IT Expertise Helping In Haitian Recovery
By Steven Fox, Founder of SecureLexicon
As the Haitian people fight for subsistence, the world is responding with food and medical assistance. This tragedy wreaked havoc on a victim unsung by the news media – the telecommunications infrastructure. However, there is a ground-swell in the technical community targeting this need. George Moraetes is among those that have used their skills to help.
Sun Tzu: PCI-DSS and Situational Awareness
By Steven Fox, Founder of SecureLexicon
PCI provides a set of tactics to protect the confidentiality and integrity of data. Applying them appropriately requires situational awareness and knowledge of the company’s core values and strategy. Sun Tzu’s approach at assessing an army’s readiness for battle can be applied to the attaining this knowledge in a business environment…
ROI and the InfoSec Value Statement
By Steven Fox, Founder of SecureLexicon
A value statement connects a project or investment to the mission and values of the organization and there are cases were value overrides financial ROI. A cogent value statement combined with a best-effort ROI can enhance both the bottom line and the security posture of the company by identifying the operational conditions for success.
Sun Tzu and the Tao of the Organization
By Steven Fox, Founder of SecureLexicon
According to Sun Tzu, the Tao is the Way – the context that defines how actions are perceived and valued, and management must be able to accurately assess the program in the context of the company’s cultural and political reality. Failure to do this will inevitably create a clash between strategic security plans and the operational activities that enable that vision.
The Truth About Regulatory Compliance
By Steven Fox, Founder of SecureLexicon
Given the business impact of regulations like PCI DSS, Sarbanes Oxley, and GLBA, this is understandable. While savvy business leaders understand the limitations of these guidelines, there are among us less enlightened individuals who view these as a cure for organizational security issues.
PANEL: Sun Tzu and the InfoSec Battlefield
By Steven Fox, Founder of SecureLexicon
Panelists include Joseph J. McKernan, Director of Security Engineering for Verizon Business; Kent Nabors, VP of Information Security for a Financial Institution; and Dennis Thibodeaux, Director of Digital Forensics for the American College of Forensic Examiners Institute.
Black Hat: Articulating the Value of Security
By Steven Fox, Founder of SecureLexicon
How do we market security? The cyber-bullies among us might still use Fear, Uncertainty, and Doubt. While this may produce short term acquiescence, that approach ultimately alienates us from the decision makers. Ultimately, security professionals must identify what is valuable to the business and then associate the need for security with those assets
The Hacker Perspective on Cyber Security
By Steven Fox, Founder of SecureLexicon
SecurityBinge – a team composed of Chris Martin aka pr4ch, Tim Elrod aka ri0t, and Stefan Morris aka Janus – are forging a video podcast show addressing information security from the hacker’s perspective. Tim and Stefan, the show’s co-hosts, have years of experience both in corporate and hacker circles.
Business Risk Exposure and Firewall Efficacy
By Steven Fox, Founder of SecureLexicon
Firewalls must be considered in Risk Management, Data Consolidation, and Change Management. As a business grows, so does the rule set to account for new risks, network segments, and users. If the organization does not understand its risk exposure, such tools are of little use.
Anti-Malware Strategy Crucial for Businesses
By Steven Fox, Founder of SecureLexicon
This is the first part of my Black Hat interview with Andrew D. Hayter, Anti-Malcode Program Manager for ICSA Labs. In this installment, Mr. Hayter highlights the challenges businesses face in mitigating malware-related risks.
