Security Management Strategies for the CIO
Email Alerts
-
Diagram outside firm role early in security incident response process
Expert Nick Lewis provides criteria for selecting outside incident response firms and how to define security incident response process needs early on. Tip
-
NSTIC identity plan: Can identity brokers stop Internet identity theft?
The new NSTIC identity proposal would have identity brokers handling enterprise merchant customer authentication. But can it work? Tip
-
Hacktivism examples: What companies can learn from the HBGary attack
A few simple security best practices may have spared security company HBGary Federal from the recent attack by the hacktivist group Anonymous. Nick Lewis explains what happened and how to prevent such an attack against your company. Tip
-
Data breach procedures to stop Gawker-type Web password security leaks
Following its recent security breach, Gawker.com has promised to boost its security, but, in this tip, threats expert Nick Lewis looks at what the site could've done to pre-empt the breach in the first place. Tip
-
Create a data breach response plan in 10 easy steps
Having a solid data breach response plan in place can make the threat of a security breach less intimidating. In this tip, learn 10 steps to take that will lead to an effective data breach response plan. Tip
-
How to prevent iPhone spying: Mobile phone management tips
So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the question. Tip
-
An inside look at security log management forensics investigations
David Strom provides some examples of log data that provided key clues to enterprise data breaches. Tip
-
Data security best practices for PCI DSS compliance
The glut of recent data breaches, such as the one at Heartland Payment Systems Inc., leaves some security pros wondering if PCI DSS is doing its job. Is it worth all the effort to become PCI compliant if breaches still seem inevitable? In this expert... Tip
-
The 'appropriate' way to comply with Data Protection Act 1998
The U.K. Data Protection Act is 10 years old, but the evidence shows that many organisations are still not up to standard when it comes to the seventh data security principle: using "appropriate and adequate security measures" to protect personal dat... Tip
-
Web 2.0 and e-discovery: Risks and countermeasures
Enterprise employees often love Web 2.0 services like wikis and social networking services, but the data employees may create with or provide to those services can put an enterprise at risk, especially when litigation calls for electronic discovery o... Tip