SecurityRatty: tag: asset

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop

...assets." You can't do risk management if you don't know your assets Risk management requires that you know your assets, that on some level you understand the vulnerabilities surrounding your assets, the threats against those, and efficacy of the countermeasures you would like to use to separate the threat from the asset. But it starts with...

Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space

Davidson Companies illegal network intrusion exposes clients

2008-02-01 14:51:54 by Evan Francen in The Breach Blog

...assets are fine Evan] Not really, I think of a Social Security number is an asset, an information asset. Just as important as protecting financial or physical assets is protecting information assets The computer hacker accessed information on 226,000 current and former clients, Burchard said With the investigation ongoing, it would be...

Tags: davidson, clients, davidson companies president, davidson companies clients, sensitive personal information, davidson login page, personal information, davidson companies, davidson trust

Vulnerability Events

2008-03-30 17:20:05 by JonesJ in RiskAnalys.is

...asset is newly exposed to threat elements, either because the threat elements are new to its landscape or it enters a threat landscape it didnt exist in before (more on this in a second Regardless of the cause, whenever available force becomes greater than the ability to resist, you have what can be referred to as a vulnerability event i.e.,...

Tags: vulnerability, relative term, term, loss events occur, loss events, vulnerability events matter, loss, actual loss, relative term requires

Building a Security Architecture Blueprint

2008-05-16 09:26:55 by Gunnar Peterson in 1 Raindrop

...asset (in many cases it *is* the business), yet the typical enterprise approach to securing the information or even risk management, is rarely strategic. Last year, I wrote a Security Architecture Blueprint paper to describe one framework for putting a strategic context around information security program. The main idea is that instead of...

Tags: security architecture, security architecture blueprint, security, security architecture capabilities, blueprint, information security program, information, post, grc post

In Security & Compliance, it's all about the 'I'

2008-07-25 00:00:00 by John McDonald in Speaking of Security, the RSA Blog and Podcast

...asset that is important to our organization, and that asset is almost always information. This basic truth can be most effectively illustrated by considering what drives the daily requirements of our work - compliance

Tags: security, information security, information, seemingly trivial aspect, security trade, job description, basic truth, primary driver, asset

Software Security Market

2008-08-25 13:18:59 by Gunnar Peterson in 1 Raindrop

...Asset Value 39.5 billion 98 billion Security Investment 900 Million 150 Million Security Investment as a percentage of asset value 2.28 0.15 This table greatly disturbs me. From a prioritization standpoint The People's Republic of Information Security is misaligned by orders of magnitude. Next time you read about a data breach, or see an...

Tags: software, software security market, software security sectors, space, tools space, compare software security, software security sherpas, software security space, software security

CEP is Not Low Latency Messaging, EAI or ESB

2008-09-03 12:31:49 by Tim Bass in The Complex Event Processing Blog

...asset classes. Not only is this a confluence of events, its a stunningly complicated environment in which to create a complex, real-time model in which to apply simple routing decisions. On this basis alone, SOR needs CEP Connecting to many market feeds with multiple asset classes might be complicated, but complicated connections are an EAI...

Tags: cep, cep technology, low latency, modern day sor, feeds, myriad feeds, sor, vendorsin capital markets, capital markets

Scary criminal activity and data theft

2008-11-12 15:28:00 by Manu Namboodiri in Data Protection, Management and Leakage

...asset. One has to protect the asset itself - in this case the data. If the data itself is always encrypted, at rest as well as in motion (even when it is grabbed of the computer by malware), we might have a shot at preventing this Else we are putting our collective heads in the sand thinking that encrypting the laptop drive or USB device is...

Tags: data, larger data breaches, grab data, answer lies, recent article, collective heads, intellectual property, asset, criminals

Is That a Coffee Table or a Munition?

2008-11-25 12:40:20 by Gunnar Peterson in 1 Raindrop

...asset protection eventually compromised the most important asset of all - strategic advantage So what's a better model? I am partial to think about these sorts of problems as free trade agreements. Each integration point should have a set of policies, and enforcement mechanisms that also include compensating transactions For example, did...

Tags: coffee table, technology, american technology, free trade agreement, trade, space technology, french telco issues, common coffee table, information security policies

SOA Security in Real Life

2008-11-30 17:29:17 by Gunnar Peterson in 1 Raindrop

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo