| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Government
|
|
Gramm Leach Bliley
|
|
HIPAA
|
|
Sarbanes Oxley
|
|
SB1386
|
|
U.S. Information Security Law, Part Two: Protecting Private Sector Systems and Securing the Working Environment This is the second part of a four-part series looking at U.S. information security laws and the way those laws affect security professionals. In the first part of this series, we looked at the legal framework for protection of information systems and the role of information security professionals in the creation of trade secret interests. In this installment, we will look at the legal framework for security of an enterprise's working environment from the perspective of information security professionals, with particular emphasis on the protection of communications.
03/22/2004
|
|
U.S. Information Security Law, Part One: Protecting Private Sector Systems, and Information Security Professionals and Trade Secrets This is the first article in a four-part series exploring the law of information security in the United States. The series is designed to be a resource for information security professionals in two respects. First, a legal perspective on security is valuable in itself, as an aid to defining the assets and interests to be protected and as the source of the prerequisites for and types of recovery available when breaches of security occur. Second, information about the intersection of law and information security will help information security professionals and their counsel work together more effectively.
03/22/2004
|
|
Security Concerns in Licensing Agreements, Part Two: Negotiating Security Provisions This article looks at a situation that is more typical for commercial users, one in which negotiations between vendors and service providers and their users concerning licensing and services agreements are commonplace and expected, and discusses why it is helpful, and usually essential, to have information security professionals participate in those negotiations.
03/22/2004
|
|
Security Concerns in Licensing Agreements, Part One: Clickwrap and Shrinkwrap Agreements This is the first of two articles that will discuss some security-related aspects of software licenses and agreements for Web-based information services. Part One will focus on shrinkwrap and clickwrap agreements. Part Two will emphasize individually negotiated agreements, with particular regard to the opportunities for information security professionals to work with legal counsel in the negotiation and preparation of such agreements.
03/22/2004
|
|
National Cyber Defense: A Design for Securing our Future This paper represents the base design for a national cyber defense system upon which can be largely expanded to suit the needs of the many evolving requirements of law enforcement, government, research groups, and other groups of people in the context of the internet.
03/21/2004
|
|
Downstream Liability for Attack Relay and Amplification While accessing the Internet at work, Jane finds a six-month old vulnerability in Megacorp’s web server. Exploiting this vulnerability, Jane is able to gain privileged access to the system. From Megacorp’s system, Jane then discovers a month-old vulnerability on the hospital system located in Washington state. She is able to exploit this as well and gains privileged access to the hospital server. Once Jane is a privileged user on the hospital’s system, she is able to penetrate more deeply into the hospital’s network wherein she finds a database server containing sensitive patient records. While browsing the database, Jane G. stumbles on Mr. Big Star’s file and decides to download a copy.
03/03/2004
|
|
Standards for Security Categorization of Federal Information and Information Systems The E-Government Act of 2002 (Public Law 107-347), passed by the one hundred and seventh Congress and signed into law by the President in December 2002, recognized the importance of information security to the economic and national security interests of the United States. Title III of the EGovernment Act, entitled the Federal Information Security Management Act of 2002 (FISMA), tasked NIST with responsibilities for standards and guidelines.
02/23/2004
|
|
The 2001 Patriot Act and Its Implications for the IT Security Professional One could write volumes of encyclopedic magnitude discussing the ethical and moral implications of the USAPA. One could also spend an equal amount of time delving intocriticism and the Big Brother imp
02/21/2004
|
|
Running an IT Investigation in the Corporate Environment This paper describes the issues that are involved in conducting an IT investigation of an incident in a corporate environment. It helps to provide insight into the issues that many companies deal with
02/21/2004
|
|
Financial Institutions Required To Do Their Part To Fight Crime This paper will briefly explain how the U.S. Patriot Act legislation came into existence, but its main focus will be to outline the requirements of the recently proposed Section 326 “Customer Identifi
02/21/2004
|
|
Page: 123 4 5 |
