tagged w/ FTP server
-
Estimating asset value is without doubt the most frequent question we get when it comes to calculating data security risk in monetary terms. A common mistake made by marketeers who work for data security vendors is to estimate the cost of a data security breach as the number of records multiplied by some plug number. The cost of a data security breach to a company is not the same as the cost of a customer data record breach to a customer…
http://information-security-resources.com/2010/01/13/how-to-valuate-crucial-information-assets/Estimating asset value is without doubt the most frequent question we get when it... more
-
-
-
Are companies assuming that a data security breach is cheaper than security? If PCI is a failure, it is not because it doesn’t prevent credit card theft; there is no such animal as a perfect set of countermeasures. PCI is a failure because it does not force a business to use it’s common sense and ask practical, common-sense business questions.
http://information-security-resources.com/2009/12/10/data-breaches-show-pci-dss-ineffective/Are companies assuming that a data security breach is cheaper than security? If PCI is... more
-
-
I recently saw an article entitled Compliance is the New Security Standard. The basic thesis of the blog post was that since companies have to spend money on compliance, they might as well spend the money once and rename the effort “security”. This is an interesting notion – although perhaps “placebo security” might be a cheaper approach. Compliance is not equivalent to security for several fundamental reasons…
http://information-security-resources.com/2009/10/28/pci-compliance-does-not-equal-security/I recently saw an article entitled Compliance is the New Security Standard. The basic... more
-
-
The root cause of application security vulnerabilities is usually design bugs, and often there are implementation defects. The empirical data showed that software bugs accounted for over 55% of the contributing vulnerability to the event (see the Business Threat Modeling study).The root cause of application security vulnerabilities is usually design bugs, and... more
-
-
People and their employers are unwilling to discuss the details of security events that happened, their security vulnerabilities, the damage in dollars was actually caused, how the events were discovered, how the threats that exploited the vulnerabilities were mitigated and most importantly – how well their current security products perform.People and their employers are unwilling to discuss the details of security events... more
-
-
It’s almost a cliche to say that the security and compliance industry has done a poor job in preventing data breaches of over 245 million personal records in the past 5 years. Fragmentation of knowledge leads to waste and duplication, as well as frustrating, expensive and sometimes dangerous experiences for companies facing a data loss event.It’s almost a cliche to say that the security and compliance industry has done a... more
-
-
This is the 8th anniversary of the Al Queda attack on the US in New York on 9/11/2001. The world today is more connected, more always-on, more accessible…and more hostile. There are threats from Islamic terror, identity theft, hacking for pay, custom spyware, mobile malware, money laundering and corporate espionage. For those of us working in the fields of risk management, security and privacy, these are all complex challenges in the task of defending a business.This is the 8th anniversary of the Al Queda attack on the US in New York on 9/11/2001.... more
-
