IT Controls | Maximus Impact

Posts Tagged ‘IT Controls’

National Institute of Standards and Technology (NIST) – Security and Privacy Controls for Federal Information Systems and Organizations

National Institute of Standards and Technology (NIST) – Security and Privacy Controls for Federal Information Systems and Organizations

Latest Daft – Comments on SP 800-53, Revision 4 should be sent by March 1, 2013, to sec-cert@nist.gov.

NIST -Security and Privacy Controls for Federal Information Systems and Organizations

“…Through the process of risk management, leaders must consider risk to US interests from adversaries using cyberspace to their advantage and from our own efforts to employ the global nature of cyberspace to achieve objectives in military, intelligence, and business operations… “

“…For operational plans development, the combination of threats, vulnerabilities, and impacts must be evaluated in order to identify important trends and decide where effort should be applied to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess, coordinate, and deconflict all cyberspace operations…”

“…Leaders at all levels are accountable for ensuring readiness and security to the same degree as in any other domain…”

— THE NATIONAL STRATEGY FOR CYBERSPACE OPERATIONS OFFICE OF THE CHAIRMAN, JOINT CHIEFS OF STAFF, U.S. DEPARTMENT OF DEFENSE

Tags: IT Controls, Performance Measurement, Risk, Risk Management, Security |

Comments Closed

Epsilon Marketing Database Breach – They were warned 4 months earlier

Epsilon partner ReturnPath – which provides monitoring and authentication services to email service providers – warned customers about a series of coordinated phishing and hacking attacks leveled at the mailing list industry. Epsilon failed to take warning Read the rest of this entry »

Tags: Cyber War, databreach, Epsilon, Human Element, IT Controls, Risk, SpearPhishing |

Comments Closed

Epsilon Marketing Database Breach Update 5

More sites added today to the reported Epsilon Marketing Breach. Read the rest of this entry »

Tags: Cyber War, Epsilon, IT Controls, Risk |

Comments Closed

Symantec – Internet Security Threat Report – 2010

Newly Released – a customized version of the Symantec Internet Security Threat Report for 2010.

Symantec Logged 286 Million Threats In 2010… more than 40 percent more mobile vulnerabilities than a year ago.

Download

Tags: Assets, Cyber War, databreach, IT Controls, Risk, SCADA, SQL Injection, Stuxnet, Symantec, XSS |

Comments Closed

Quote of the 20th Century

Insanity: doing the same thing over and over again and expecting different results. ~ Albert Einstein Read the rest of this entry »

Tags: Einstein, IT Controls, Leadership, Quotes |

Comments Closed

HP DVLABS 2010 CYBER Trend-Risk Report

This is an in-depth analysis and attack data from HP DVLabs. Documenting security vulnerabilities and breaches for 2010. The goal of this report is to arm enterprise IT, network and security administrators with information on the attacks targeting their data centers and networks. Read the rest of this entry »

Tags: Assets, Cyber War, databreach, Human Element, IT Controls, Risk, Risk Management, SCADA, SQL Injection, XSS |

Comments Closed

Epsilon Marketing Database Breach Update 3

Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »

Tags: Cyber War, databreach, Epsilon, Human Element, IT Controls, Risk Management |

Comments Closed

Epsilon Marketing Database Breach Update 2

Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »

Tags: Cyber War, databreach, Epsilon, IT Controls, Risk Management |

Comments Closed

Epsilon Marketing Database Breach Update

Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »

Tags: Cyber War, databreach, Epsilon, IT Controls, Risk Management |

Comments Closed

Epsilon Marketing Database Breach

"On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway," Read the rest of this entry »

Tags: Cyber War, databreach, Epsilon, IT Controls, Risk Management |

Comments Closed