Information Security Policies Procedures and Guidelines

  • June 18, 2007 18 Jun'07

    SonicWall-Aventail merger could lead to lost jobs

    A few days after SonicWall announced it would acquire SSL VPN vendor Aventail for $25 million, I caught up with Patrick Sweeney, vice president of Aventail's secure networking business unit, and ...

  • June 15, 2007 15 Jun'07

    Use cafe Wi-Fi, face a felony charge

    Having done my share of Web browsing in various Starbucks Coffee shops, I found this item in Jeff Hayes' Security Blog as sobering as a double shot of espresso. It's about a guy who was slapped ...

  • June 12, 2007 12 Jun'07

    Google: Meet the new privacy policy, same as the old privacy policy

    One of the few speed bumps in the road to Google's domination of the world has been concerns around its privacy policies. The company has been dinged by critics for a litany of perceived offenses, ...

  • June 12, 2007 12 Jun'07

    Big security names land at European firm

    Some of you might be wondering whatever happened to the following big-name security practitioners: -- Paul Kurtz, former executive director of the Cyber Security Industry Alliance -- Karen ...

  • June 11, 2007 11 Jun'07

    The dangers of Web application security research

    Chris Hoff at Rational Security has an interesting post up today on the problems that researchers face when looking for vulnerabilities in Web-based applications. The basic problem boils down to ...

  • June 08, 2007 08 Jun'07

    Podcast: Security Squad - Datbase security, encryption

    Information Security magazine editors Neil Roiter and Michael Mimoso discuss Google’s foray into the security market and whether companies should turn to database encryption to meet the PCI Data ...

  • June 08, 2007 08 Jun'07

    Fake Microsoft security bulletin circulating

    The folks at the SANS Internet Storm Center are warning of a fake Microsoft security bulletin that's making the rounds. Here's what it looks like: Microsoft Security Bulletin MS06-4 Cumulative ...

  • June 07, 2007 07 Jun'07

    Gartner’s Security 3.0 theme falls flat

    I'm just back from the Gartner IT Security Summit in Washington D.C., looking around the blogosphere to see if other attendees left with the same impression as I did. The prevailing view in Blog ...

  • June 06, 2007 06 Jun'07

    Richard Clarke’s role-playing game

    Former White House cybersecurity czar Richard Clarke has kept busy as a writer and security consultant since his well-documented falling out with the Bush Administration a few years back. Among his ...

  • June 05, 2007 05 Jun'07

    Experts: Security software not as safe as you think

    One of the reasons enterprises rely on layers of security products is because of the flaws that often appear in their main IT infrastructure. But according to a panel of experts at the Gartner IT ...

  • June 04, 2007 04 Jun'07

    When cyberthieves go postal

    Like the rest of the world, the U.S. Postal Service has come to rely more than ever on the Internet to conduct business. As a result, the organization must worry about online outlaws who use its ...

  • June 04, 2007 04 Jun'07

    Gartner confab looks to Security 3.0

    Today is the first full day of Gartner's annual IT Security Summit in Washington D.C., and the first order of business is the morning slate of keynotes. First up was Gartner analyst John Pescatore. ...

  • June 01, 2007 01 Jun'07

    ChoicePoint to pay $500,000 to settle with 43 states and D.C.

    ChoicePoint, the international poster child for data breaches, has agreed to a settlement with 43 states and the District of Columbia as a result of the incident in 2004 in which 145,000 consumer ...

  • June 01, 2007 01 Jun'07

    Can Germany really ban hacking tools?

    This week's Security Blog Log roundup starts with Germany's stunning move to ban hacking tools. I use the word stunning because I don't see how any government could possibly enforce such a thing. ...

  • May 31, 2007 31 May'07

    Security industry consolidation - be prepared

    The security industry is in a state of consolidation. Some experts point out that it's normal for larger vendors to fill in feature gaps with smaller niche players, but what happens when one of ...