Home > Information Security Magazine
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  
Information Security Magazine
This Month
Sign up for Information Security RSS feeds
NOVEMBER 2009
FEATURES

Integrated change management reduces security risks

Metasploit Project acquisition ups ante for penetration testing market

Enterprises must treat Insider risk as they do external threats

VIEW FEATURES FOR ALL MONTHS
COLUMNS

Schneier-Ranum Face-Off: Is antivirus dead?

Standards compliance does not equal sound information security risk management

Time is now for pandemic flu planning

VIEW COLUMNS FOR ALL MONTHS

HOW WE GRADE PRODUCTS
Read more from Information Security magazine in our back issues.

October 2009

September 2009

July 2009

June 2009

May 2009

April 2009

March 2009

VIEW ALL BACK ISSUES

2009 Columns

VIEW COLUMNS FROM PREVIOUS YEARS::  

 2009   |   2008   |   2007   |   2006   |   2005
November 2009

Schneier-Ranum Face-Off: Is antivirus dead?
by Bruce Schneier and Marcus Ranum
Security experts Bruce Schneier and Marcus Ranum debate the longterm viability of antivirus software.

Standards compliance does not equal sound information security risk management
by Paul Rohmeyer
The checklist approach to security is easy, but the result is poor security.

Time is now for pandemic flu planning
by Kelley Damore
Safeguarding your organization against a H1N1 outbreak should be a top priority.
October 2009

Editor's Desk: Security 7 Winners Chronicle Trends That Shape The Industry
by Michael S. Mimoso
Looking back at five years of award winners provides a timeline of security trends that you need to absorb.

How to avoid Internet liability lawsuits
by Jeanne Debus
Enterprises face numerous potential liabilities online. Avoiding lawsuits requires a sound cyber risk management plan.
September 2009

What does PCI compliance really mean?
by Kelley Damore
Passing an audit can lull an organization into a false sense of security.

Security best practices in hotels
by Rick Lawhorn
Accountability for Internet security should be placed on users, not service providers such as hotels.

Schneier-Ranum Face-Off: Is Perfect Access Control Possible?
by Bruce Schneier and Marcus Ranum
Security experts Bruce Schneier and Marcus Ranum debate whether perfect access control is possible.
July 2009

Editor's Desk: Google security needs HTTPS by default
by Michael S. Mimoso
Security's leading thinkers ask Google to turn on HTTPS by default for Gmail, Docs and Calendar.

Align your data protection efforts with GRC
by Randall Gamby
Data protection and compliance teams battle for resources but need each other to succeed.
June 2009

Three cloud computing risks to consider
by Patrick Cunningham
Cloud computing carries risks that enterprises need to weigh before they forge ahead.

New partnerships, creative thinking help security bust recession
by Kelley Damore
The economy is forcing organizations to be more resourceful and bury the hatchet. And that's a good thing.
May 2009

The Pipe Dream of No More Free Bugs
by Michael S. Mimoso
Security researchers have declared they want vendors to compensate them for their independent search for vulnerabilities.

Service-focused security offers best value to organization
by Leonard Wiens
A service-oriented approach is the best way to demonstrate security's value and win support for security initiatives.

Bruce Schneier and Marcus Ranum Face-Off: Should We Have an Expectation of Online Privacy?
by Bruce Schneier and Marcus Ranum
Security experts Bruce Schneier and Marcus Ranum debate whether users should have an expectation of online privacy.
April 2009

Sell the business on virtualization security
by Jack Phillips
Executive management sees virtualization as the cure-all, but CISOs need to ensure it is done securely. Learn how virtualization can help you position security as a business enabler.

SaaS security risks must be addressed
by Kelley Damore
Realize quickly that software as a service and cloud computing are the future computing infrastructures IT must secure.

Web browsers remain vulnerable to user mistakes
by Robert Westervelt
Hackers continue to bore holes in Web browsers, exploiting users with social engineering tricks to gain unauthorized access to systems and data.
March 2009

Cybersecurity's profile rising under Obama
by Michael S. Mimoso
The Obama Administration is conducting a review of the government's cybersecurity policies and process. We should be encouraged that security could move beyond the useless paper exercise it is today

Enforcing a vendor risk assessment to avoid outsourcing security risks
by David Mortman
As enterprises outsource more services and share data, they must be vigilant about the security of third parties.

Data classification best practices: Techniques, methods and projects
by Jay Heiser
Effective data classification in the enterprise requires a simple approach.
February 2009

Shoestring security budgets mean innovation and prioritization
by Kelley Damore
Security managers face a lean economic year in 2009, but that doesn't mean threats and compliance demands will abate.

Schneier, Ranum debate social networking risks
by Bruce Schneier and Marcus Ranum
Should companies be concerned about employees' social networking? Bruce Schenier and Marcus Ranum take opposite sides on this issue.

Proactive state privacy laws change security focus to prevention
by Julie Tower-Pierce
New data breach notification acts in Nevada and Massachusetts are changing the way that organizations handle data.

Vein-reader biometric authentication for health care, financials
by Neil Roiter
Health care facilities, along with financial institutions, are prime market targets for vein-reading technology, the latest in biometric applications.
January 2009

Security steering committee force CISOs to connect with the business
by Michael S. Mimoso
Security steering committees provide a forum for security managers and business leaders to discuss security and privacy issues and explore compliance implications of new projects and technology purchases.

Insider threat mitigation and detection: A model for committing fraud
by Ron Woerner
Risk managers should know in order to commit fraud, or any other improper action, an attacker needs access, knowledge/ability and intent.

State Data Breach Notification Laws: Have They Helped?
by Bruce Schneier and Marcus Ranum
There are more than 40 state notification laws, but how have they impacted the security of sensitive data? Our two experts debate the issue.

Interview: Protecting data and IT assets in a recession
by Marcia Savage
The Republic First Bank information security officer offers guidance on maintaining a security program in lean economic times.




TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts