SEARCH RESULTS
 
Showing 1-10 of 222 records
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...resources to allow controls to be effective 2) The board of directors must provide oversight at a level above other business managers. The directors role in information security is to ask managers the right questions and encourage the right results. Directors must set the right tone at the top, communicating to executive management the...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Personal information stolen from Georgia DHR

The Article has images
2008-03-27 15:51:45 by Evan Francen in The Breach Blog
...Resources Victims Current and former employees Number Affected Unknown Types of Data names, social security numbers, birth dates, home contact and federal tax information Breach Description The Georgia Department of Human Resources is taking extensive measures to alert current and former employees of a breach of confidential records that...
 
Tags: georgia dhr, dhr, georgia, information, agency, agency urges employees, georgia law, georgia department, employees
 
 
 
 
Expand article

Virtual Security = Virtual Performance Challenge

2008-02-14 18:24:44 by John Peterson in Security In The Virtual World
 
...resources have been UNDER utilized. People have traditionally bought a server to host an application and those applications are not always in use. Many times they sit idle while other servers are maxed out and could use the help of those idle CPU's on the server in the next rack. So, by sharing CPU/Memory resources virtualization allows for...
 
Tags: security, symantec security applications, network, network based security, security detail, reflex vsa product, reflex, perimeter security, security application
 
 
 
 
Expand article

Virtual Security = Virtual Performance Challenge

2008-02-14 18:24:44 by John Peterson in Security In The Virtual World
 
...resources have been UNDER utilized. People have traditionally bought a server to host an application and those applications are not always in use. Many times they sit idle while other servers are maxed out and could use the help of those idle CPU's on the server in the next rack. So, by sharing CPU/Memory resources virtualization allows for...
 
Tags: security, symantec security applications, network, network based security, security detail, reflex vsa product, reflex, perimeter security, security application
 
 
 
 
Expand article

Security Consultant Hacks: Size Matters

2007-12-20 05:16:07 by Bill in Grumpy Security Guy
 
...resources within their specialities. Typically these are 1-5 person shops that are fairly niche focused, maybe they specialize in Web Application Security , secure development, or PCI audits Advantages : If you are using them in an engagement that is their speciality you are going to get a lot of bang for your buck. Prices are generally in...
 
Tags: security consultant, security consultant hacks, security, web application security, security consultants, consultants, grumpy security guy, medium shops, employ
 
 
 
 
Expand article

Measuring Vulnerability

The Article has images
2008-04-14 14:31:38 by JonesJ in RiskAnalys.is
...resources to defeat the applications security This works as a quick-and-dirty solution, and in many cases is good enough. Read on if youre interested in a somewhat more involved approach Uncertainty Unfortunately, in the real world we usually dont know Which threat agent is going to act next What their capabilities are, or What our resistance...
 
Tags: threat capability curve, capability, human capability, human threat capability, describe control strength, control strength, capability curve, threat community capability, control
 
 
 
 
Expand article

Product Vendor's sloppiness vs. Hacker's intelligence

2007-01-08 07:01:06 by RaviC in Musings on Information Security
 
...resources Hacker does not have access to the source code in most cases. Hacker does not have all the details about the functional design, architecture, bugs, future roadmap Et. Al. Pragmatically speaking, a hacker is trying to break into a blackbox with limited resources There is a clear information asymmetry between a vendor and a hacker....
 
Tags: vendor, hacker, product, product vendors, resources, functional design, information asymmetry, valuable resources, product offerings
 
 
 
 
Expand article

Rhode Island Dept. of Administration can't find HR disk

The Article has images
2008-03-24 15:36:58 by Evan Francen in The Breach Blog
...resources records including Social Security numbers Breach Description A state computer disk containing the social security numbers of nearly 1,400 people has been reported missing Reference URL SouthCoast Today WPRI Eyewitness News Report Credit Associated Press Response From the online sources cited above A state computer disk...
 
Tags: disk, rhode island, lost disk, computer disk, social security, administration, human resources records, department, wpri eyewitness news
 
 
 
 
Expand article

Microsoft SDL Process in detail

2008-04-09 19:13:00 by sdl in The Security Development Lifecycle
 
...resources into getting this published (props to Ziv Fass and Jed Pickel As you can probably guess, this is not an exact duplication of the SDL for a number of reasons but its pretty darn close. Given that caveat, allow me to illustrate a few points about this guidance First, we have gone through and removed Microsoft specific jargon,...
 
Tags: sdl, microsoft sdl, sdl process, microsoft, sdl guidance, guidance, secure, secure software development, development
 
 
 
 
Expand article

Stolen Griffin Electric laptop exposes employee information

The Article has images
2008-04-11 11:40:02 by Evan Francen in The Breach Blog
...Resources employees had their home broken into which involved a theft of personal items, along with a password protected company laptop computer and company health plan insurance invoices. The theft occurred over this past weekend Reference URL The New Hampshire State Attorney General breach notification Report Credit The New Hampshire...