Security Management Strategies for the CIO-
SCADA system, critical infrastructure security lacking, survey finds
IT and security executives at firms that own critical infrastructure facilities are concerned about the lack of security protecting underlying management systems from attack.28 Jan 2010
-
Test a security architecture design without an IT security consultancy
While IT security consultancies can be helpful when trying to find flaws in an information security management framework, there are ways to do it without spending the money.28 Jan 2010
-
MA 201 CMR 17 enforcement less likely with prompt reporting, cooperation
The official charged with enforcing the MA 201 CMR 17 data protection law says early reporting of potential breaches and cooperation will help firms avoid enforcement action.28 Jan 2010
-
Creating a password-reset program with corporate text messaging
Learn how to use corporate text messaging as the cornerstone of an enterprise password-reset program in this expert response from Randall Gamby.27 Jan 2010
-
No major PCI DSS revision expected in 2010
The next revision of PCI DSS will contain clarifications, but no major revisions, according to Bob Russo, general manager of the PCI Security Standards Council.27 Jan 2010
-
Cloud computing in 2010: Be ready for risk management challenges
As our tip series continues, Michael Cobb predicts some risk management challenges in 2010 as more companies get caught with their head in the 'cloud.'27 Jan 2010
-
PCI QSAs, certifications to get new scrutiny
The PCI Security Standards Council now has a team of five reviewing PCI assessments for inconsistencies and has increased funding for its QSA oversight program.26 Jan 2010
-
Data breach costs continue to rise in 2009, Ponemon study finds
A Ponemon Institute study of 45 businesses found data breach costs increased last year to $204 per compromised record, a rise of $2 per customer record over 2008 costs.25 Jan 2010
-
How to use TrueCrypt for disk encryption
Learn how to use TrueCrypt to create an ecrypted drive on a Windows PC, as well as how to create a hidden drive within a drive as an additional data protection measure.25 Jan 2010
-
Stay or jump ship? How to be happy with your infosec job
Don't leave your job just yet. Lee Kushner and Mike Murray suggest ways to maximize your role and stay satisfied with your career path.25 Jan 2010
-
How to reduce PCI DSS security scope for an audit
PCI DSS audits can be a lot easier if the scope is narrow. Learn how to consolidate and store sensitive data in order to best reduce PCI DSS security scope.21 Jan 2010
-
Preparing for future security threats, evolving malware
Security expert Nick Lewis predicts how infosec threats will evolve in 2010. Luckily, enterprise defenses will evolve, too.21 Jan 2010
-
PhoneFactor bolsters authentication using voiceprint identification
The telephone-based out-of-band authentication vendor adds voice recognition technology for banks, government agencies.21 Jan 2010
-
Adobe issues alert on Shockwave Player 3D graphics flaws
Vulnerabilities could allow an attacker to infect victims with malware and take control of an infected machine.21 Jan 2010
-
Microsoft issues critical security update, blocks IE 6 attacks
Eight critical vulnerabilities in Internet Explorer were repaired in Microsoft's rushed security update. All supported versions of IE are affected.21 Jan 2010
-
Security architects fear savvy botnet attacks, IPv6 security issues
Arbor Networks Inc. survey finds angst over botnet attacks targeting underlying systems, including DNS, load balancers and other back-end infrastructure.20 Jan 2010
-
Microsoft to release emergency Internet Explorer update
Patch will block ongoing attacks targeting Internet Explorer 6. Exploit code is available targeting all versions of IE.20 Jan 2010
-
Microsoft emergency IE update to block latest corporate attacks
Patch being released Thursday repairs multiple flaws in Internet Explorer, including a zero-day vulnerability being exploited in ongoing attacks against corporate users.20 Jan 2010
-
Security compliance predictions for 2010: New regulations, new technology
What will 2010 hold for security compliance? Security management expert David Mortman discusses HITECH, changes to PCI and cloud computing compliance strategies for the new year.19 Jan 2010
-
Password security vaults: Is SSO authentication better?
Password security vaults may be able to aid users in remembering many different passwords, but are they the most secure solutions? IAM expert Randall Gamby gives his recommendations on setting pass...19 Jan 2010
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central