Welcome to SearchSecurity.com's supplement to the latest issue of Information Security magazine. Now that you've read the story in the magazine, continue to explore these topics on SearchSecurity.com.
by Mike Mimoso
This month's issue showed you how Cigna, a large health insurance company, is giving business managers a vested interest in advocating for sound security practices. SearchSecurity.com has important tips on how your company and make business units accountable for security. See why sometimes, all it takes is a simple document to hold management responsible for security and risk. >>CLICK TO READ THE TIP
>> The VP and CISO at Prudential Financial told attendees at Information Security Decisions how to decentralize security responsibility. CLICK TO SEE THE PRESENTATION
>> Read the 20 computer security facts that everyone should know and share with their staff. CLICK TO READ THE FACT SHEET
Everyone agrees that good security policies must be easily understood, implemented and enforced. The following resources will complement the tips found in Information Security magazine for closing the policy gap on a user and management level. This checklist helps you determine whether your security policy is on target.
>>CLICK TO GET THE CHECKLIST
>> Get advice on how to write policies for easier implementation and higher compliance. View policy guru Charles Cresson Wood's presentation from Information Security Decisions. CLICK TO VIEW THE PRESENTATION.
>> Read how to tailor your security policies to comply with SOX 404. CLICK TO READ THE TIP
Take your battle against spyware to the browser by attending a webcast with Windows hardening expert Jonathan Hassell. He shares tactics for locking down Internet Explorer against browser-based malware.
>> CLICK TO PREREGISTER FOR THE WEBCAST
PING with Karen Worstell
by Amber Plante
The Microsoft CISO discusses how she keeps Redmond and its products secure.
>>CLICK TO READ THE INTERVIEW
Passwords are dead -- What's next?
Enterprises have a lot of authentication options these days. But how reliable many of them are is the source of much debate. First, learn how to prevent authentication bypass attacks by reading this valuable tip.
>> Explore the future of ID management and authentication. Is two-factor authentication failing? See why Bruce Schneier thinks so and then add your two cents. CLICK TO READ THE ARTICLE
>> See why it may be too soon to sound the death knell for passwords. CLICK TO READ THE ARTICLE
Go to school for FREE
Go to Web Security School where you'll learn how to harden a Web server and apply countermeasures to prevent hackers from breaking into a network. Study at your own pace and learn how to implement security policies and test a Web site's security, as well as how to handle a breach should the unspeakable happen. This course consists of an entrance exam, three lessons and a final exam. You'll also find handy checklists that you can download and use on the job. All of these resources are available on-demand so you can learn at your convenience. Through our agreement with (ISC)², all CISSP and SSCP participants who attend the school webcasts can earn one CPE credit.
This was first published in June 2005