Monday, 21 May 2012
Security best practices
Conquer the challenges of enterprise information security management with helpful information and advice on corporate governance and regulatory compliance; risk management; information security standards; security frameworks; and online user security, privacy and policies.
Sub-Topics
Covers regulatory compliance management and planning, including training and "how to" information on Sarbanes-Oxley, HIPAA, FFIEC, PCI Data Security Standard and data breach notification.
Browse the articles and tips in this section for the latest information on how to provide end user security.
Information security governance is a subset discipline of corporate governance focused on information security systems and their performance and risk management.
Information security policies are a special type of documented business rule for protecting information and the systems which store and process the information. Within an organization, these written policy documents provide a high-level description of the various controls the organization will use to protect information.
News, advice and education on information security standards like ITIL, ISO 17799, COBIT and Six Sigma, and applying them to information security program management and governance.
News, advice and commentary on legal and ethical topics such as CAN-SPAM, CALEA, information security legislation, vulnerability disclosure, intellectual property, electronic records and more.
Information security industry trends and forecasts from research firms and analysts, and predictions on hot technologies and market futures from industry experts.
Enterprise risk management includes the methods and processes used by organizations to manage risks related to the achievement of their objectives. It provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress.
Security is in the news quite a lot these days and security professionals can come here to see what the industry's top executives, researchers, analysts and hackers have to say.
Browse the articles and tips in this section for the latest information on how to get the best value and protection from security vendors and resellers.
List Topic Article
Highlights
No one can deny that the BYOD (Bring Your Own Device) trend is accelerating unabated. Increasingly, workers are picking the platform of their choice rather than accept an IT standard issue device, and paying for their own smartphones and monthly plans. As a result, more and more organizations are opening up their networks to non-corporate devices, and are seeing everything from iPads to the latest Android gadget walk through their doors.
This white paper examines the changing threat landscape, how the nature of security threats has evolved, and the potential financial impact across vertical markets and organizations of all sizes. This paper will explain why advanced targeted attacks have been extremely effective at breaking through traditional network security and enabling the massive data breaches and intellectual property thefts that are keeping CISOs awake at night.
More than a year into its bring-your-own-device program, MasterCard Worldwide continuously assesses the security technology and policies that allow 30 percent of its employees worldwide to use their personal iPhones, iPads and Android devices at work.
In the first quarter of 2011 10 new families and variants of Android malware were discovered. A year later this has nearly quadrupled to 37 families while in the same period the number of malicious APK files (malware types used in specific attacks) has risen from 137 to 3,063.From Angry Birds to angry users.
The module aims to give enterprises the ability to identify, organize and maintain trust relationships of applications, user and service accounts to their respective target SSH servers.
