Access "Ping: Chrisan Herrod"
This article is part of the August 2005 issue of Betting the house on network anomaly detection systems
The Securities and Exchange Commission may call the shots on SOX, but it can take the bullet like everyone else. Just ask CSO Chrisan Herrod. She's responsible for making sure the agency complies with many of the same standards it enforces. Like any security professional, she has her own war stories, like a recent Government Accountability Office (GAO) report that took SEC to task for not implementing effective electronic access controls. It must be difficult when another agency scrutinizes your compliance controls. [GAO] published a scathing report citing SEC's lack of material controls, but it could never prove there was any financial control problem stemming from a lack of information security controls. In my view, if you have sound controls and sound record keeping, you're taking reasonable steps to comply even if a technological control hasn't been implemented. What is SEC's overall security posture? SEC uses a combination of technology, process and management controls to ensure that we are in compliance with the Federal Information Security Management ... Access >>>
Premium Content for Free.
A Safe Bet?
Network anomaly detection is the newest player at the security table.
Whip your users into shape with security awareness training.
Paper or PKI?
SAFE is a biopharmaceutical industry initiative to standardize credentials for drug discovery. It could save the industry billions.
Learn how to leverage the VLAN as a security tool.
Recent Releases: Security product briefs, August 2005
Learn about the security products released in August 2005.
by Steven Weil, Contributor
Symark Software's PowerKeeper 1.4
- A Safe Bet?
Test labs are the ideal place to check theory against reality.
Hot Pick: Elemental's Elemental Compliance System 1.1
Elemental's Elemental Compliance System 1.1
Identity Management: Trustgenix's IdentityBridge Standard Edition
Trustgenix's IdentityBridge Standard Edition
Wireless security review: Juniper Networks' Netscreen-5GT Wireless
Juniper Networks' Netscreen-5GT Wireless
Hacking Exposed: Network Security Secrets & Solutions
Read a review of the security book Hacking Exposed: Network Security Secrets & Solutions (Fifth Edition).
- Proving Grounds
Ping: Chrisan Herrod
Perspectives: Which security certification best meets your needs?
The pressure is on to earn security certifications to prove your worth.
Publisher's Note: Compliance 2.0
Learn about Compliance 2.0, which involves continuous process improvement.
On The Radar: NIST resources
Help from the Government
- Ping: Chrisan Herrod
More Premium Content Accessible For Free
As more security professionals take on greater roles in global risk management, Global 2000 companies are investing in cybersecurity measures above ...
All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't ...
The Fast Identity Online (FIDO) standards reached the public draft stage in February, and the first deployments of FIDO-ready technologies followed ...