Risk assessments metrics and frameworks
- March 26, 2009
Companies need to spend more time refining security policies to align them with business objectives.
- March 23, 2009
SWFScan analyzes Adobe Flash to identify dozens of source code errors.
- March 12, 2009
A former national cybersecurity czar says risk models used by security organizations often lead to a faulty understanding of threats and flaws, and a misallocation of resources.
- March 05, 2009
Two firms certified to conduct PCI assessments have been placed into the PCI Council's remediation program for violating the QSA Validation Requirements.
- February 24, 2009
Though a payload hasn't been issued, the Conficker worm reminds security professionals to be actively protecting the network from attacks.
- February 16, 2009
While IT pros should evaluate their ongoing security processes and technologies, security vendors need to make an assessment of their overall value and adjust the business accordingly.
- February 10, 2009
The economy is forcing companies to accept more risk, but a new report offers tips to showcase the value of the security team.
- January 27, 2009
Archer's acquisition of Brabeion indicates convergence in the IT GRC market. Compliance and trend to risk management bode well for GRC companies' in wake of economic meltdown.
- January 14, 2009
State will demand software makers certify their software does not contain the coding errors listed in the CWE/SANS Top 25 Dangerous Programming Errors.
- January 12, 2009
A new list of common programming errors could give non-experts the ability to demand higher coding standards.
- December 24, 2008
An NSS Labs test of six business products yield disappointing results.
- December 04, 2008
A Carnegie Mellon University report illustrates the lack of understanding boards of directors have when it comes cybersecurity risks and their impact on overall business.
- November 19, 2008
Old-world risk assessment doesn't cut it in the fast-changing world of technology
- October 28, 2008
PricewaterhouseCoopers' annual Global State of Information Security Survey found mergers, Web 2.0 and other business initiatives driving spending nearly as much as compliance.
- October 21, 2008
Rough economic times are often associated with an increase in layoffs, mergers and acquisitions. The increased activity has the potential to weaken data security, but most security experts agree that large firms have the right procedures to follow ...