
	Home > Information Security Magazine

EMAIL THIS

Information Security Magazine

CURRENT ISSUE

FEATURES

COLUMNS

HOT PICK & PRODUCT REVIEWS

VIEW COLUMNS FROM PREVIOUS YEARS::

2009 | 2008 | 2007 | 2006 | 2005

November 2007

Viewpoint: Don't blame generation gaps for poor home security

E-discovery forces security organizations to prepare for eventual litigation
by Kelley Damore
The updated Federal Rules of Civil Procedure elevates understanding of e-discovery requirements to a high priority.

Information security officers need to sharpen their risk management skills
by Dave Shackleford
Information security managers should adopt a risk management skill set and move their career paths toward a strategic position, rather than strictly an operational one.

Bruce Schneier, Marcus Ranum debate the realities of cyberwar
by Bruce Schneier and Marcus Ranum
Cyberwar: Myth or Reality?

Interview: CISO builds information security program from scratch
by Dennis Fisher
Commonwealth of Pennsylvania CISO Bob Maley built his information security program from scratch.

October 2007

Viewpoint: Hard drive encryption growing

Redefining free security software
by Michael S. Mimoso
Popular open source security products such as Nessus, Snort and Clam AV are being commercialized, redefining the notion of free software.

Vendor compliance management: Are health care software vendors HIPAA compliant?
by Joseph Granneman
Software used in health care is rife with vulnerabilities. It's time vendors shape up.

Learn to balancing security and usability
by Jay G. Heiser
Security measures such as constant password changes, are becoming intrusive, and the return is questionable.

Interview: CISO explains enterprise's access control policies
by Dennis Fisher
Access control and authentication isn't as simple as setting up user IDs and passwords.

September 2007

Viewpoint: Correlate SIMs and log management

Time to take cyberterrorism talk seriously
by Kelley Damore
With the power of botnets, SCADA systems becoming less proprietary and the recent attacks on Estonia, have we reached an inflection point where we need to take the likelihood of cyberterrorism?

Perspectives: The Lesson of Estonia
by Dorothy E. Denning
Prof. Dorothy Denning writes the cyberattacks on Estonia and how they took activism to a new level.

Bruce Schneier, Marcus Ranum debate home users and security
by Bruce Schneier and Marcus Ranum
Bruce Schneier and Marcus Ranum debate how to deal with the security problems posed by home computer users. Both dismiss user education, but Schneier believes ISPs should be forced to become IT departments while Ranum argues that building simpler systems is not the answer.

Ping: Nate Lawson
by Dennis Fisher
Nate Lawson

July 2007

Viewpoint: Background check faux pas

Editor's Desk: Freeing Julie Amero
by Michael S. Mimoso
Justice Served

Perspectives: Smoke and mirrors certifications
by David Mortman
Professional organizations use ethics policies to protect their certifications instead of promoting ethical behavior.

Ping: Dave Drab
by Dennis Fisher
Dave Drab

June 2007

Viewpoint: Blame software insecurity on project managers

Fellow practitioners are best security resources
Security professionals can reap benefits by joining a local user group or professional organization. Such groups provide a good way to network and a place to bounce ideas.

PCI becoming overly complex and expensive
The Payment Card Industry Data Security Standard (PCI DSS) had admirable objectives but has lost its way. Today, compliance with the PCI standard is overly complex and costly.

Apply manufacturing management techniques to information security
Total Quality Management is generally known as a manufacturing technique, but its selective use is helping to improve information security.

Interview: FDIC director explains FFIEC standard
Michael L. Jackson, associate director of the FDIC, helped develop FFIEC, which aims to make online banking safer by forcing financial institutions to assess the risks in their environments and implement controls such as strong authentication.

May 2007

Hacker demonstrates targeted attack
by Michael S. Mimoso
Hacker Robert Hansen, also known as RSnake, demonstrates the pains cybercriminals take to target specific organizations and individuals through an exercise posted on his blog, which targeted the head of Google's spam team. Hansen's exercise underscores the threat companies face from today's organized and patient cybercriminals.

Fight cybercrime by understanding a hacker's mind and attack motive
by Julie Tower-Pierce
Computer crime laws and security policies aren't enough to combat increasingly sophisticated cybercrime. Understanding the criminal mind and a hacker's motive can help an organization determine what assets are most valuable and better distribute security resources.

Bruce Schneier and Marcus Ranum debate whether a 'Big Brother' watches today's information society
by Bruce Schneier and Marcus Ranum
Is today's information society anything like the Big Brother world envisioned by George Orwell in his book 1984? Bruce Schneier and Marcus Ranum debate the topic.

Interview: PayPal CISO Michael Barrett
by Michael S. Mimoso
PayPal's 133 million online customers are the biggest ocean for phishers to plunder. CISO Michael Barrett wants to make it safe to be in the water, and he's not going at it alone. Backed by PayPal's sophisticated fraud models and help from ISPs, Barrett is succeeding in protecting the most-spoofed brand on the Internet.

April 2007

Viewpoint: Best of breed vs. suites

Editor's Desk: 2007 Readers' Choice Awards
by Kelley Damore
The Real World

PING: Shelly Barnes
by Stefanie McCann
Read an interview with Shelly Barnes, vice president of technology and process at Arizona Tile.

March 2007

CISO priorities focused on compliance over security
by Kelley Damore
Regulatory demands have forced CISOs to prioritize compliance over data and intellectual property protection.

Secure software development needs to be treated as other engineering disciplines
by Edward Adams
Almost no university teaches quality or security as part of their software engineering or computer science majors, a major reason for today's application security problems.

Bruce Schneier and Marcus Ranum debate the necessity of penetration tests
by Bruce Schneier and Marcus Ranum
Pen tests identify your organization's weaknesses. Bruce Schneier and Marcus Ranum debate whether organizations really want to document all the ways networks are insecure.

Ping: Mark Odiorne
by Dennis Fisher
Mark Odiorne

February 2007

Editor's Desk: Can someone call an exterminator?
by Kelley Damore
A Bug's Life

Perspectives: Suite Spot
by Tony Bradley
All-in-one security suites offer an array of advantages versus best-of-breed.

Layer8: Is risk management for real?
by Jay G. Heiser
Fad or For Real?

Ping: Josh Seeger
by Dennis Fisher
Josh Seeger

January 2007

Editor's Desk: Celebrating 10 years of Information Security magazine
by Kelley Damore
A Toast to Ten Years

Perspectives: Post-admission controls the next step for NAC
by Eric Ogren
Post-admission controls would shore up NAC/NAP shortcomings.

Face-Off: Schneier, Ranum debate privacy and personal information
by Bruce Schneier and Marcus Ranum
Does Secrecy Help Protect Personal Information?

Ping: Nikk Gilbert
Nikk Gilbert

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy