They start with basic questions: Are you a public company? Have you been in any actual or attempted merger, acquisition or divestment within the past two years? How many employees? What percentage of your revenue is international? From there they hone in on the specific controls and safeguards you have in place to secure your data and IT infrastructure. Here are seven areas that the insurance carriers are looking at…
Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
As we all approach the inevitable chaos of the holidays with shopping, company parties, and client gift lists - all on top of Q4 and 2009 reports and wrap ups - please take care care to protect yourself and your family from possible tragedy due to simple oversight...
During this week’s Federal Executive Forum taping, Navy CIO Robert Carey discussed his views on cloud computing. Stating that the NGEN and CANES (Navy Consolidated Afloat Networks and Enterprise Services) programs will both leverage cloud computing, he also describes a future of “grey clouds” on each ship.
Forget about vampires, ghouls and zombies. You were much more likely to receive a fright this year from something lurking in your e-mail. There were the usual crop of Trojan horses and phishing expeditions, and as the surprising list points out, some of the scares go all the way up to White House and the FBI.
According to Sun Tzu, the Tao is the Way – the context that defines how actions are perceived and valued, and management must be able to accurately assess the program in the context of the company’s cultural and political reality. Failure to do this will inevitably create a clash between strategic security plans and the operational activities that enable that vision.According to Sun Tzu, the Tao is the Way – the context that defines how actions are... more
An intruder could eavesdrop on sensitive data sent across the Internet, manipulate the DNS address that redirects traffic from trusted sites to malicious ones, and possibly even infect other routers automatically. Chen says he informed Time Warner’s security department of the hole; they responded that they were aware of the problem but couldn’t do anything about it.An intruder could eavesdrop on sensitive data sent across the Internet, manipulate the... more
I’m not arguing for an eggshell model of security - crunchy on the outside, squishy on the inside - but it makes things much easier to be able to address an application server’s security requirements without the need to assume that whatever security you implement on an application level is all you will have.I’m not arguing for an eggshell model of security - crunchy on the outside, squishy... more
In Estonia the State Department has arranged for a series of meetings/lectures and discussions for Mr. Clinton. In addition to visiting the NATO Center Mr. Clinton will meet with representatives of the Estonian government, private sector entities, law enforcement, university and primary education professionals.In Estonia the State Department has arranged for a series of meetings/lectures and... more
SecurityBinge – a team composed of Chris Martin aka pr4ch, Tim Elrod aka ri0t, and Stefan Morris aka Janus – are forging a video podcast show addressing information security from the hacker’s perspective. Tim and Stefan, the show’s co-hosts, have years of experience both in corporate and hacker circles.SecurityBinge – a team composed of Chris Martin aka pr4ch, Tim Elrod aka ri0t, and... more
Many social media sites are set up so that a participant needs to endorse others in order to gain credibility; however, such endorsements may give the appearance that the company is actually giving the endorsement. Thus, the company has an interest to protect in connection with any social media account used that identifies an employee of the company.Many social media sites are set up so that a participant needs to endorse others in... more
ISAlliance President Larry Clinton, in Estonia by request of the US State Department; Critical Infrastructure Protection (CIP) Congress; ISAlliance/CyLab Webinar; CMU Software Engineering Institute one day course: Creating a Computer Security Incident Response Team; ISAlliance/AIA Webinar; NIST 5th Annual IT Security Automation Conference; Illinois Institute of Technology 5th Annual VoIP Conference & Expo…ISAlliance President Larry Clinton, in Estonia by request of the US State Department;... more
Thursday, September 24 at 2 Eastern: ISAlliance & AIA are pleased to offer an exciting FREE webinar: The Financial Impact of Cyber Risk. Virtually every company has calculated the benefits of electronic business into its business plans. Unfortunately, companies often fail to account for the financial downside that may result from cyber security attacks.Thursday, September 24 at 2 Eastern: ISAlliance & AIA are pleased to offer an exciting... more
How SaaS Cuts The High Costs of Web Access and SSO By 80% with On Demand Identity
This whitepaper explains:
* How identity services eliminates all capital outlays for hardware, software and infrastructure, expenses for support and staffing
* You can reduce the costs of training and integration to reduce identity lifecycle costs by more than 80% from enterprise identity softwareHow SaaS Cuts The High Costs of Web Access and SSO By 80% with On Demand Identity... more
If you own the business, you own the strategy and execution and you can not outsource accountability. Be careful about falling for the siren song of technology – it is there to support your business, not define it.If you own the business, you own the strategy and execution and you can not outsource... more
If you listen to the hype, social media is the answer to all that ails you and your company…if only we could figure out how it all works. Given the omnipresence of social media these days, surely there’s something to it, right?If you listen to the hype, social media is the answer to all that ails you and your... more
The art of utilizing methods combines know how and how to, cognitive awareness and decision making with the physical abilities tactics require, while under pressure, when risk is high and time is critical.The art of utilizing methods combines know how and how to, cognitive awareness and... more
Firewalls must be considered in Risk Management, Data Consolidation, and Change Management. As a business grows, so does the rule set to account for new risks, network segments, and users. If the organization does not understand its risk exposure, such tools are of little use.Firewalls must be considered in Risk Management, Data Consolidation, and Change... more
Given the informal nature of these media, there will be a stronger need to establish guidelines on how to promote products and services and how to defend them, particularly with respect to company-sponsored communications or “official” activities.Given the informal nature of these media, there will be a stronger need to establish... more
This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode Program Manager for ICSA Labs. In this installment, Mr. Hayter highlights the challenges businesses face in mitigating malware-related risks.This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode... more
