Security Management Strategies for the CIO-
Merger management: How to handle potential merger threats to security
During a merger, management of information security becomes even more crucial in order to mitigate threats, including the many new insiders and attentive attackers that want to take advantage of ho...29 Oct 2010
-
user account provisioning
User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensu...28 Oct 2010
-
CISSP practice quiz: Information security, enterprise risk management
In this CISSP practice quiz, learn more about information security and enterprise risk management in order to prepare for and pass the CISSP exam.28 Oct 2010
-
SecTor 2010: Mobile application security flaws a repeat of past mistakes
Developers of mobile applications are repeating many of the same coding errors that desktop coders and Web application coders made years ago, according to two security experts.28 Oct 2010
-
PCI SSC finalizes PCI DSS 2.0
Version 2.0 of PCI DSS will take effect in January and won't receive changes for three years.28 Oct 2010
-
PCI 2.0 guide: How have PCI compliance requirements changed?
In this PCI 2.0 learning guide, you will learn how the PCI compliance requirements have changed, if those changes have improved the standard and how the changes will affect your enterprise's compla...28 Oct 2010
-
PCI 2.0: Changes aren't drastic, but don't address card brand autonomy
In this first look at the changes in PCI DSS version 2.0, expert Diana Kelley says most compliance programs won't be drastically affected, but some of the standard's key shortcomings remain.28 Oct 2010
-
PCI DSS 2.0: PCI assessment changes explained
PCI DSS expert Ed Moyle explains how the changes in PCI DSS 2.0 will affect companies during the PCI assessment process.28 Oct 2010
-
Google antimalware efforts rely on website malware detection
A member of Google's antimalware team revealed how the search engine giant combs billions of webpages for hidden malware downloads.27 Oct 2010
-
Cybersecurity risk assessment: a basic framework
Federal security managers are wrestling with meeting the challenge of a rapid escalation in the number, severity and complexity of threats. Risk management is at the heart of their efforts to meet ...26 Oct 2010
-
Smishing: How to protect enterprises from SMS fraud
Learn more about protecting enterprises from smishing, or SMS fraud, in this expert response from Nick Lewis.26 Oct 2010
-
Bredolab Trojan botnet crippled by Dutch cybersecurity teams
Police took over the command-and-control servers responsible for sending orders to Bredolab, a notorious spam botnet known for spreading rogue antivirus programs.26 Oct 2010
-
How to perform a third-party risk assessment for compliance
Afraid of non-compliant business partners? Learn how to perform a third-party risk assessment to prevent non-compliance.26 Oct 2010
-
PCI tokenization guidance nearing completion
A guidance document outlining the use of tokenization in payment environments is due out in late November.25 Oct 2010
-
How to install an OSSEC server on Linux and an OSSEC Windows agent
Learn how to install the free, host-based intrusion detection system OSSEC, with step-by-step instructions on setting up an OSSEC Linux server with an OSSEC Windows agent.25 Oct 2010
-
Certified Information Systems Auditor (CISA)
The Certified Information Systems Auditor (CISA) is a certification issued by the Information Systems Audit and Control Association (ISACA).22 Oct 2010
-
Microsoft's Internet access control plan deserves a chance
Microsoft is pushing a plan to prevent consumer computers from spreading malware. Senior Site Editor Eric B. Parizo says it's an idea that enterprise infosec pros should support.22 Oct 2010
-
Adobe warns of critical Shockwave Flash Player zero-day
The vulnerability could be exploited by an attacker to cause a crash and take control of a victim's system.22 Oct 2010
-
cybercrime
Cybercrime is a term for any illegal activity that uses a computer as its primary means of commission.21 Oct 2010
-
Attackers getting creative, thwarting botnet detection, research finds
The Georgia Tech Information Security Center Emerging Cyber Threats Report outlines the increasing sophistication of botnets, mobile attacks and related cybersecurity issues.21 Oct 2010
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central