Given the recent spate of breach announcements from companies like Monster.com and TradeFreedom Securities Inc., I’ve been thinking about how poor security is going to impact organizations and consumers over the next few years. Even though there have been an...
Does fulfilling your regulatory compliance requirements actually lead you to be more secure? Will your organization automatically attain compliance by pursuing a strict regimen of security practices? In short, is the quest to be compliant complementary,...
One of the hardest concepts to emphasize concerning Information Security is that people and processes are more critical to your overall security posture than products are. That is not to say that products are unimportant. Certainly, any deficiency in one of the...
It is very easy to become complacent with Information Security on a home computer or network, even for those who would otherwise preach IT Security in a corporate setting. There are several reasons why this attitude can develop, even in people whose line of work...
Five years ago, I wrote an article on the challenges of implementing Information Security in an enterprise. Sad to say, even in the post-911 era, not a whole lot has changed there. Sometime in the next couple weeks, I’ll write an updated...
There’s a very interesting article up on SANS Internet Storm Center concerning the security implications of the proposed Net Neutrality legislation that is being discussed ardently in some circles… Briefly, network neutrality is designed to prevent ISPs...
