Site Sponsor:
Ask the Expert
Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.
Search this site
Entries from Realtime Community | Messaging and Web Security tagged with 'risk management'
Business Needs to Get Out Ahead of Security Regulation
An interesting quote in a USA Today story on security company acquisitions speaks to the increasing level of concern about current levels of information security....
Posted by Dan Sullivan on May 18, 2009 9:39 AM
Another Item for Obama's To Do List: Cybersecurity
It seems to be in vogue for news agencies to push "Memos to the President Elect." I could do without the pretensions but I was glad to see at least CNN took on the issue of cybersecurity....
Posted by Dan Sullivan on November 22, 2008 2:42 PM
Will We Eventually Need a Budget Line Item for Cybercrime?
According to the Information Security Forum, cybercrime is (not surprisingly) growing and business are more vulnerable to the cost implications of this kind of crime....
Posted by Dan Sullivan on October 17, 2008 5:15 PM
Time for New Security Metrics
How do you estimate a security measure to decide whether or not to invest in it? In traditional risk management, it's a matter of calculating annualized loss expectancy (ALE). If that is a term that wasn't cooked up by non-security...
Posted by Dan Sullivan on September 4, 2008 8:03 AM
Getting Started with Governance, Compliance and Risk Management
Governance, compliance and risk management (GCR) is a broad, demanding and sometimes intimidating topic but there are strategies for getting GCR under control. This podcast describes a seven step process for getting a GCR program started with an emphasis on...
Tags:
application security
compliance
data leaks
data loss prevention
database security
DLP
Governance
network security
PCI Data Standards
privacy
risk management
security management
Posted by Dan Sullivan on August 6, 2008 9:34 AM
Real Compliance Requires Technical Expertise
Network World published an interview with an Ex-Bear Stearns CISO on compliance which raises some pressing questions but I think falls short on the right answer....
Posted by Dan Sullivan on July 14, 2008 1:45 PM
Evaluating Your Security Management Program: What to Look For
The latest article in the Essentials Series: Messaging and Web Security - Volume III looks into how to keep your security management plan in synch with other business objectives. Here's an excerpt:...
Posted by Dan Sullivan on June 30, 2008 5:54 AM
Latest Messaging and Web Security Article Series Available
The Essentials Series: Messaging and Web Security - Volume III continues the series' focus on managing IT infrastructure and applications in an increasingly complex security environment. The articles are especially geared towards application developers, database administrators, Web architects, andsystems managers,...
Posted by Dan Sullivan on May 14, 2008 7:44 AM
Where to Spend Your Security Budget Part 2: Evaluating Security Options
We've just posted another article on security budgeting and getting the most value for your money when it comes to choosing a combination of security measures. Here is an excerpt: We all want to maximize the benefits of our security...
Tags:
Ajax security
database security
IT budgeting
malware
product selection
risk management
security budget
Posted by Dan Sullivan on May 9, 2008 5:16 PM
Security Spending in All the Wrong Places
Peter Tippett, VP of risk management at Verizon, chief scientist ICSA Labs and a developer of anti-virus programs, thinks we're not paying attention to the data on what is and isn't effect allocation of security resources. Dark Reading has a...
Posted by Dan Sullivan on February 7, 2008 8:48 AM
Société Générale, Predictability and Overlapping Countermeasures
The $7 billion fraud at the Société Générale has to have a lot of bankers and trading managers wondering if something like that could happen to them. A couple of writers have pointed out that predictability is a key weakness...
Posted by Dan Sullivan on January 30, 2008 8:49 AM
IBM Security Pushing a Good Idea with a Terrible Name
Security is broken, or at least that's the word from Stuart McIrvine, director of IBM’s Corporate Security Strategy, and IBM is going to help fix it. Judging from the limited information we have so far, IBM is on the right...
Tags:
application security
database security
IBM
network security
perimeter defenses
risk management
security management
vulnerability assessment
Posted by Dan Sullivan on November 1, 2007 12:42 PM
SMBs Need to Pay More Attention to Security
A new report out of Webroot Software discussed in eWeek argues that SMBs are "sitting ducks" for cybercrime: In most industrialized countries, SMBs make up 97 to 99 percent of all companies. Yet most of those small to midsize businesses...
