Twitter Feed
    Share

    Posts Tagged ‘Risk Management’

    National Institute of Standards and Technology (NIST) – Security and Privacy Controls for Federal Information Systems and Organizations

    Latest Daft – Comments on SP 800-53, Revision 4 should be sent by March 1, 2013, to sec-cert@nist.gov.

    NIST -Security and Privacy Controls for Federal Information Systems and Organizations

    “…Through the process of risk management, leaders must consider risk to US interests from adversaries using cyberspace to their advantage and from our own efforts to employ the global nature of cyberspace to achieve objectives in military, intelligence, and business operations… “

    “…For operational plans development, the combination of threats, vulnerabilities, and impacts must be evaluated in order to identify important trends and decide where effort should be applied to eliminate or reduce threat capabilities; eliminate or reduce vulnerabilities; and assess, coordinate, and deconflict all cyberspace operations…”

    “…Leaders at all levels are accountable for ensuring readiness and security to the same degree as in any other domain…”

    — THE NATIONAL STRATEGY FOR CYBERSPACE OPERATIONS OFFICE OF THE CHAIRMAN, JOINT CHIEFS OF STAFF, U.S. DEPARTMENT OF DEFENSE

    Share
    Security researchers decided to cancel a planned demonstration of security holes in industrial control systems from Siemens following requests from the German manufacturer and a security response team. Read the rest of this entry »
    Sony's restoration of services of its PlayStation Network and Qriocity Networks over the weekend didn't go as smooth as company officials had hoped... #epicfail Read the rest of this entry »
    Security updates available for Flash Player, RoboHelp, Audition, and Flash Media Server... When is Adobe going to take Security seriously? Read the rest of this entry »
    Network security firm WatchGuard Technologies released a list of social media at highest risk of corporate network security.
    .... IT administrators can now choose to allow, block or restrict access to applications by department, job function, time and day, as well as create usage reports.
    Read the rest of this entry »
    This is an in-depth analysis and attack data from HP DVLabs. Documenting security vulnerabilities and breaches for 2010. The goal of this report is to arm enterprise IT, network and security administrators with information on the attacks targeting their data centers and networks. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    Many Security Experts believe that the Epsilon breach will lead to an increase in “spear phishing” attacks, those that take advantage of known trust relationships between corporations and customers by crafting personalized messages that address recipients by name, thereby increasing the apparent authenticity of the email. Read the rest of this entry »
    "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway," Read the rest of this entry »