Modularizing Multiple Security Functionalities

October 7, 2009 by ADMIN · Leave a Comment

By John M. Salomon, Information Security Consultant

I’m not arguing for an eggshell model of security - crunchy on the outside, squishy on the inside - but it makes things much easier to be able to address an application server’s security requirements without the need to assume that whatever security you implement on an application level is all you will have.

Fighting DDoS Attacks at the ISP Level

September 29, 2009 by ADMIN · 1 Comment

By John M. Salomon, Information Security Consultant

I asked one of the sales guys from a major international backbone provider why they didn’t allocate a small portion of these IPs as tarpits? His response: ”Our mission isn’t to save the Internet.” Honestly though, it should be, it’d be in everyone’s interest to minimize capacity used by worms and bots and free bandwidth that could be used productively for other purposes.

What Are You Worth On The Black Market?

September 24, 2009 by ADMIN · Leave a Comment

From The CCCNews Team

Ever wondered how much your online identity is worth to a cyber criminal? Cyber crime is now larger than the international drug trade. Nearly 10 million people have reported identity theft in the U.S. over the last 12 months and one in four households have already been victimized.

Webinar: The Financial Impact of Cyber Risk

September 22, 2009 by ADMIN · Leave a Comment

From The Internet Security Alliance

Thursday, September 24 at 2 Eastern: ISAlliance & AIA are pleased to offer an exciting FREE webinar: The Financial Impact of Cyber Risk. Virtually every company has calculated the benefits of electronic business into its business plans. Unfortunately, companies often fail to account for the financial downside that may result from cyber security attacks.

Protecting Your Privacy During a Pandemic

September 16, 2009 by ADMIN · 1 Comment

By Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI

Companies are requiring huge amounts of personal information for quarantine events, and not only about workers, but also family members and non-family individuals who share the same living quarters. What kind of information is your company requiring for quarantines?

Internet Security Alliance September Events

September 3, 2009 by ADMIN · Leave a Comment

From The Internet Security Alliance

ANSI Identity Theft Standards Panel webinar “Lessons from the Data Breach at Heartland” by Bob Carr, CEO of Heartland Payment Systems; Carnegie Mellon University Software Engineering Institute Insider Threat Workshop; U.S. Department of Homeland Security Critical Infrastructure and Key Resources; ISAlliance/NIST/DHS VoIP & Unified Communications Automated Security and Assurance Project; IT Sector Coordinating Council Protective Programs and Research and Development (PPRD)…

The Value of a Clear Moral Compass

August 2, 2009 by ADMIN · 1 Comment

By Mike Spinney, CIPP, Privacy Analyst, Ponemon Institute

Here’s a brazen bit of breachery from the Miami Herald: It’s a neat little proposition: for a flat monthly fee, a data broker (of sorts) acquires medical records from a hospital employee and passes them through to a personal injury lawyer for a fee plus a percentage of his lawsuit earnings.

Internet Security Alliance Calendar of Events

August 1, 2009 by ADMIN · Leave a Comment

From The Internet Security Alliance

Review the state of play of cyber security for the government and the private sector, including recommendations on how to create a more productive public-private partnership. Cyber security policies are rapidly expanding, indicating the critical threat faced by any organization using Internet-based technologies. In 2008, the Bush Administration launched the most comprehensive cyber security policy review in the federal government’s history. Soon after taking office, President Obama tasked the National Security Council to review our nation’s cyber security policy. In April, the first major bill calling for broad federal regulations and unprecedented power over private sector cyber systems was introduced in the Senate.

WHO Declares H1N1 Pandemic - Now What?

June 11, 2009 by ADMIN · Leave a Comment

By Bill Brenner, Senior Editor, CSO

On the physical side, private entities should be hammering out a game plan for who would do what and where if the government decided to restrict our movements to contain an outbreak, says Kevin Nixon, an emergency planning expert who has testified before Congress and served on infrastructure security boards and committees including the Disaster Recovery Workgroup for the Office of Homeland Security, and the Federal Trade Commission.

Effective Spin Turns Crisis into Opportunity

May 6, 2009 by ADMIN · Leave a Comment

By Heather Bourgoin, Strategic Alliance Coordinator for Integralis

Responding to a crisis requires confident and decisive action – there isn’t time to crunch numbers or analyze data. Decisions must be made quickly - but not without taking care to ensure that the right message – one that is consistent with the messaging delivered during the normal course of doing business – is conveyed. What you say and do in the hours and days following a crisis speak volumes about your business. There are a few best practices that will help your organization to emerge from a crisis with their brand, not only intact, but stronger.

Next Page »