Tags:
insider abuse
risk management
security management
small midsized business
SMB
spyware
virus
vulnerabilities
Posted by Dan Sullivan on October 23, 2007 8:20 AM
Establishing an Organizational Security Framework
Those who work in security and systems administration could spend every hour of every day down in the trenches dealing with the latest threat, reconfiguring devices, patching applications, and telling others to stop downloading non-work related material from P2P networks....
Posted by Dan Sullivan on September 11, 2007 6:30 PM
Ubuntu Server Attack Has Clear Lesson, and Not So Clear One As Well
On Monday night several Ubuntu servers, sponsored by Cononical and maintained by the community, were found to be compromised. The sys admins took the machines off line and began a cleanup operation. The problem stemmed from a combination of too...
Posted by Dan Sullivan on August 16, 2007 7:56 AM
Getting Started with Security Information Management
Effective security management requires more than deploying firewalls and anti-virus software. Getting started with security information management is challenging but this podcast provides an overview of how to proceed. Starting with planning and moving through policy development to addressing key...
Tags:
business alignment
compliance
identity management
incident response
policy
risk management
security domains
security informaiton management
SIM
threats
vulnerabilities
Posted by Dan Sullivan on May 1, 2007 4:55 PM
Microsoft Profits Up, Security Market Up, Too
Money is being made all right, and not just at Microsoft. The security market news includes record profits and mergers, both positive signs, at least from a business perspective. Some, like Bruce Scheiener, are wondering why we should need security...
Tags:
Altiris
data loss prevention
malware
McAfee
Microsoft
reveneues
risk management
risk mitigation
security
security market
Symantec
Vista
Posted by Dan Sullivan on April 27, 2007 8:10 AM
Earthquake Disrupts Internet in Asia: Risk Management Goes Only So Far
An earthquake earlier today on the southern coast of Taiwan disrupted Internet services in Hong Kong, Japan, Taiwan and parts of India. As Marketplace report Amy Scott says, this ripple effects on business extended beyond the immediately affected area, "In...
Tags:
risk management
Posted by Dan Sullivan on December 27, 2006 6:30 PM
Supporting Compliance with Risk Management
Understanding and addressing risk is fundamental to compliance. Risk management requires identifying risks, assessing the potential impact of those risks, and reducing those risks. This podcasts provides an overview of the risk analysis process with an emphasis on managing IT...
Tags:
compliance
risk management
Posted by Dan Sullivan on November 10, 2006 11:21 PM
Preventing Data Loss is Key Element of Compliance
Compliance with Sarbox, GLBA, HIPAA and a number of other regulations has become a key driver behind information security decision making. This does not necessarily change how security professional do their job, but it will provide for higher profile recognition...
Posted by Dan Sullivan on November 8, 2006 7:55 PM
Feed Subscription
If you use an RSS reader, you can subscribe to a feed of all future entries tagged 'risk management'. [What is this?]
Other Tags
Other tags used on this blog:
- 0 day (1)
- 2-factor authentication (1)
- 2008 Summer Olympics (1)
- access control (3)
- access controls (12)
- account sharing (1)
- Acer Aspire (1)
- ACLU (1)
- Active Management Technology (1)
- ActiveX (1)
- ActiveX vulnerability (1)
- ad blocking (1)
- Ad Words (1)
- adaptive design (1)
- AdBlock Plus (1)
- Adi Shamir (1)
- Adobe (2)
- Adobe Acrobat (1)
- Adobe Flash (1)
- Adobe Reader (1)
- adult content (1)
- adult sites (1)
- advertising (3)
- adware (6)
- AI (1)
- Air Force (2)
- air traffic control (1)
- AJAX (2)
- Ajax (6)
- Ajax security (3)
- Alienware (1)
- Altiris (3)
- Amazon (2)
- Amazon compute services (1)
- Amazon EC2 (1)
- Amazon S3 (4)
- Amazon Web Services (1)
- AMTSO (1)
- Amzaon EC2 (1)
- Amzon S3 (1)
- and Sun (1)
- Android (11)
- anit-malware (1)
- anit-virus (1)
- anonymizer (1)
- anonymizing data (1)
- anonymous browsing (1)
- anonymousizer (1)
- anti-forensic (1)
- anti-forensics (1)
- anti-Islamist (1)
- anti-malware (12)
- Anti-Malware Testing Standards Organization (1)
- anti-pharming (1)
- anti-phishing (14)
- anti-spam (8)
- anti-spyare (1)
- anti-spyware (5)
- anti-virus (53)
- anti-virus filtering (1)
- AOL (2)
- Apache (2)
- Apple (19)
- Apple Safari (1)
- appliance (1)
- applicaiton security (1)
- application backdoor (1)
- application development (4)
- application firewall (1)
- application firewalls (3)
- application security (35)
- Application security (1)
- application server security (1)
- application stack (1)
- application testing (4)
- application vulnerability (1)
- application vulnerability assessment (1)
- Arbor Networks (1)
- Aritficial intelligence (1)
- arrest (3)
- Ask (1)
- Ask.com (1)
- AskEraser (2)
- asset management (2)
- Asus (1)
- Asus eee (1)
- Asus Eee (6)
- Asus EEE (2)
- Asus Eee PC (3)
- AT&T (5)
- attack code (1)
- attackers (1)
- attacks (1)
- auction (2)
- audit (6)
- auditing (12)
- audits (1)
- authenticated email (1)
- authentication (11)
- authorization (5)
- AV (1)
- backup (7)
- backup and recovery (2)
- backups (1)
- badware (1)
- bandwidth (1)
- bank bailout (1)
- bank fraud (4)
- Bank fraud (1)
- Bank of America (1)
- Bank of New York Mellon (1)
- banking (2)
- Barack Obama (6)
- Barak Obama Blackberry smartphone mobile device security policy (1)
- Barracuda (1)
- bayesian filter (1)
- Bayesian filtering (1)
- BBC (1)
- BEA (1)
- BEA Weblogic (1)
- BearShare (1)
- behavior tracking (1)
- behavioral analysis (2)
- Beijing Olympics (1)
- best practices (8)
- BGP (2)
- Bhutto assassination (1)
- Biden (1)
- Bitlocker (1)
- BitLocker (3)
- Black Hat (3)
- Black Hats (1)
- black holes (1)
- Blackberry (3)
- blackberry (1)
- blacklist (2)
- Blacksberry (1)
- Blacksburg (1)
- blended threats (2)
- blocking (1)
- blog (2)
- blogs (1)
- Blue Coat (1)
- Bluethooth (1)
- Bluetooth (1)
- bonet (1)
- Boot and Nuke (1)
- boot n nuke (1)
- Border Gateway Protocol (2)
- border patrol (1)
- Boston Mass Transit Authority (1)
- bot (10)
- botnet (29)
- Botnet (1)
- botnets (22)
- bots (1)
- branding (1)
- brandjacking (1)
- Broadcom (1)
- brokerage accounts (1)
- brokerage firms (1)
- broswer (1)
- broswer security (2)
- browser (8)
- browser cache (1)
- browser extensions (2)
- browser interface (1)
- browser secuity (1)
- browser security (18)
- browser securtiy (1)
- browser sniffing (1)
- browser vulnerability (1)
- Bush (1)
- Bush administration (1)
- business alignment (1)
- business case for security (1)
- business computing (1)
- business continuity (1)
- business intelligence (1)
- cache poisoning (1)
- calendar (1)
- camera phone (1)
- campaign (1)
- campaigns (1)
- CAN Spam (1)
- Canada (1)
- captcha (1)
- CAPTCHA (1)
- career development (1)
- categorizing (1)
- cDc (1)
- cell phone (1)
- cell phones (1)
- cellphone (1)
- censorship (5)
- CERT (2)
- certification (1)
- CertifiedEmail (1)
- CES (1)
- change management (3)
- chaos (1)
- chat room (1)
- CheckPoint (2)
- child pornography (1)
- China (4)
- Chinese military (1)
- Chrome (2)
- CIO (1)
- Cisco (4)
- civil liberties (1)
- Clearwire (1)
- clickfraud (1)
- client security (3)
- Clinton (1)
- cloud computing (22)
- cloud security (4)
- CloudSQL (1)
- clustering (1)
- CMDB (1)
- cms (1)
- COBIT (6)
- code review (3)
- codecs (1)
- Colbert Report (1)
- collaboration (3)
- college (2)
- Comcast (2)
- Comcast net neutrality FCC (1)
- command and control (2)
- Common Cause (1)
- communication (1)
- complex event processing (1)
- complexity (3)
- compliance (33)
- compliance regulation (2)
- composting (1)
- compromised Web sites (2)
- computer crime (1)
- computer crime investigations (1)
- computer security (3)
- Computer Security Institute (1)
- computer survelliance (1)
- ComputerWorld (1)
- computing (1)
- computing services (1)
- Conficker (2)
- confidentiality (2)
- configuration (1)
- configuration management (2)
- consolidated security (1)
- constraint programming (1)
- constraint satisfaction (1)
- Consumer Electronics Show (1)
- content filter (5)
- content filtering (17)
- content filters (1)
- content management (2)
- content management system (3)
- control systems (1)
- copyright (4)
- copyright violation (2)
- copyrighted movies (1)
- copyrighted music (1)
- Core Security Technologies (1)
- Coreflood (1)
- counter-terrorism (1)
- counterfeit (1)
- counterintelligence (1)
- countermeasuer (1)
- countermeasures (2)
- Country Wide (1)
- Cox Communications (1)
- cracking (1)
- crawling (1)
- credit card (4)
- credit card fraud (7)
- credit card security (1)
- credit card theft (4)
- credit fraud (1)
- credit monitoring (3)
- credit reporting (1)
- crime (1)
- crimeware (3)
- critical infrastructure (2)
- critical patch (3)
- critical patch update (3)
- critical patch updates (1)
- cross site request forgery (1)
- cross site scripting (2)
- cross site scripting attacks (1)
- cross-doemain trust (1)
- cross-site scripting (2)
- cryptanalysis (1)
- cryptography (4)
- CSI (1)
- CSO (1)
- CSRF (3)
- CTIA (1)
- Cult of Dead Cow (1)
- customs (1)
- cyber attack (1)
- cyber attacks (1)
- cyber crime (1)
- cyber insurance (1)
- Cyber Monday (2)
- cyber-attack (2)
- cyber-security (1)
- cyberattack (4)
- cyberchat (1)
- cybercime (1)
- cybercrime (52)
- Cybercrime (2)
- cybereconomy (1)
- cybersecurity (14)
- cybersquatters (1)
- cybersquatting (1)
- cyberwar (2)
- cyberwarefare (1)
- cyberwarfare (6)
- cyptography (1)
- czar (1)
- Daily Show with John Stewart (1)
- Dan Kaminsky (1)
- DARPA (1)
- Darwin Awards (2)
- data breach (46)
- data breaches (2)
- data classification (3)
- data discovery (1)
- data inference (1)
- data integration (1)
- data leak (15)
- data leaks (11)
- data loss (19)
- data loss disclosure laws (1)
- data loss pervention (1)
- Data loss prevention (1)
- data loss prevention (88)
- data loss prevention disk wiping (1)
- data loss protection (5)
- data mart (1)
- data mining (2)
- data modeling (1)
- data privacy (1)
- data protection (1)
- data security (1)
- data standards (1)
- data warehouse (1)
- data warehousing (1)
- database (2)
- database administration (1)
- database auditing (2)
- database breach (1)
- database design (1)
- database encryption (2)
- database monitoring (4)
- database security (61)
- database vulnerabilitiy (1)
- database vulnerability (2)
- databasse security (1)
- David Blaine (1)
