Home > Information Security Magazine
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  
Information Security Magazine
This Month
Sign up for Information Security RSS feeds
JUNE 2009
FEATURES

Mature SIMs do more than log aggregation and correlation

How to write a risk methodology that blends business, security needs

Risk management must include physical-logical security convergence

VIEW FEATURES FOR ALL MONTHS
COLUMNS

Three cloud computing risks to consider

New partnerships, creative thinking help security bust recession

VIEW COLUMNS FOR ALL MONTHS

HOW WE GRADE PRODUCTS
Read more from Information Security magazine in our back issues.

May 2009

April 2009

March 2009

February 2009

January 2009

November 2008

October 2008

VIEW ALL BACK ISSUES

2008 Columns

VIEW COLUMNS FROM PREVIOUS YEARS::  

 2009   |   2008   |   2007   |   2006   |   2005
November 2008

Maintaining a strong security program during a recession, layoffs
by Kelley Damore
Learn to maintain security during tough economic times and budget cuts when big corporations such as Merrill lynch, Wachovia and Chase, B of A are doing layoffs.

Collaboration with auditors will benefit information security programs
by David Mortman
Security professionals should appreciate their relationships with internal auditors, who by pointing out security areas that need improvement, head off failures with external auditors.

Poor development practices lead to continued security problems
by Jay G. Heiser
Critical systems continue to fail because security specialists haven't established themselves as valuable professionals.

Interview: Former L0pht hacker and current Grand Idea Studio owner Joe Grand
by Dennis Fisher
Known as a hardware security wizard, Grand is now a sought-after trainer and one of the hosts of a new show on Discovery Channel called Prototype This! about building unusual projects on a tight budget and schedule.
October 2008

Information security professionals have their say
by Michael S. Mimoso
Information Security magazine's Security 7 Award winners write personal essays on topics ranging from perimeter security, information sharing, physical and logical security convergence and progress made in the industry.

Combat social engineering the 'Carnegie' way
by Ron Woerner
Dale Carnegie's "How to Win Friends and Influence People" can be a valuable tool for CISOs who are up against social engineering issues.

Bruce Schenier, Marcus Ranum debate risk management
by Bruce Schneier and Marcus Ranum
Experts Bruce Schneier and Marcus Ranum debate whether risk management is an appropriate strategic direction for information security professionals to follow.

Interview: Chris Nickerson of TruTV's 'Tiger Team'
by Dennis Fisher
Chris Nickerson of Lares Consulting explains best practices for penetration tests and the risks of outsourcing.
September 2008

GRC: Over-Hyped or Legit?
by Kelley Damore
Governance, risk and compliance (GRC) is being used as a catch-all phrase for most information security strategies and tagged onto various products, adding even more confusion in the market as to what it truly means or promises to corporations.

Viewpoint: Vulnerability researchers doing more than 'search'

Security Certifications' Ethics Programs Merely Window-Dressing
by David Mortman
Professional information security organizations' efforts to improve their ethics programs only dress up an ugly situation.

Shared Identity Providers Could Soothe Password Chaos
by Jay G. Heiser
A security model that requires people to remember multiple passwords and logins has to change.

Interview: Bill Jiminez, Systems Architect at the University of the Pacific
by Dennis Fisher
Rolling out access controls such as NAC and password-management systems providedsome key lessons for dealing with reluctant users.
July 2008

Time to Implement DNSSEC
by Michael S. Mimoso
Editor's Desk: DNS turns 25 this year. It's high time DNSSEC is added to the protocol.

Loud Cries for National Data Protection Law
by Lee Kelly
Perspectives: A national data protection law would help curtail identity theft and could boost international relations.

Face-Off: Chinese Cyberattacks: Myth or Menace?
by Bruce Schneier and Marcus Ranum
Bruce Schneier and Marcus Ranum debate the threat of Chinese hackers and whether they are state-sponsored?

Interview: CISO Adrian Seccombe on Eli Lilly from FIPCO to FIPNET
In this interview, CISO Adrian Seccombe discusses how Eli Lilly went from FIPCO (fully integrated pharmaceutical company) to a FIPNET (fully integrated pharmaceutical network, the importance of collaboration and the work of the Jericho Forum.
June 2008

CISOs Must Innovate to Enable Business
by Kelley Damore
Editor's Desk: Be an Enabler

Architect Security and Compliance Programs to Be Complementary
by David Mortman
Perspectives: Shake On It

Address Authentication and Transaction Validation Protocols to Stem Identity Theft
by Jay G. Heiser
Layer8: Tarnishing Good Names

Interview: Financial Services CISO David Pollino
by Marcia Savage
CISO Uses Predictive Analystics to Bolster Risk Management Program
May 2008

Reasearch on Coding Backdoors Presents Ugly Picture
by Michael S. Mimoso
Editor's Desk: Backdoor Bedlam

Security, Privacy Offices Must Combine Resources
by Ben Halpert
Perspectives: Nowhere to Hide

Face-Off: Is vulnerability research ethical?
by Bruce Schneier and Marcus Ranum
Bruce Schneier and Marcus Ranum debate the ethics of vulnerability research

Interview: Jim Kirkhope of NCR
by Dennis Fisher
PING: Jim Kirkhope
April 2008

Companies Collecting Too Much Customer Data Increase Exposure
by Michael S. Mimoso
If the risk of losing customer or partner information outweighs its value, why collect it in the first place?

Exploring Security Myths, Misconceptions that Lead to Breaches
by Kenneth M. Smith
Perspectives: Gotcha Moments

Disclosure Laws Fail as an Incentive to Secure Data
by Jay G. Heiser
Layer8: Data Leak Fatigue

Interview: Arizona CISO David VanderNaalt
by Michael S. Mimoso
The CISO for the state of Arizona helps craft an executive order that prioritizes information security in every state agency.
March 2008

Researcher Puts Quantitative Measurement on Information Security Threats
by Michael S. Mimoso
Editor's Desk: Score One for Threats

E-Discovery Compliance Requires Security Pros to Think As Lawyers Do
by Julie Tower-Pierce
Perspectives: Think Like a Lawyer

Face-Off: Is Security Market Consolidation a Plague or Progress
by Bruce Schneier and Marcus Ranum
Bruce Schneier and Marcus Ranum debate the impact of market consolidation on information security.

Interview with Macbook Hacker Dino Dai Zovi
by Dennis Fisher
PING: Dino Dai Zovi
February 2008

Key Security Initiatives Abound
by Kelley Damore
Editor's Desk: Everything Goes

Perspectives: SSL No Security Blanket
by David Mortman
Encryption cannot patch the holes created by insecure software.

Layer8: Applying numbers to risk management
by Jay G. Heiser
Quality Counts, Not Quantity

Interview with Troon Golf's Cary Westmark
by Dennis Fisher
PING: Cary Westmark
January 2008

Editor's Desk: Risk is the new black
by Michael S. Mimoso
A New Direction for Risk?

Ping: Fyodor
by Michael S. Mimoso
Fyodor




TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts