tagged w/ Financial InfoSec
-
-
Clearly communicate that, in fact, there are secrets. Once employees understand that they have a responsibility to protect the enterprise, the chasm between the security professional and the rest of the staff not only shrinks, it disappears. Far too often, security policies arrive as a reaction, as opposed to a proactive management of risk. Through this process, the enterprise will acknowledge security as forethought, not an afterthought.
http://information-security-resources.com/2009/11/19/effective-security-policy-messaging-important/Clearly communicate that, in fact, there are secrets. Once employees understand that... more
-
-
Reading through a Windows security log or any other log can be very difficult and time consuming, so a lot of companies have created their own tools to analyze windows event logs. But before you start going commercial, there is a tool that will get you going without any cost. Against all odds, it’s a tool made by Microsoft!
http://information-security-resources.com/2009/11/19/windows-security-logs-and-ms-log-parser/Reading through a Windows security log or any other log can be very difficult and time... more
-
-
-
“First, the President is correct in his appreciation of the need to view cyber security as not just a technical and security issue, but as an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other.” ~ Congressional Testimony
http://information-security-resources.com/2009/11/18/isalliance-cyber-security-is-economic-issue/“First, the President is correct in his appreciation of the need to view cyber... more
-
-
-
An innovative new investor analytic tool made its public debut today, and it offers an exciting look at what may well be the future of online trading for both market experts and arm-chair analysts alike. Trefis, named for its focus on trends, forecasts, and insights, is revolutionary in its forward-looking approach to stock analysis which, incorporates a more intuitive look at the relationship between a company’s product divisions and its stock price.
http://information-security-resources.com/2009/11/17/innovative-analytic-tool-empowers-investors/An innovative new investor analytic tool made its public debut today, and it offers an... more
-
-
In its recently released Global CIO Study, IBM found that 83% of respondents identified business intelligence and analytics as the best way to help enhance their organizations’ competitiveness. At the company’s Information on Demand conference in Las Vegas, IBM outlined a series of new products and services. It includes tools to analyze the increasing volumes of unstructured data found on Web sites, on social networking sites and in digital files.
http://information-security-resources.com/2009/11/16/new-ibm-analytics-for-business-intelligence/In its recently released Global CIO Study, IBM found that 83% of respondents... more
-
-
Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in the US v. Khan case, and has been the focus of many other cases of procurement fraud within the LOGCAP project. Since combat operations began in 2001, DCAA has referred to criminal investigators 32 cases of suspected fraud that were associated with all wartime-support contracts. Of those, the vast majority were related to the Logistics Civil Augmentation Program.
http://information-security-resources.com/2009/11/16/revolving-door-of-abuse-procurement-fraud/Kellogg, Brown & Root (KBR) was responsible for the kickback fraud that occurred in... more
-
-
-
People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good (not to insult them):
http://information-security-resources.com/2009/11/15/increase-your-information-security-iq/People who generally have to much time on their hands read my posts. Or they simply... more
-
-
Wouldn’t it be a good idea to have privacy certifications for the organizations that are part of the large smart grid and for the smart meters to help ensure they are appropriately addressing privacy and providing households with informed decision-making capabilities for how the information collected from their homes through these devices are used?
http://information-security-resources.com/2009/11/15/fifteen-more-smart-grid-privacy-concerns/Wouldn’t it be a good idea to have privacy certifications for the organizations that... more
-
-
-
Once a predator uses your Internet connection to go to into the bowels of the web, your Internet Protocol address, which is connected to your ISP billing address, is now considered one that is owned by a criminal. If law enforcement happens to be chatting with that person, who’s using your Internet connection to trade lurid porn, then someone may eventually knock on your door at 3 AM with a battering ram. And in freakish and relatively new twist, hackers can use a virus to crack your network and gain remote control access, and then store illicit porn on your hard drive.
http://information-security-resources.com/2009/11/13/what-could-possibly-be-worse-than-a-virus/Once a predator uses your Internet connection to go to into the bowels of the web,... more
-
-
-
These new regulations come at a time when healthcare breaches are on the rise; according to the 2009 ITRC Breach Stats Report healthcare breaches account for over 66 percent of all records breached this year, up from 20 percent in 2008. In fact, some of the largest names in healthcare suffered data breaches.
http://information-security-resources.com/2009/11/12/hitech-act-and-protecting-health-privacy/These new regulations come at a time when healthcare breaches are on the rise;... more
-
-
-
Every organization has some form of Information Security Risk Assessment - some perform a formal risk assessment, others simply use their practical experience. There aren’t that many tools that assist the organization in performing risk assessment. The most widely used one is Excel, but it is far from a good choice.
http://information-security-resources.com/2009/11/11/microsoft-threat-assessment-modeling/Every organization has some form of Information Security Risk Assessment - some... more
-
-
The ISA will release a new cybersecurity report, which proposes frameworks for taking key issues in the Obama Administration’s “Cyberspace Policy Review” document to the next level, in an effort to achieve tangible progress. The report will include frameworks for creating a new, practical model for information sharing; addressing the international nature of cybersecurity issues; developing a market for adopting good security standards and practices; building a highly educated digital workforce; and managing the global IT supply chain.
http://information-security-resources.com/2009/11/11/isalliance-to-release-cyber-security-report/The ISA will release a new cybersecurity report, which proposes frameworks for taking... more
-
-
