Federal Guides for Social Media Security p.II
By Mike Meikle, CEO at Hawkthorne Group
Once an agency crosses over into social media interactions with other agencies and non-governmental organizations, the guidance gets diluted. The guidelines point to five government agencies, none of which are the definitive resource for social media implementations. These guidelines are a must read for any organization that is considering a foray into the Web 2.0 sphere…
How to Protect Your Social Network Identity
By Mark Smail, CTO at Onix International, Inc.
Over a billion people visited social networking sites such as Facebook and Twitter last month so it’s not surprising that hackers have these sites in their cross-hairs. In fact, according to recent research from Breach Security Labs, social networks were the most targeted category in 2009, accounting for 19% of all malicious attacks last year. By using simple data encryption and password protection tools, you can ensure that your personal information and online identities remain secure and private…
Advantages of Data-Focused Risk Assessments
By Danny Lieberman, Security Expert and Founder of Software Associates
The detailed reasons why people fail at DLP implementations merits a separate post – but it’s a lot like why over 50% of the content management implementation from vendors never made it to production in the 90s – the root cause was that there was no real business case for the technology. Unlike business processes – data risk cannot be outsourced.
FaaS: The Emergence of Fraud as a Service
By Mike Meikle, CEO at Hawkthorne Group
Fraud as a service or FaaS for the acronym collectors, has been a topic of concern for security professionals since 2008. Gone are the days where the primary theft is being perpetrated by the sociopath lone-wolf in the basement. The major player is now organized crime, responsible for 70 percent of online fraud and billions in ill-gotten gains…
IT Expertise Helping In Haitian Recovery
By Steven Fox, Founder of SecureLexicon
As the Haitian people fight for subsistence, the world is responding with food and medical assistance. This tragedy wreaked havoc on a victim unsung by the news media – the telecommunications infrastructure. However, there is a ground-swell in the technical community targeting this need. George Moraetes is among those that have used their skills to help.
How To Valuate Crucial Information Assets
By Danny Lieberman, Security Expert and Founder of Software Associates
Estimating asset value is without doubt the most frequent question we get when it comes to calculating data security risk in monetary terms. A common mistake made by marketeers who work for data security vendors is to estimate the cost of a data security breach as the number of records multiplied by some plug number. The cost of a data security breach to a company is not the same as the cost of a customer data record breach to a customer…
Federal Guidelines for Social Media Security
By Mike Meikle, CEO at Hawkthorne Group
The document’s executive summary rightly categorizes the decision to move to social media as a risk-based decision. The technology behind it all is really no where near as important. As was discussed in the previous post the why is far more important than the how. So, a real business case must be crafted as to why the move into social media is necessary…
Sun Tzu: PCI-DSS and Situational Awareness
By Steven Fox, Founder of SecureLexicon
PCI provides a set of tactics to protect the confidentiality and integrity of data. Applying them appropriately requires situational awareness and knowledge of the company’s core values and strategy. Sun Tzu’s approach at assessing an army’s readiness for battle can be applied to the attaining this knowledge in a business environment…
Is Information Protection Even Possible?
By Danny Lieberman, Security Expert and Founder of Software Associates
The author of a ComputerWeekly article correctly identifies that it’s easier to access data and leak it than it is to modify or delete data. However, the notion that data is out of control in the corporate world is an over-reaction, and does a mis-justice to most businesses.
Why There Will Be No Year Of The Cloud
By Dwayne Melancon, Tripwire’s VP of Corporate and Business Development
Before vast herds of businesses go running to the cloud, they will want to see that others have done it an not been burned. This is classic bell curve stuff - a few will do it, but it will be a while before the majority of the IT organizations use the cloud in any significant way.
