DHS Open Request For Information (RFI)

From The Internet Security Alliance

The RFI is classified, but in general terms, it seeks information on prospective technical, end-to-end solutions that will help to protect the federal (.gov) cyber domain, and to facilitate cybersecurity improvements affecting the private sector. Registration will remain open until July 22, 2009.

Industry Coalition Develops S-CAP for VoIP

From The Internet Security Alliance

The OMB has already mandated to federal CIO’s that “Information technology providers must use S-CAP validated tools, as they become available, to certify their products do not alter the Federal Desktop Core Configurations, and agencies must use these tools when monitoring use of these configurations.”

Internet Security Alliance Review for July 10

From The Internet Security Alliance

Over 2.7 billion vulnerable programs installed on U.S. computers; Jackson, Fawcett spur Internet fraud; Pro-Iranian regime hackers invade U.S. computers, Xero taken offline by massive U.S. data center failure; Zeus Trojan variant steals FTP login details; ‘Mafiaboy’: cloud computing will cause Internet security meltdown; McAfee glitch causes havoc for IT admins…

ISAlliance Targets Threats to IT Cybersecurity

From The Internet Security Alliance

We need to reduce the risk of accidental or malicious and criminally-funded access to confidential and private information by inside sources such as employees, consultants or business partners that can be used for extortion or other illegal purposes.

Defense Sector Cybersecurity Issues

From The Internet Security Alliance

The current technologies are woefully inadequate. They can deter the average script kiddies but provide little defense against foreign state sponsored attacks and espionage, which represent 5% of the threat responsible for some of the most serious damage. Signature-based intrusion detection, firewalls, and anti virus technologies are all deployed, but they do little to identify or prevent more sophisticated adversaries.

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (114)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (602)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (311)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (588)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (374)
  • Greg George (5)
  • H1N1 (15)
  • hackers (540)
  • healthcare (135)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (536)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (39)
  • Insider Threat (491)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (72)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (502)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (212)
  • national security (454)
  • PCI (309)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (553)
  • Rachel James (10)
  • reach (12)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (503)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (102)
  • Webcast (49)

• ISR Headline Index

  • Why We Did It and Don’t Want Any Money
  • Hackers Lurking in Hotel Networks
  • 7 Month Vulnerability in Windows Virtual PC
  • How to Secure a Cisco Router
  • On HTML Insecurities…
  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs