Access "Ping: Chrisan Herrod"
This article is part of the August 2005 issue of Betting the house on network anomaly detection systems
The Securities and Exchange Commission may call the shots on SOX, but it can take the bullet like everyone else. Just ask CSO Chrisan Herrod. She's responsible for making sure the agency complies with many of the same standards it enforces. Like any security professional, she has her own war stories, like a recent Government Accountability Office (GAO) report that took SEC to task for not implementing effective electronic access controls. It must be difficult when another agency scrutinizes your compliance controls. [GAO] published a scathing report citing SEC's lack of material controls, but it could never prove there was any financial control problem stemming from a lack of information security controls. In my view, if you have sound controls and sound record keeping, you're taking reasonable steps to comply even if a technological control hasn't been implemented. What is SEC's overall security posture? SEC uses a combination of technology, process and management controls to ensure that we are in compliance with the Federal Information Security Management ... Access >>>
Premium Content for Free.
A Safe Bet?
Network anomaly detection is the newest player at the security table.
Whip your users into shape with security awareness training.
Paper or PKI?
SAFE is a biopharmaceutical industry initiative to standardize credentials for drug discovery. It could save the industry billions.
Learn how to leverage the VLAN as a security tool.
Recent Releases: Security product briefs, August 2005
Learn about the security products released in August 2005.
by Steven Weil, Contributor
Symark Software's PowerKeeper 1.4
- A Safe Bet?
Test labs are the ideal place to check theory against reality.
Hot Pick: Elemental's Elemental Compliance System 1.1
Elemental's Elemental Compliance System 1.1
Identity Management: Trustgenix's IdentityBridge Standard Edition
Trustgenix's IdentityBridge Standard Edition
Wireless security review: Juniper Networks' Netscreen-5GT Wireless
Juniper Networks' Netscreen-5GT Wireless
Hacking Exposed: Network Security Secrets & Solutions
Read a review of the security book Hacking Exposed: Network Security Secrets & Solutions (Fifth Edition).
- Proving Grounds
Ping: Chrisan Herrod
Perspectives: Which security certification best meets your needs?
The pressure is on to earn security certifications to prove your worth.
Publisher's Note: Compliance 2.0
Learn about Compliance 2.0, which involves continuous process improvement.
On The Radar: NIST resources
Help from the Government
- Ping: Chrisan Herrod
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...