SecurityRatty: tag: processes

Constant Patch Releases Forcing New IT Processes

2008-02-25 06:21:54 by Editor in Computerworld Security News

The ongoing release of patches from Microsoft and other large software vendors is forcing IT shops to create new processes to ensure that vulnerabilities are fixed as quickly as possible

Tags: processes, software vendors, ensure, fixed, release, microsoft, vulnerabilities, shops, patches

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle

...processes at Microsoft, and a lot more in the wide world. People sometimes want to argue because they think Microsoft uses the term threat modeling differently than the rest of the world. This is only a little accurate. There is a community which uses questions like whats your threat model to mean which attackers are you trying to stop?...

Tags: threat, threat models, threat model, reasons threat, service threat, term threat, threat effectively, playsound threat model, development process

Henry Ford and Agility (Once you are secured - whats next?)

2008-06-05 14:04:00 by Allen Baranov, CISSP in Security Thoughts

...processes so that Information Processing and hence Business Decision Making can be done with the minimum amount of mess (think maximum amount of CIA The problem with doing this is that Information Security will start to make the business slower and more restricted as processes are followed HOWEVER, and this is where Henry Ford went wrong,...

Tags: information security, information, henry ford, information security nirvana, henry ford lost, processes, tie processes, information flows, business

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management

...processes and operations are a mess, outsourcing them will not solve the problem. It is important to establish security processes and strengthen your operations before you outsource security. Outsourcing may help improve operational control, but the chances of success are increased if the firm has a clear understanding of the processes,...

Tags: security processes, establish security processes, security, processes, security controls, security managers cost, cost, security operations, security services

What can CISOs learn from the Societe Generale debacle

2008-02-19 09:17:17 by Khalid Kark in Security & Risk Management

...processes and has the ability to disable the alarms. It does drive home the point that the insider threat may not be the most popular form of attack, but it usually is the most damaging Monitor privileged access: I have had many conversations with CISOs who are reluctant to monitor their system administrators and privileged access users...

Tags: security, formal security strategy, societe generale, security technology, external security challenges, implement security, access, security products, access users

Can security improve your bottom line?

2008-01-18 16:23:00 by Manu Namboodiri in Data Protection, Management and Leakage

...processes that you will become a more competitive company Notice the emphasis on business processes - this is where the real benefits come in. Security in itself can make you feel safer doing business, but the combined investment in security, infrastructure, business processes etc are what will make you stand out from the competition....

Tags: business, business processes, security, bottom line, real benefits, challenge, harder challenge, benefits, roland cloutier

Nevada Department of Public Safety applicants exposed

2008-03-07 10:20:48 by Evan Francen in The Breach Blog

...processes and procedures is conducted Evan] This seems like a prudent decision There is currently no indication the data that was lost has been used for any unlawful purpose From the Crown, Stanley and Silverman statement The drive contained unencrypted personal information of approximately 300 individuals Evan] The Nevada DPS reports 109...

Tags: personal information, lost personal information, sensitive personal information, nevada, confidential personal information, information, nevada payroll information, nevada department, nevada dps

Risk ROI for Some Provisioning Solutions

2008-04-19 02:22:29 by Erik T. Heidt in Art of Information Security

...processes in favor of electronic requests and work flows Reduction of manual updates in favor of automated entitlement updates All provisioning solution providers strive to have a compelling story for these items. Additionally, these were the focus of the first generation of solutions which emerged in the 90s For the Identity Management...

Tags: information security, information, entitlement, entitlement lifecycle, solutions, systems, risk roi, information security podcast, identity

Sensitive Columbia University student information exposed for 16 months

2008-06-15 23:32:25 by Evan Francen in The Breach Blog

...processes which also does not use Social Security Numbers Evan] Another good move. Automated processes are much less error prone Columbia has arranged for you to receive a free two-year subscription to a credit monitoring service We sincerely apologize for the inconvenience this has caused you If you should have any questions or comments,...

Tags: columbia, information, university, evan columbia university, evan, security, protect social security, personal information, columbia university

A Blast from the Past: CEP at Stanford,1998-2003

2008-07-07 19:20:21 by Tim Bass in The Complex Event Processing Blog

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo