Perplexities of Enterprise Privacy Policies

February 8, 2010 by ADMIN · Leave a Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

An important consideration with information security incidents is identifying if personally identifiable information - PII - is involved. If it is, then the privacy breach response team needs to be put into action to determine whether or not an actual privacy breach occurred. I’m always interested in hearing the challenges and unique situations they run across as they not only create their plans, but also for how they execute them. Here are three of these situations, often overlooked and not planned for, but experienced by organizations.

Sorting Out Social CRM Options for Business

February 8, 2010 by ADMIN · Leave a Comment

By Dylan Persaud, CTO Forum Team

According to Peter Greenberg, the author of CRM at the Speed of Light, social CRM is a philosophy and a business strategy, supported by a technology platform and designed to engage a customer in a collaborative conversation in order to provide mutually beneficial value in a trusted and transparent business environment…

Police Make Arrests In ATM Skimming Ring

February 7, 2010 by ADMIN · Leave a Comment

By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com

Police believe they may have uncovered an international ATM “skimming” ring responsible for stealing money from hundreds of local accounts. It was not too long ago that I bought an ATM north of Boston from a dude named Bob at a bar and rolled it through the streets of Boston nabbing unsuspecting users who entered their debit cards and PINS. I performed this crazy stunt to demonstrate how easy it is and how vulnerable we are.

Insurance Industry Fights Liability Claims

February 7, 2010 by ADMIN · Leave a Comment

By John Watkins, Attorney with Chorey, Taylor & Feil

In your policy it states quite clearly that no claim that you make will be paid. You unfortunately plucked for our Never-Pay Policy, which if you never claim is very worthwhile - but, uh, you had to claim - and there it is… Monty Python’s Flying Circus, circa 1971

More Talks with Anti-Jihadi Hacker The Jester

February 4, 2010 by ADMIN · 1 Comment

By Anthony M. Freed, Director of Business Development, InfosecIsland.com

Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites. Part one, Q&A With anti-Jihadi Hacker The Jester, elicited both ire and accolades for the cyber-vigilante in nearly equal volume, revealing just how polarizing the issues surrounding ownership, permissions and access have become in this age of information.

Avoiding Enterprise Software Vendor Lock-In

February 3, 2010 by ADMIN · Leave a Comment

By Bozidar Spirovski, CISSP, MCSA, MCP

Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable. This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in.

The FCPA Role In International Acquisitions

February 3, 2010 by ADMIN · 1 Comment

By Thomas R. Fox, Attorney at Tom Fox Law

The recession has lessened and all that cash your Company has been hoarding for the rainy days of the Obama years is burning a whole in your CEO’s pocket. He has his powder dry and is ready to make a big bang by going on a buying spree, targeting overseas entities, to beat the competition in coming out of your industry’s downturn. An initial inquiry should be made into the ownership structure of the target company. If any portion of the entity is owned or held by a government or governmental entity then such an entity is covered under the FCPA as a foreign governmental instrumentality…

Vigilante Hackers as Heroes, but at What Cost?

February 3, 2010 by ADMIN · Leave a Comment

By John-Patrick Skaar, Network Security Expert at Alcatel-Lucent

In the online world where personal information in extremely large volumes is merchandise for organized crime, where law enforcement is more focused on building war-rooms and appointing cyber security tzars, and where everyone leaves a digital footprint, cyber vigilantes have become something like worshiped heroes…

China: Internet Freedom Is Culturally Relative

February 2, 2010 by ADMIN · Leave a Comment

By Richard Stiennon, Chief Research Analyst, IT-Harvest

We have had a few weeks to absorb the implications of wide spread Chinese supported attacks against Google and thirty or so other organizations. The US Secretary of State made one of the most affirmative statements on Internet freedom yet articulated by a government. Various policy analysts have chimed in as well. Some thoughts on what they have said…

Advantages of Data-Focused Risk Assessments

February 2, 2010 by ADMIN · Leave a Comment

By Danny Lieberman, Security Expert and Founder of Software Associates

The detailed reasons why people fail at DLP implementations merits a separate post – but it’s a lot like why over 50% of the content management implementation from vendors never made it to production in the 90s – the root cause was that there was no real business case for the technology. Unlike business processes – data risk cannot be outsourced.

Categories
- Anthony M. Freed (28)
- Bill Brenner (2)
- Bob Violino (1)
- Bozidar Spirovski (22)
- Breach (492)
- Britt Womelsdorf (5)
- By Dr. InfoSec (2)
- Cara Garretson (7)
- CCCNews (1)
- Chorey Taylor & Feil (8)
- Christophe Veltsos (2)
- Christopher Burgess (7)
- CIOZone (24)
- Class Action Lawsuit (109)
- Cloud computing (68)
- Coby Royer (5)
- CTO Forum (8)
- D&O Liability (541)
- Daniel Wallace (5)
- Danny Lieberman (11)
- DataLine (10)
- David Alexander (2)
- Derek Crawford (1)
- Doug Pollack (6)
- due diligence (251)
- Fame Foundry (1)
- FEATURE ARTICLE (398)
- Financial (526)
- Fred Leland (7)
- Gene Kim (3)
- Government (334)
- Greg George (3)
- H1N1 (15)
- hackers (481)
- healthcare (94)
- Heather Bourgoin (1)
- HomeATM (8)
- identity-theft (478)
- IDExperts (16)
- Ike Z. Devji (1)
- Insider Threat (435)
- Internet Crime Complaint Center (1)
- Internet Security Alliance (40)
- ISR News (315)
- Jacqueline Herships (1)
- Jenni Hesterman (3)
- John M. Salomon (2)
- John Watkins (7)
- John-Patrick Skaar (1)
- Kaliber Data Security and Compliance Consultants (3)
- Kat Sanders (2)
- Ken Leeser (3)
- Kevin L. Jackson (10)
- Kevin M. Nixon (22)
- Laton McCartney (6)
- Laura Wilson (14)
- Lauren Taylor (1)
- Linda McGlasson (1)
- malware (446)
- Mark Wright (1)
- Mel Duvall (3)
- Michael Eggebrecht (2)
- Michael Lohr (1)
- Michael O'Conner (4)
- Mike Duncan (3)
- Mike Meikle (3)
- Mike Spinney (1)
- Military (174)
- national security (402)
- PCI (268)
- PCI Security Standards Council (30)
- Physical Security (11)
- privacy (496)
- Rachel James (10)
- Rebecca Herold (16)
- Richard Stiennon (27)
- Robert Siciliano (30)
- Sarbanes-Oxley (443)
- ScamStop (2)
- Sean Wilkins (2)
- Semyon Dukach (1)
- Simon Heron (14)
- Software Associates (11)
- Steven Fox (19)
- SUPERAntiSpyware (3)
- Sybase (6)
- Symplified (5)
- The Jester (4)
- The Privacy Professor (16)
- Thomas R. Fox (4)
- Tom Groenfeldt (2)
- Tom McLain (2)
- Trefis (6)
- Tripwire (18)
- Uncategorized (579)
- virtualization (57)
- Webcast (31)

Information Security Resources