Loading ...
BlogInfoSec.com Sponsors
BlogInfoSec.com Partners
-
Recent Comments
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
- john doe on An Analysis of the Privacy Rights Clearinghouse “Chronology of Data Breaches” and Implications for Information Security Professionls (pt. 1)
- Adam Shostack on PCI DSS Position on Patching May Be Unjustified
- Jens Laundrup on PCI DSS Position on Patching May Be Unjustified
- Kris on Medical Identity Theft: Your Money or Your Life
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Tag Archives: incident
Intentional Security Blindness
April 29, 2008 – 6:00 am
–
In previous columns I talked about two types of employees, contractors, and the like who could cause your organization harm through poor security practices resulting in loss of data, money, or trade secrets, etc. The first type were people who caused such losses inadvertently through security…
Security and Change (pt. 3): White Knights
April 21, 2008 – 6:00 am
–
There are many events that are disruptive to business operations and about which you generally know well in advance. Such events include all manner of IT and business process outsourcing, friendly and hostile mergers and acquisitions, the relocation, consolidation and dispersion of facilities,…
Security and Change (pt. 2): Black Swans
April 14, 2008 – 6:00 am
–
Remember Y2K? It was the meltdown that never happened. Well, I have news for you. It could well have been a catastrophe. We really did avert it. I speak as someone who spent the Y2K weekend holed up at the Government’s command center in a nondescript building in downtown Washington, DC.…
Security and Change (pt. 1): Blackouts
April 7, 2008 – 6:00 am
–
My next three columns are about change, how change, whether it be accidental or intended, can affect security, and how security might impact change.
This first column is about relatively commonplace events, such as power failures, snowstorms, hurricanes, tornadoes, fires, and floods. The second…
