-
Recent Comments
- Bouch on Who’s In Charge Here? The Problem of Information Security Governance
- SecurityExec on Who’s In Charge Here? The Problem of Information Security Governance
- dustin on Patent No. 7,124,197: ARP Poisoning Hack!
- Rob on Agility and Risk Compensation: Exploring the Connection
- Navin on Why Information Security Professionals Should Learn Texas Hold ‘em Poker
Tags
agility algorithms application security assessment awareness Awareness / Education awareness instruction awareness training bloginfosec Annoucements Books on InfoSec breach incidents Budgeting for Security business continunity CIA triad CISO CISO savvy CISO skills COBIT Coding Securely / SDLC compliance Conferences / Events / Meetups contingency plans counterfeit counterfeit equipment data breaches data breach notification laws data classification digital signature disaster recovery education Encryption end-point security equipment Exploit Code / Malware facebook fake FBI featured FFIEC Forensics / Incidents FUD FUD Theater GLBA governance government Gramm-Leach-Bliley hackers hash HIPAA honeynet honeypot identity management identity theft IDM incident Industry Commentary Information security Interviews ISACA Jobs in Information Security Johnny Long KPMG law leadership Legal & Regulatory Issues malicious insider malware metrics nation states network News Commentary No Tech Hacking OWASP Patching PCI Penetration Testing perimeter Phishing Policies and Procedures Privacy Privacy Rights Clearinghouse Reverse Engineering risk Risk Analysis risk management ROI ROSI SB 1386 Security security awareness Security Breaches self-awareness Social Engineering soft skills Solutions / Workarounds SPAM spotlight successful behaviors Tools training Uncategorized Virtual Trust Viruses / Worms vulnerability assessment Vulnerability Commentary Vulnerability Disclosure Wireless Wireless Client Wireless Discussion Wireless Security Wireless Vulnerability Discussion
Tag Archives: Security Breaches
Bad Behavior - Thoughts on the Malicious Insider
May 30, 2008 – 6:00 am
–
Following every high-profile insider security breach, there is usually a slew of vendors who will triumphantly point out that, had they installed their product, the victim company would have avoided the whole painful problem. The adverse publicity, the implementation of new Draconian controls,…
Human Fallout and the Security Impact of the Sub Prime Crisis
May 13, 2008 – 6:00 am
–
By now everyone heard of, or should I say felt, the impact of the Sub-prime crises on the economy as a whole and on US financial institutions. In particular, the big banks have been affected by having to write off billions of dollars in losses.
In order to help restore their balance sheets, these…
Looking Through the Wrong End of the Telescope
April 2, 2008 – 6:00 am
–
At this point in time most companies have done at least a reasonable job of keeping the bad guys out. They probably have a firewall, Anti-Virus, URL filtering and some sort of centralization and viewing capability, whether home grown scripts or a commercial product. Many also have implemented…
An April Fool’s Day Challenge: Ways to Spoof POGO.com
April 1, 2008 – 1:30 pm
–
I thought this was a funny April Fool’s Day prank:
A few nights ago I layed the ground work for my prank. I told her the government has been cracking down on gambling sites and taking them off-line. She said she wasn’t worried because POGO was just games and not really gambling. I…
Loading ...



If You Can’t Protect Your Website, How Can You Protect The Country?