June 20, 2013

Posts Comments

You are here: Home / Archives for Security / Information Security

Cyber Security Risk: Can Cyber Insurance Cover Your Bets?

November 14, 2012 By Leave a Comment
Photo courtesy of prismrm.com

By: Ben J. Carnevale, Editor One of the more common areas of interest suggested by many of the readers of this website involves the concern of cyber security related risks and the availability (or lack thereof) of cyber insurance options to address this rising risk mitigation topic. Without thinking too long about this major risk management topic, it can certainly be said that data breaches have increased dramatically within the past few years, giving way to new trends within almost every industry sector of business in the U.S. In addition -- and along with their unpredictable nature … [Read more...]

BYOD – Attend Webinar to Build a Business Case of Support

October 23, 2012 By Leave a Comment

The risks associated with employees now bringing their own smartphones, tablets and mobile storage devices to the job remain a topic on the minds of every information security professional in nearly all organizations. While much has been and will continue to be written on this topic, risk management strategies by many CISO’s are still too often trying to develop defenses that reject this trend rather than trying to find ways to embrace this trend as a means to cut costs and improve productivity. In an exclusive case study now being offered in a webinar format, Intel CISO Malcolm … [Read more...]

Data Breach Report Offers State by State Regulation Requirements

October 9, 2012 By Leave a Comment
Photo courtesy of experian.com

Unfortunately, for many U.S. companies facing the reality of data breach occurrences and data breach notifications – i.e. reaching an agreement on what they are and what are you required to do once they occur – remains a very complex topic yet still poses potentially large economic risk(s) when they occur.  Even more to the point, each state and its jurisdiction requirements within the U.S. differs in one way or another on how to legally handle data breach occurrences and the notification requirements that accompany them..  Just as important, even a local or regional business, … [Read more...]

National Cyber Security Awareness Month Designated for October 2012

October 1, 2012 By Leave a Comment
Photo courtesy of friscoisd.com

  Reminder - President Obama designated this October 2012 as National Cyber Security Awareness Month (NCSAM). NCSAM is designed to engage and educate public and private sector partners through events and initiatives with the goal of raising awareness about cybersecurity and increasing the resiliency of the nation in the event of a cyber incident. October 2012 marks the ninth annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security (DHS) in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information … [Read more...]

NIST Releases New Access-Control Systems Evaluation Guidance Document

September 25, 2012 By Leave a Comment
Photo courtesy of govinfosecurity.com

The National Institute of Standards and Technology (NIST) has released an inter agency report (NISTIR 7874) entitled, “Guidelines for Access-Control Systems Evaluation Metrics”, and which report objective is to help access control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each access-control system. This new report extends the information in NISTIR 7316, "Assessment of Access Control Systems", which demonstrates the fundamental … [Read more...]

Sans Institute Offering in Chicago (Oct 27 – Nov 5)

September 19, 2012 By Leave a Comment
SANS INSTITUTE

The SANS INSTITUTE will be hosting a hands-on management, technical security, and advanced forensics training at SANS Chicago 2012 on October 27-November 5. The Institute’s seven top-rated courses taught by SANS top instructors will be held at the spectacular Palmer House Hilton Hotel campus located right downtown. This event offers an opportunity to learn, network, and practice career-boosting hands-on skills in a more intimate setting. This is a great opportunity to take our new and cutting-edge courses; Security 579: Virtualization and Private Cloud Security; Security 642: … [Read more...]

ASIS 2012 — “Driving Security’s Future” — Sept 10-13 Reminder

August 14, 2012 By Leave a Comment
Cost Effort Risk bcpconsult dot com

Many of our readers are involved with risk management and business continuity responsibilities -- especially in the areas of information security and physical security. Many of those same readers will be attending this year’s ASIS 2012 -- 56th annual seminar and exhibits – which is being held at the Philadelphia, Pennsylvania’s Convention Center, and, this posting is a reminder for those readers and at the same time an opportunity to make other readers more aware of this event's offerings. The world is changing every day and ASIS 2012 is changing with it.  By attending ASIS 2012, … [Read more...]

e-Discovery Tips for Multinationals in the Asia Pacific Region

July 25, 2012 By Leave a Comment
Photo courtesy of sonian.com

As many of our readers reflect on the fact that e-Discovery laws are quickly developing and changing around the world, and, that the potential risk for their organization to become involved in a potential e-discovery litigation is increasing over time, our staff would like to reference a recent article written by Wayne Wong entitled, “6 Practical tips for e-Discovery in Asia and the Pacific”. Another reason for referencing Mr. Wong’s article is that it does a good job in summarizing the major points of e-discovery concerns which have been observed in the Asia-Pacific region (APAC) – … [Read more...]

Cyber Crime and Important Trends for 2012

July 18, 2012 By Leave a Comment
Photo courtesy of vpnchoice.com

Cyber crime activities in 2011 marked a year of new advanced threats and an increased level of sophistication in the attacks witnessed around the globe. And in the first six months of 2012 it appears that cyber crime is diverging down a different path as new financial malware variants emerge, cyber criminals find new ways to monetize non-financial data, and continuing variants to more and more hacker-related attacks remind us to be more aware than ever of this old standing adversary. Such concerns have caused our staff to look to the release of a recent whitepaper organized by RSA and … [Read more...]

NIST Releases Updated Mobility Guidance Publication

July 12, 2012 By Leave a Comment
blackberry smartphone

By: Lisa DuBrock, CPA, CBCP It seems that I am spending a lot of time these days talking to clients about managing and securing mobile devices within a business environment --- i.e. whether it’s to define a policy, implement a remote disabling feature, what to do about BYOD (Bring your own device), Tablets, Smartphones, standardization, mobility guidance, etc. -- it is almost dizzying. Well recently NIST published a new mobility guidance document entitled, “Guidelines for Managing and Securing Mobile Devices in the Enterprise” (SP 800-124 Revision 1). Click here to read the … [Read more...]

«Older Posts
Newer Posts»
 
#BusinessContinuity & #DisasterPrep is out! http://t.co/kQAWgR2ySu ▸ Top stories today via @neverfailgroup @MrMahobo @wcdm24 hours ago