http://information-security-resources.com Part of the Infosec Island ™ Network Tue, 09 Feb 2010 04:47:22 +0000 http://backend.userland.com/rss092 en Rebecca Herold (The Privacy Professor) CIPP, CISSP, CISM, CISA, FLMI An important consideration with information security incidents is identifying if personally identifiable information (PII) is involved. If it is, then the privacy breach response teamneeds to be put into action to determine whether or not an actual privacy breach ... http://information-security-resources.com/2010/02/08/perplexities-of-enterprise-privacy-policies/ By Dylan Persaud, CTO Forum Team What does the term Social CRM mean? According to Peter Greenberg, the author of CRM at the Speed of Light, social CRM is a philosophy and a business strategy, supported by a technology platform and designed to engage a customer in a collaborative conversation in order ... http://information-security-resources.com/2010/02/08/sorting-out-social-crm-options-for-business/ By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com Police believe they may have uncovered an international ATM “skimming” ring responsible for stealing money from hundreds of local accounts. Izaylo Hristov, 28, of Ontario, Canada, a Bulgarian citizen, was arrested at an ATM in the Boston area along with ... http://information-security-resources.com/2010/02/07/police-make-arrests-in-atm-skimming-ring/ By John Watkins, Attorney with Chorey, Taylor & Feil “In your policy it states quite clearly that no claim that you make will be paid. You unfortunately plucked for our Never-Pay Policy, which if you never claim is very worthwhile - but, uh, you had to claim - and there it ... http://information-security-resources.com/2010/02/07/insurance-industry-fights-liability-claims/ By Anthony M. Freed, Director of Business Development, InfosecIsland.com Anti-jihadi hactivist The Jester (th3j35t3r), the self-proclaimed Nicest Hacker in the World, has returned for part two of our conversation concerning his campaign of intermittent disruption of militant pro-jihad websites. Part one, Q&A With anti-Jihadi Hacker The Jester, elicited both ire and accolades ... http://information-security-resources.com/2010/02/04/more-talks-with-anti-jihadi-hacker-the-jester/ By Bozidar Spirovski, CISSP, MCSA, MCP Large enterprises rely on software products. And as everything else in large enterprises, the software products are large, complex, cumbersome and nearly unchangeable. This last attribute is better known as vendor lock-in. Software vendors love vendor lock-in. Here is a definition borrowed from Wikipedia: Vendor lock-in, also known ... http://information-security-resources.com/2010/02/03/avoiding-enterprise-software-vendor-lock-in/ By Thomas R. Fox, Attorney at Tom Fox Law The recession has lessened and all that cash your Company has been hoarding for the rainy days of the Obama years is burning a whole in your CEO’s pocket. He has his powder dry and is ready to make a big bang by ... http://information-security-resources.com/2010/02/03/the-fcpa-role-in-international-acquisitions/ By John-Patrick Skaar, Network Security Expert at Alcatel-Lucent In the online world where personal information in extremely large volumes is merchandise for organized crime, where law enforcement is more focused on building war-rooms and appointing cyber security tzars, and where everyone leaves a digital footprint, cyber vigilantes have become something like ... http://information-security-resources.com/2010/02/03/vigilante-hackers-as-heroes-but-at-what-cost/ By Anthony M. Freed, Director of Business Development, InfosecIsland.com We have had a few weeks to absorb the implications of wide spread Chinese supported attacks against Google and thirty or so other organizations. The US Secretary of State made one of the most affirmative statements on Internet freedom yet articulated by a ... http://information-security-resources.com/2010/02/02/china-internet-freedom-is-culturally-relative/ By Danny Lieberman, Security Expert and Founder of Software Associates At a meeting with one of our clients recently– the question of business case for data loss prevention came up quite strongly. It started with the client saying that they were hearing that while vendors like Symantec and Websense were getting a ... http://information-security-resources.com/2010/02/02/advantages-of-data-focused-risk-assessments/ From PRWeb WireHead SecurityTM Signs Partnership with North Carolina Higher Education Group Agreement Offers NCICU Members Discounts on High Quality Information Security Professional Services and Consulting Raleigh, NC (PRWEB) February 2, 2010 -- WireHead SecurityTM, an information security services firm providing customers with solutions to strengthen internal security and risk management, today announced ... http://information-security-resources.com/2010/02/02/wirehead-security-partners-with-ncicu/ By Mike Meikle, CEO at Hawkthorne Group In working with various clients on the topic of security, a common theme has emerged. Management and employees still labor under the perception that fraud is still the purview of unorganized individuals with an axe to grind against a ... http://information-security-resources.com/2010/02/01/faas-the-emergence-of-fraud-as-a-service/ By Robert Siciliano, ID Theft Expert and Security Consultant to Intelius.com I love my dog, 60lb German Shepherd. Small for a GS, she was the runt. I’ve always rooted for the underdog. The underdog has more heart, more passion and they try harder. My GS is a perfect example.  She’s my ... http://information-security-resources.com/2010/02/01/pet-lovers-are-target-of-latest-online-scams/ By Simon Heron, CISSP Internet Security Analyst There needs to be a change to email security if we want to stop seeing high profile security breeches such as the ones that hit Hotmail and Google in 2009, and the America law firm Gipson Hoffman & Pancione more recently. The pattern of the ... http://information-security-resources.com/2010/01/31/behavioural-based-email-security-systems/ By Sean Wilkins, Contributor at CIOZone In December, Cisco Systems announced that it would be acquiring ScanSafe, a Software-as-a-Service (SaaS) web security provider. The interest of Cisco Systems is rather clear as they are continuing to build on their existing appliance based product lines which they acquired through their purchase of IronPort ... http://information-security-resources.com/2010/01/31/web-security-from-a-new-perspective/