- The importance of using the correct platform for your applications
Trojan infected ATMs were discovered on Eastern Europe this year, first in Russia and later this month same problems were spotted in other cities.
- The Infamous Admin Rights
Either you are in charge of a small business or part of the IT group with networks consisting of hundreds of servers, you face some similarities in certain areas of the business structure, one of them
- A Closer Look to Microsoft's IIS WebDAV Vulnerability
Just weeks ago, on May 18th, Microsoft released their Security Advisory 971492 (1), on the vulnerability regarding Internet Information Services, which is Microsoft web server solution.
- Crowdsourcing Payment Security
In my inaugural post to this blog, I wrote about many of the religious wars that break out today regarding payment security and specifically PCI.
- OpenID Publishes Security Best Practices
A set of security best practices were recently published via wiki for users, providers, and relying parties of OpenID.
- Our Need For Security Intelligence
No I am not speaking of military intelligence, but rather, business intelligence within a security context.
- June’s Patching Inferno
The month is over, patching is past and we are not saved. June 2009 may have been one of the busiest months of the year for information security officers with patch and vulnerability management oversight
- A Race To The Silicon
Addressing the emerging threat of low-level hardware attacks. How would you do it?
- Building A Culture of Preparedness
How much is your organization doing to prepare personnel for emergencies?
- Why Don't You Take Care of That?
I’ll begin my blog here on CSO with this quick introduction and then I’ll dive in. My background has encompassed more than 25 years in information systems and security. Wait, are you reading the right blog, here?
- The Art of CIO Success
A June 3rd, 2009 Midwest Technology Leaders panel discussion explored the attributes critical to landing a CIO job. Interestingly, Sun Tzu attributed many of these qualities to the leader of an army – The General.
- Countering Auditor Deception
A cross-industry survey of 150 IT managers and technical staff showed that 20% of that population either admitted to cheating on an IT audit or knew someone that did. This blog post explores some basic ways to detect these attempts at auditor deception.
- Ernst & Young Consulting Challenge - The E&Y perspective
This blog post discusses the skills and qualities tested in the E&Y Information Assurance Consulting Challenge.
- Tone Resonates Throughout an Organization: Be Sure It's the Right Note
When executives say the right things and act in ways which show clear support for security, then they are setting the right tone for the organization.
- Server Virtualization and Control Contexts
Keep your data safe in a dynamic datacenter.
- Cloud Computing: Making the Right Choices
Don't be swayed by cloud-related FUD. Educate yourself and your team, assess risk, and make a decision based on business value.
- Hi (Rand) malware messages on Facebook today
Facebook malware of the day: If you get a message from a Facebook friend that says Hi (Rand), steer clear. It's malicious.
- Clear's privacy policy:
A look at Clear's privacy policy
- Clear may sell customer data
People are justifiably worried about what may happen to the data they entrusted to Clear, the TSA-approved Registered Traveler company. Now clear has finally said something about what it plan to do.
- Adam Perlman - Jew, Christian, Muslim - Terrorist
Gadahn, a 'reformed' heavy metal rocker has perfected his Arabic over the years
- FTP - Full Time Permanent loss of data
Using FTP at the edge continues to enhance reputations
- Violation of National Sovereignty
Should cyber security incursions of our sovereignty be kept secret or should they be announced as a physical incursion would be announced?
- Watch Your Language: Rebuilding The Case for Cybersecurity
Bottom line, with all of the ID Theft, fraud and hacker stories, why are they cutting my security budget? Gaining executive support for cybersecurity requires us to use the same words that our leaders use.
- The Next Chief Risk Officer: Are You Sure?
What are the top ten business risks around the world? Aon Corporation worked with leading organizations in more than 40 countries across 31 industries late last year to answer that question. I think the results will surprise most CSOs and CISOs. More than that, your career plans may be impacted.
- Life After CISO
It's now official. I have changed technology roles and permanently moved offices within Michigan Government. I am now the Chief Technology Officer (CTO) and Director of Infrastructure Services. After almost seven years as Michigan's first CISO, I took an acting role as CTO in January, when Pat Hale left government and became CTO for Sparrow Health System. After successfully navigating the interview process, the "acting" has been removed. Looking back, here are a few memories and perspectives from across the hall.
WEBCAST
Gartner Video: Best Practices for Web Application Security and Compliance
Faced with the growing threat of hacker attacks, how do you protect your data and your corporate reputation while increasing revenue?
WHITE PAPER
Email Continuity: Don't Know What You've Got Till it's Gone
Today, more email is being sent and attachment sizes are becoming larger. This means that security, archiving, and continuity systems must be able to scale easily. Learn to manage your email better…
