Items Tagged with "Policy"


The What and Why of Compliance

January 19, 2012 Added by:Fergal Glynn

What is a compliance framework? It’s an architected system of policies, controls and objectives designed to keep your business out of trouble and operating securely. It should measure risk and effectiveness, and keep constituents aware and up to date, since risk changes...

Comments  (0)


The Urgent Need for Mobile Device Security Policies

November 20, 2011 Added by:Kevin Johnson

When gaps are uncovered in an environment, they must be augmented with new policies, as is the case with mobile devices. The need for businesses and government to establish strong policies for mobile environments and the protection of information used with mobile devices is immediate...

Comments  (0)


Department of Defense Cyberspace Policy Report

November 18, 2011 Added by:Headlines

"While the development and integration of cyber technologies have created many high leverage opportunities for DoD, our increasing reliance upon cyberspace also creates vulnerabilities for both DoD and the Nation..."

Comments  (0)


Should We Strike Iran? How About the Information War?

November 16, 2011 Added by:Joel Harding

A pre-emptive information strike would only cause the Iranians to involuntarily spasm and deploy suicide teams to attack US and other targets worldwide. Anything less would just be posturing for political purposes and could possibly result in more senseless deaths...

Comments  (0)


Seven Deadly Sins for a Compliance Program

November 11, 2011 Added by:Thomas Fox

Feldman’s seven deadly mistakes provide an excellent framework for any company to assess their overall compliance program from a high level. While perhaps not rising to the level of “sins”, the answers will allow the compliance practitioner to be ready to respond if the DoJ comes a calling...

Comments  (0)


#EntSec pt. II -- Accepting Exceptional Mediocrity

November 04, 2011 Added by:Ali-Reza Anghaie

Respect of a brand can carry through decades. It's my belief that if you influence through Enterprise Security, you will attract a better breed of customer and customer loyalty. This is a worthy selling point and worth marketing. And you still don't have to shave or put on shoes to do it...

Comments  (0)


Security Risk Management

October 07, 2011 Added by:Tony Campbell

The author explores the risk management lifecycle, describes methodologies for qualifying and quantifying risk and levels of risk, and provides examples of how these can best be described and/or presented at a senior management level...

Comments  (0)


How Social Media Impacts Your Compliance Program

October 02, 2011 Added by:Thomas Fox

In a September 26, 2011 article in Forbes magazine, titled “Social Power and the Coming Corporate Revolution”, author David Kirkpatrick argues that the social media revolution has so empowered employees and customers that they will soon be calling the shots, not management...

Comments  (0)


Data Breaches - Beyond the Impact of Fines

September 27, 2011 Added by:Emmett Jorgensen

With several high profile breaches this year, regulators have proposed data breach notification bills and heavy fines for organizations that fail to keep sensitive information safe. The real concern for organizations that have experienced a data breach, however, is customer confidence...

Comments  (8)


NLRB Report Reviews Social Media Enforcement Actions

September 13, 2011 Added by:David Navetta

The Associate General Counsel of the NLRB issued a report analyzing the Board’s recent social media enforcement actions. The report seeks to provide guidance to employers that want to ensure that their social media policies appropriately balance employee rights and company interests...

Comments  (0)


INSA Releases Cyber Intelligence Report

September 13, 2011 Added by:Headlines

"We are not quite ready to propose a definitive definition... At this point, we are talking about threats that can originate anonymously within this cyber domain with potentially enormous consequences: physical destruction to economic chaos..."

Comments  (0)


Casey Jones - or How to Stop a Compliance Train Wreck

August 12, 2011 Added by:Thomas Fox

The evaluation of C-Suite leadership can be problematic in the best of times. The C-Suite can be an active part of the problem. While not FCPA violations, the criminal prosecutions at the highest echelon at Enron, WorldCom and Adelphia certainly speak to ethical lapses at the top...

Comments  (1)


Juniper SRX Tips: Altering Default Deny Behavior

August 10, 2011 Added by:Stefan Fouant

With just a couple of lines of code we can streamline the configuration, in this case creating an explicitly defined deny policy which logs all traffic that would otherwise be silently discarded. Best of all, we can do so without having to resort to manual configurations of each one...

Comments  (0)


Juniper SRX Tips: Uniform Security Policy Modification

August 01, 2011 Added by:Stefan Fouant

With a couple of lines of code we can alter all of the existing policies on our device without having to resort to manual configuration of each and every one. This type of functionality is perfect when we want to have a singular set of configuration elements apply to all of our policies uniformly...

Comments  (0)


Authentication: Who Are You and Why Are You Here?

July 29, 2011 Added by:Mike Meikle

You may have robust network security, stringent password policies and a tightly locked down user environment, but if you don’t know what you own, both data and hardware, it is akin to having a bank vault door standing alone in a field...

Comments  (0)


Stroke Development Versus Not Drowning

July 28, 2011 Added by:Rafal Los

Sony, Fox/Murdoch, et al, are all being harried by vulnerabilities left open in the backwaters of their infrastructure, not by bruteforce through the main gates. What little surprises might one find by using this time for review and planning?

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »