/2009/11/16/revolving-door-of-abuse-procurement-fraud/Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred... more
-
-
-
People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):
http://information-security-resources.com/2009/11/15/increase-your-information-security-iq/People who generally have to much time on their hands read my posts. Or they simply... more
-
-
Wouldn’t it be a good idea to have privacy certifications for the organizations that are part of the large smart grid and for the smart meters to help ensure they are appropriately addressing privacy and providing households with informed decision-making capabilities for how the information collected from their homes through these devices are used?
http://information-security-resources.com/2009/11/15/fifteen-more-smart-grid-privacy-concerns/Wouldn’t it be a good idea to have privacy certifications for the organizations... more
-
-
These new regulations come at a time when healthcare breaches are on the rise; according to the 2009 ITRC Breach Stats Report healthcare breaches account for over 66 percent of all records breached this year, up from 20 percent in 2008. In fact, some of the largest names in healthcare suffered data breaches.
http://information-security-resources.com/2009/11/12/hitech-act-and-protecting-health-privacy/These new regulations come at a time when healthcare breaches are on the rise;... more
-
-
-
Every organization has some form of Information Security Risk Assessment - some perform a formal risk assessment, others simply use their practical experience. There aren’t that many tools that assist the organization in performing risk assessment. The most widely used one is Excel, but it is far from a good choice.
http://information-security-resources.com/2009/11/11/microsoft-threat-assessment-modeling/Every organization has some form of Information Security Risk Assessment - some... more
-
-
The ISA will release a new cybersecurity report, which proposes frameworks for taking key issues in the Obama Administration’s “Cyberspace Policy Review” document to the next level, in an effort to achieve tangible progress. The report will include frameworks for creating a new, practical model for information sharing; addressing the international nature of cybersecurity issues; developing a market for adopting good security standards and practices; building a highly educated digital workforce; and managing the global IT supply chain.
http://information-security-resources.com/2009/11/11/isalliance-to-release-cyber-security-report/The ISA will release a new cybersecurity report, which proposes frameworks for taking... more
-
-
-
-
Identity theft is preventable. As with any other crime, the risk will always be there. But there are many things people can do to minimize that risk, both online and offline. The National Foundation for Credit Counselors, which sponsors Protect Your Identity Week, has compiled a number of identity theft myths.
http://information-security-resources.com/2009/11/09/ten-common-identity-theft-myths-dispelled/Identity theft is preventable. As with any other crime, the risk will always be there.... more
-
-
A Rhode Island Hospital was fined $150,000 after a surgeon operated on the wrong finger of a patient, and now the hospital must install video cameras in all of its operating rooms. Of course video surveillance will not PREVENT such incidents from happening, but knowing such recordings are being made will likely make surgeons much more careful…
http://information-security-resources.com/2009/11/09/hipaa-and-video-surveillance-of-surgery/A Rhode Island Hospital was fined $150,000 after a surgeon operated on the wrong... more
-
-
-
Gwen Morton and Ted Alford have published an excellent economic evaluation of the federal government’s push into cloud computing. Their conclusions acknowledge the value of cloud computing, but also offers some practical considerations.Gwen Morton and Ted Alford have published an excellent economic evaluation of the... more
-
-
Internet Security Alliance (ISA) President Larry Clinton will describe the progress being made in the joint ANSI/ISA project to develop an enterprise wide cybersecurity framework Wednesday afternoon at the 8th Plenary of the Homeland Security Standards Panel in Washington DC.Internet Security Alliance (ISA) President Larry Clinton will describe the progress... more
-
