Fatal System Error - Be Afraid, Be Very Afraid

By Richard Stiennon, Chief Research Analyst, IT-Harvest

It is hard to believe upon reading Menn’s account that the night before Barrett had excused himself from the rehearsal dinner to secretly pass off a key fob with a digital audio recorder that he had used to capture a day’s worth of conversation with one of the Prolexic partners to an FBI agent waiting around the corner in a dark sedan…

The 80/20 Rule for Information Security

From The Team at MicroSolved

MicroSolved, Inc. (MSI) has developed the 80/20 Rule of Information Security that proposes the concept that 80% of an organizations’ real information security comes from only 20% of the assets and effort put into the program. These 13 security projects will give your organization the most effective information security coverage for the least expenditure of time and resources. These projects, once completed, should allow CIO’s to create an effective, efficient, and standards-based approach to information security…

SyferLock GridGuard Live On Infosec Island

Press Release

Infosec Island, the new community for IT and information security professionals, today announced that its new enhanced authentication service based on the SyferLock™ GridGuard™ solution, is now live. Deploying this technology provides Infosec Island members with the option to login with a very high level of security for confidential business, personal or security-related communications. SyferLock’s GridOne authentication is available on Infosec Island to all registered members, and membership is free.

How A Security Company Applies Security

By Larry Ketchersid, Chairman and CEO at MediaSourcery

Similar to security assessments, network architecture designs and other projects, a development project, such as this one involves the exchange of confidential data, including in this case, intellectual property designs, requirements documents, test plans, code fragments and road maps. We could have chose to exchange these documents over email, or printed them out and sent them next day parcel post. Instead, we ate our own dogfood and utilized IslandPKI encrypted document and message transfer…

Top Cyber Defense Vendors to Watch in 2010

By Richard Stiennon, Chief Research Analyst, IT-Harvest

The security industry is poised for its biggest upheaval ever in 2010. While defense contractors move into the space (redubbed “cyber”), and the big players adjust their product portfolios by making strategic acquisitions and large IT vendors (HP) break into the space, there are many small companies offering innovative products and services. Here is a list of just a few that are on IT-Harvest’s rada…

ISA Presents Melissa Hathaway With Award

From The Internet Security Alliance

The Internet Security Alliance presented Melissa Hathaway with its annual award for vision in cyber security Tuesday during an event at the National Press Club. Hathaway, the Obama Administration’s former acting cyber security chief, received the McCurdy Award on the one-year anniversary of when she began her 60-day review of the government’s cyber security program. ISA believes that Hathaway’s work, if implemented, would result in the establishment of a modern partnership between the public and private sectors, which is necessary for an effective and sustainable system of cyber security.

Insurance Industry Fights Liability Claims

By John Watkins, Attorney with Chorey, Taylor & Feil

In your policy it states quite clearly that no claim that you make will be paid. You unfortunately plucked for our Never-Pay Policy, which if you never claim is very worthwhile - but, uh, you had to claim - and there it is… Monty Python’s Flying Circus, circa 1971

China: Internet Freedom Is Culturally Relative

By Richard Stiennon, Chief Research Analyst, IT-Harvest

We have had a few weeks to absorb the implications of wide spread Chinese supported attacks against Google and thirty or so other organizations. The US Secretary of State made one of the most affirmative statements on Internet freedom yet articulated by a government. Various policy analysts have chimed in as well. Some thoughts on what they have said…

Advantages of Data-Focused Risk Assessments

By Danny Lieberman, Security Expert and Founder of Software Associates

The detailed reasons why people fail at DLP implementations merits a separate post – but it’s a lot like why over 50% of the content management implementation from vendors never made it to production in the 90s – the root cause was that there was no real business case for the technology. Unlike business processes – data risk cannot be outsourced.

WireHead Security Partners With NCICU

From PRWeb

WireHead SecurityTM, an information security services firm providing customers with solutions to strengthen internal security and risk management, today announced a partnership agreement with the North Carolina Independent Colleges and Universities (NCICU), under which member institutions can take advantage of discounted service pricing. NCICU is comprised of North Carolina’s 36 private, non-profit liberal arts, comprehensive, and research colleges and universities accredited by the Southern Association of Colleges and Schools.

Next Page »

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (106)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (594)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (303)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (580)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (366)
  • Greg George (5)
  • H1N1 (15)
  • hackers (532)
  • healthcare (127)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (528)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (31)
  • Insider Threat (483)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (64)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (494)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (204)
  • national security (446)
  • PCI (301)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (545)
  • Rachel James (10)
  • reach (4)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (495)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (94)
  • Webcast (49)

• ISR Headline Index

  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!
  • A Newbie’s Introduction to Digital Forensics
  • Security Best Practice: Trust But Verify…
  • Google, Adobe, and Big Oil Under Attack!
  • Building your OWN Malware Lab (Part 2)
  • How Twitter Spam Steals From Google, Yahoo!
  • Tech Stocks Week in Review Featuring iPad
  • DoD Endorses Certification for Hackers

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs