Access "Ping: Chrisan Herrod"
This article is part of the August 2005 issue of Betting the house on network anomaly detection systems
The Securities and Exchange Commission may call the shots on SOX, but it can take the bullet like everyone else. Just ask CSO Chrisan Herrod. She's responsible for making sure the agency complies with many of the same standards it enforces. Like any security professional, she has her own war stories, like a recent Government Accountability Office (GAO) report that took SEC to task for not implementing effective electronic access controls. It must be difficult when another agency scrutinizes your compliance controls. [GAO] published a scathing report citing SEC's lack of material controls, but it could never prove there was any financial control problem stemming from a lack of information security controls. In my view, if you have sound controls and sound record keeping, you're taking reasonable steps to comply even if a technological control hasn't been implemented. What is SEC's overall security posture? SEC uses a combination of technology, process and management controls to ensure that we are in compliance with the Federal Information Security Management ... Access >>>
Premium Content for Free.
A Safe Bet?
Network anomaly detection is the newest player at the security table.
Whip your users into shape with security awareness training.
Paper or PKI?
SAFE is a biopharmaceutical industry initiative to standardize credentials for drug discovery. It could save the industry billions.
Learn how to leverage the VLAN as a security tool.
Recent Releases: Security product briefs, August 2005
Learn about the security products released in August 2005.
Symark Software's PowerKeeper 1.4
- A Safe Bet?
Test labs are the ideal place to check theory against reality.
Hot Pick: Elemental's Elemental Compliance System 1.1
Elemental's Elemental Compliance System 1.1
Identity Management: Trustgenix's IdentityBridge Standard Edition
Trustgenix's IdentityBridge Standard Edition
Wireless security review: Juniper Networks' Netscreen-5GT Wireless
Juniper Networks' Netscreen-5GT Wireless
Hacking Exposed: Network Security Secrets & Solutions
Read a review of the security book Hacking Exposed: Network Security Secrets & Solutions (Fifth Edition).
- Proving Grounds
Ping: Chrisan Herrod
Perspectives: Which security certification best meets your needs?
The pressure is on to earn security certifications to prove your worth.
Publisher's Note: Compliance 2.0
Learn about Compliance 2.0, which involves continuous process improvement.
On The Radar: NIST resources
Help from the Government
- Ping: Chrisan Herrod
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...