May 26, 2013

Posts Comments

You are here: Home / Archives for network security

NIST Offers Free Download of SP 800-53, Rev 4

May 9, 2013 By Leave a Comment
Photo courtesy of www.livehacking.com

The National Institute of Standards and Technology (NIST) has now made available the Final Release of SP 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations – representing the most comprehensive update to the security controls catalog since its inception in 2005. This update was motivated primarily by the expanding occurrences of cyber security threats – looking at the increased sophistication of those cyber-attacks; the growing frequency of such attacks; the professionalism of the attackers, and the persistence of targeting by … [Read more...]

Cyber Attacks and Critical Infrastructure Protection

January 14, 2013 By Leave a Comment
SCADA en dot wikipedia dot org

If your company is classified as a critical infrastructure facility, and, your disaster preparedness team is looking for updates on the status of cyber attack threats against industrial control systems, our staff recommends adding a copy of a recent report entitled “Malware Infections in the Control Environment " (ICS-CERT, December 2012)  to your company’s cybersecurity threats related reading resource library. This Department of Homeland Security (DHS) report revealed that industrial control systems, which are used to monitor and control critical infrastructure facilities, were hit … [Read more...]

Security Snafus — The Worst of 2012 So Far…

December 14, 2012 By Leave a Comment
Sharing is Not Stealing

As portrayed at a recent protest in central Brussels via a photo credited to REUTERS / Yves Herman depicts a protester wearing a Guy Fawkes mask (symbolic of the hactivist group Anonymous), the first six (6) months of 2012 ranged from the embarrassing hack of a conversation between the FBI and Scotland Yard to an overabundance of data breaches. (Click here to view more details).  Click here to view those security snafus for the rest of the year. Ellen Messmer, a writer for Network World, has recently posted a gathering of the worst security snafus organized by month of 2012 inclusive … [Read more...]

BYOD – Attend Webinar to Build a Business Case of Support

October 23, 2012 By Leave a Comment

The risks associated with employees now bringing their own smartphones, tablets and mobile storage devices to the job remain a topic on the minds of every information security professional in nearly all organizations. While much has been and will continue to be written on this topic, risk management strategies by many CISO’s are still too often trying to develop defenses that reject this trend rather than trying to find ways to embrace this trend as a means to cut costs and improve productivity. In an exclusive case study now being offered in a webinar format, Intel CISO Malcolm … [Read more...]

NIST Releases New Access-Control Systems Evaluation Guidance Document

September 25, 2012 By Leave a Comment
Photo courtesy of govinfosecurity.com

The National Institute of Standards and Technology (NIST) has released an inter agency report (NISTIR 7874) entitled, “Guidelines for Access-Control Systems Evaluation Metrics”, and which report objective is to help access control experts improve their evaluation of the highest security access-control systems by discussing the administration, enforcement, performance and support properties of mechanisms that are embedded in each access-control system. This new report extends the information in NISTIR 7316, "Assessment of Access Control Systems", which demonstrates the fundamental … [Read more...]

Free Webcast Offered on Strategic Directions for Network Security 2012

May 2, 2012 By Leave a Comment

As part of the SC Magazine’s on going webcast series – SC Magazine 20/20 -- a free (registration required) webcast will be offered Tuesday, May 22nd at 2:00 PM EST / 11:00 am PST.  The title of this webinar is “Beyond the Next Generation Hype: Strategic Directions for Network Security”. As networks grow more complex, the process of securing and managing endpoints, applications and confidential information has become a stiffer challenge than ever before. The attackers know most organizations are like Swiss cheese when it comes to finding a way in and then exporting out sensitive … [Read more...]

Security Central Exchange Launched to Bring Security Minded People Together to Improve Their Security Posture

April 25, 2012 By Leave a Comment
Photo courtesy of homebiz-supermarket.com

The distinguishing lines and points of differences between physical and technical or network security are becoming harder to find – in fact, the convergence of these areas of security disciplines has been happening at an accelerated rate for nearly ten years. And, given the escalation of threats facing many companies today, there is a strong belief that this continued convergence of security disciplines may in fact be causing potentially new challenges for businesses, consumers and the “average person” having to respond to such security related  risks or threats in a timely … [Read more...]

ENISA “Procure Secure” Report Offers Guidance on Cloud Service Provider Decisions

April 5, 2012 By Leave a Comment
Photo courtesy of ENISA

The European Network and Information Security Agency (ENISA) has recently released a new guidance report entitled “Procure Secure: A Guide to Monitoring of Security Service Levels in Cloud Contracts” which should be a valuable reading resource for all information and/or network security and risk management team members. Marnix Dekker, who co-authored the report states, "Organizations have started switching from running systems internally to outsourcing and using cloud services. So the skills and focus of IT staff have to change."  This guidance document is full of valuable information … [Read more...]

Hacker “Yama Tough” Threatens Release of Source Code for Norton’s Antivirus Software

January 16, 2012 By Leave a Comment
Photo courtesy of reuters.com

For our readers who utilize Norton’s Antivirus software applications as part of their organization’s information security plans, be aware of a story recently released on the Reuters’ news related website announcing that “Hackers are to release full Norton Antivirus code on Tuesday”. It appears that a hacker who goes by the name of “Yama Tough” is threatening to release the full source code for Symantec Corp’s flagship Norton Antivirus software. Click here to read more about this developing story as reported by Frank Jack Daniel. If applicable, please pass this … [Read more...]

New Survey Results Question Actual Cyber Security Preparedness Levels in U.S. SMB’s

October 24, 2011 By Leave a Comment
Cybersecurity-__

According to a recently released survey this October, the majority of U.S. small and mid-sized business owners believe Internet security is critical to their success and that their companies are safe from ever increasing cyber security threats yet almost eighty percent (80%) have no formal cyber security policies in place within their organizations.  Could these findings indicate that many, if not most, U.S. SMBs suffer from a false sense of preparedness and awareness of just what levels of cybersecurity reality actually exist withing their organizations? A high level summary of a few of … [Read more...]

«Older Posts
 
#BusinessContinuity & #DisasterPrep is out! http://t.co/kQAWgR2ySu ▸ Top stories today via @Nisar_eBRP @Scott_eBRP @AARPMD6 hours ago