| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Awareness Program
|
|
Case Studies
|
|
A Holistic Approach to Securing the Enterprise The continuance of malicious computer attacks has made security a front page topic in almost every board room and IT oversight committee. Most IT departments accept that routine updates to software operating environments are a necessary part of managing systems. It’s also not hard to convince the IT professional that the protection of data assets forms the foundation of recovering from a disruptive event. But very seldom do we think of security, systems and storage management as part of a seamless and holistic approach to securing the enterprise.
By Don Kleinschnitz, 08/20/2004
|
|
Building a Security Management Point Keeping networked environment secure can be a very difficult task nowadays. There are many means of attack. One must always be aware of the vulnerabilities discovered most recently, not to mention the eternal activity of viewing logs and looking for suspicious traces. All this takes time and becomes worse when we are dealing with networks. Watching a single machine requires careful effort, doing the same with an entire network may take many times the effort. What we need is to increase our watching range with as little time as possible. A well implemented security environment can make the most of the security manager's time by allowing him to do carry out his/her main tasks with less effort. This article will present a way to build a security management point by using free IDS solutions to watch the following:
By Flavio Marcelo Amaral, 07/30/2004
|
|
The Threat of Social Engineering and Your Defense Against It This paper describes Social Engineering and its cost to the organization. It discusses the various forms of Social Engineering, and how they take advantage of human behavior. It also discusses ways to fight and prevent social engineering attacks, and highlights the importance of policy and education in winning the battle.
By Chris Jones, 05/11/2004
|
|
Congratulations to the New Security Manager This paper outlines the new job responsibilities of a new security manager, including the potential pitfalls and risks.
By Nancy J. Carpenter, 05/11/2004
|
|
Systems Maintenance Programs - The Forgotten Foundation and Support of the CIA Triad Much has previously been written on the importance, relevance, and critical application of the CIA (Confidentiality, Integrity, Availability) Triad security model. However, operational emphasis on the CIA model has historically been placed primarily on ”hard” or widely addressed topics relating to prevention, auditing, and enforcement. This type of emphasis addresses issues such as policies and procedures, training and awareness programs, encryption, access controls, and hardware or software based security management tools.
By C. Farley Howard, 05/07/2004
|
|
The Computer Security Threat to Small and Medium Sized Businesses -A Manager's Primer This paper seeks to provide non-technical, easily understood, information for the business executive seeking to capitalize on the benefits provided by Internet access while at the same time protecting his internal network from viruses and hackers.
By Michael A. Regan, 04/30/2004
|
|
The social approaches to enforcing information security Business security is becoming more strategically important everyday for sustainability, economic growth and future health. Although security in business is a very broad topic, for this report, the focus is on enforcing information security using social approaches in the business environment.
By Roger Gilhooly, 04/30/2004
|
|
Applying Security to an Enterprise using the Zachman Framework An enterprise information architecture provides a framework for reducing information system complexity and enabling enterprise information sharing. Much like a homeowner designing a home, information technology managers work with an architect to provide an agreed upon architectural drawing for the information and processes in the enterprise. This high level architectural drawing does not change with tactical decisions to deploy improved technology since it is simply built around a framework of business processes and the information that they need.
By Lori L. DeLooze, 04/30/2004
|
|
Implementing a Project Security Review Process within the Project Management Methodology This paper focuses on how to get greater penetration of security policies within the enterprise by adding a security review process within the existing project management methodology.
By Darlene Hart Rodgers, 04/30/2004
|
|
The Cyber Security Management System: A Conceptual Mapping In an environment of global connection and cyber terrorism, the protection of information assets is vital to every private business, public organization and individual household. This paper looks at the cyber security management process as a complex system of interrelated elements and demonstrates the use of concept mapping techniques to expand our knowledge of the system as a whole, and of policy and technology in particular.
By John H. Dexter, 04/30/2004
|
|
Page: 1 2 34567 |
