Twitter Feed
    Share

    Posts Tagged ‘IT Controls’

    National Institute of Standards and Technology (NIST) – Security and Privacy Controls for Federal Information Systems and Organizations

    Latest Daft – Comments on SP 800-53, Revision 4 should be sent by March 1, 2013, to sec-cert@nist.gov.

    NIST -Security and Privacy Controls for Federal Information Systems and Organizations

    “…Through the process of risk management, leaders must consider risk to US interests from adversaries using cyberspace to their advantage and from our own efforts to employ the global nature of cyberspace to achieve objectives in military, intelligence, and business operations… “

    “…For operational plans development, the combination of threats, vulnerabilities, and impacts must be evaluated in order to identify important trends and decide where effort should be applied to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess, coordinate, and deconflict all cyberspace operations…”

    “…Leaders at all levels are accountable for ensuring readiness and security to the same degree as in any other domain…”

    — THE NATIONAL STRATEGY FOR CYBERSPACE OPERATIONS OFFICE OF THE CHAIRMAN, JOINT CHIEFS OF STAFF, U.S. DEPARTMENT OF DEFENSE

    Share
    Epsilon partner ReturnPath – which provides monitoring and authentication services to email service providers – warned customers about a series of coordinated phishing and hacking attacks leveled at the mailing list industry. Epsilon failed to take warning Read the rest of this entry »
    More sites added today to the reported Epsilon Marketing Breach. Read the rest of this entry »

    Newly Released – a customized version of the Symantec Internet Security Threat Report for 2010.

    Symantec Logged 286 Million Threats In 2010… more than 40 percent more mobile vulnerabilities than a year ago.

    Download

    Share
    Insanity: doing the same thing over and over again and expecting different results. ~ Albert Einstein Read the rest of this entry »
    This is an in-depth analysis and attack data from HP DVLabs. Documenting security vulnerabilities and breaches for 2010. The goal of this report is to arm enterprise IT, network and security administrators with information on the attacks targeting their data centers and networks. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway," Read the rest of this entry »