Items Tagged with "Enterprise Security"
From the Web
February 23, 2010 from: AEON Security Blog
Cross-Posted from the AEON Security Blog: In today’s blog entry, I bring to you: “Advanced Persistent Errata – Defending The Castle;” in other words, “Blocking ANYONE you damn well choose to block.”
From the Web
February 03, 2010 from: Jeremiah Grossman's Blog
There are several security issues affecting all major Web browsers that have remained unaddressed for years (probably because the bad guys haven’t leveraged them aggressively enough, but the potential is there). The problem is that the only known ways to fix these issues (adequately) is to “break the Web” -- i.e. negatively impact the usability of a significant and unacceptable p...
From the Web
December 30, 2009 from: AEON Security Blog
Recently I stumbled upon the Cloud Security Alliance’s “Security Guidance for Critical Areas of Focus in Cloud Computing V2.1”  and took a quick step back at this statement: Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties. In being fair and logical about my interpret...
December 15, 2009 Added by:Stephen Primost
Planning your application's use of the digital identity is not an after-thought of system architecture. At the least, it might offer the occasional lack of reliable and conflicting information. At the worst, it provides little, if no protection, at all. And like the proverbial little dutch boy, you will be putting fingers in the holes of the dike, attempting to shore up an weak infrastructure with...
December 03, 2009 Added by:Anthony M. Freed
Ssustainable improvements in our collective cyber security posture will stem from a comprehensive understanding of how to effectively motivate all players across our economic landscape to actively engage in proven best-practices in both their business and individual cyber activities...
November 18, 2009 Added by:Anthony M. Freed
"The President is correct in his appreciation of the need to view cyber security as... an economic one as well. In the 21st century - the digital century - economics and security are opposite sides of the same coin. You cannot affect one without impacting the other..."
October 29, 2009 Added by:Mike Cuppett
Start aligning your security strategy to better protect your organization's most critical asset - data. While many security proponents lean toward an outside-in strategy - protect every computer in the company from the outside world first - we really need to understand that the data is the asset that must be protected first and foremost. The outside-in strategy starts at a macro level and ov...
October 28, 2009 Added by:Jim Anderson
Although external forces including economic downturn and market specific slowdowns do have their impact, these external forces alone often cannot explain why information security makes so little progress. This phenomenon is often true even in situations where senior infosec leadership is experienced, holds multiple certifications, and otherwise commands an excellent grasp of the multip...
October 05, 2009 Added by:Jim Anderson
This subject has been simmering for a long time but the events of the unfolding economic crisis and so many colleagues and acquaintances in the industry who have suffered substantially in their efforts to advance information security within their organizations have prompted me to organize my thoughts in this area.
January 25, 2009 Added by:Anthony M. Freed
The company issued statements Friday (1/23) in an effort at damage control in which the CEO compares the potential industry-wide impact of the breach to none other than that of the Tylenol poisonings of some twenty-five years ago that nearly brought down the drug maker...