- DB2 (2)
- DBA (3)
- dban (1)
- DDOS (4)
- DDoS (2)
- ddos (4)
- dealing with evolving malware (1)
- debate (1)
- debit card theft (1)
- decryption (1)
- default passwords (1)
- DefCon (1)
- defense in depth (7)
- Dell (3)
- Democratic Party (1)
- Democratic primary (1)
- Democratic Primary (1)
- demographics (1)
- denial of service (8)
- denial of service attack (5)
- denial of service attacks (1)
- Department of Defense (4)
- Department of Homeland Security (1)
- Department of Justice (1)
- deregulation (1)
- dermatitis (1)
- design flaw (1)
- design flaws (1)
- desktop (3)
- desktop application security (1)
- desktop applications (4)
- desktop replacements (1)
- desktop search (2)
- developerWorks (1)
- development (1)
- development environment (1)
- development methodology (1)
- development tools (1)
- device security (1)
- DHS (4)
- Diebold (1)
- Diffie-Hellman (1)
- Digg (2)
- digital certificates (2)
- digital forensic (1)
- digital forensics (2)
- digital rights management (3)
- digital signatures (5)
- disgruntled employee (3)
- disk drive (1)
- disk encryption (1)
- disk recovery (1)
- disk scanning (1)
- distributed computing (1)
- distributed denial of service (1)
- DKIM (2)
- DLP (8)
- DNS (9)
- dns poisoning (1)
- DNS poisoning (2)
- DNS vulnerability (1)
- Do Not Track (1)
- DOC spam (1)
- document spam (1)
- DOD (1)
- DoJ (1)
- domain (1)
- domain hijacking (1)
- domain integrity (1)
- Domain Keys (1)
- Domain Keys Identified Mail (1)
- domain kiting (1)
- domain name system (1)
- domain registration (1)
- domain squatting (1)
- DomainKeys (2)
- DOS (2)
- DoS (2)
- DoubleClick (1)
- Doubleclick (1)
- drive by download (2)
- drive by downloads (5)
- drive-by downloads (3)
- drive-by malware (1)
- DRM (4)
- drunk texting (1)
- Dutch Shell (1)
- DVD (1)
- dynamic analyis (1)
- e-commerce (1)
- e-discovery (2)
- e-mail (1)
- e-voting (12)
- e-waste (1)
- Earth Day (1)
- Earthlink (1)
- eavesdropping (2)
- Ebay (1)
- eBay (4)
- eclipse (1)
- economic downturn (2)
- economics (1)
- economics of cybercrime (1)
- ediscovery (1)
- EEC (1)
- EEF (1)
- election (1)
- elections (2)
- electronic ballots (1)
- electronic voting (2)
- email (16)
- email abuse (1)
- email archiving (1)
- Email client (1)
- email discovery (1)
- email filter (1)
- email filters (1)
- email monitoring (1)
- email policy (1)
- email security (15)
- email spoofing (1)
- employee monitoring (2)
- encrypted e-mail (1)
- Encryption (1)
- encryption (47)
- encryption keys (1)
- end user education (1)
- end user secuity (1)
- end user security (1)
- end user training (2)
- endpoint encryption (1)
- endpoint security (1)
- energy consumption (1)
- enterprise infrastructure (1)
- EnterpriseDB (1)
- ESet (1)
- espionage (1)
- ETL (1)
- EU (4)
- European Commission (1)
- European Union (4)
- EV certificates (1)
- EV SSL (6)
- EV SSL certificates (1)
- Eve Online (1)
- event correlation (1)
- EverQuest (1)
- evolution (1)
- Exchange (1)
- executive management (2)
- eXo (1)
- expansion pack (1)
- Expedia (1)
- exploit (3)
- Express Scripts (1)
- Extended Validation SSL (1)
- extended validation SSL (1)
- Extended Validation SSL Certificates (2)
- extortion (1)
- F-Secure (1)
- FAA (1)
- Facebook (10)
- Fast Company (1)
- fast flux (1)
- fast-flux (1)
- FBI (1)
- FCC (6)
- FDIC (1)
- Federal Deposit Insurance Corporation (1)
- Federal Rules of Civil Procedures (1)
- federal security (1)
- Federal Trade Commission (1)
- feedback (1)
- FERC (1)
- file encryption (1)
- file sharing (6)
- Final Fantasy (1)
- financial services (2)
- fines (1)
- Finjan (1)
- FIrefox (1)
- Firefox (18)
- Firefox plugin (1)
- FirePhish (1)
- firewall (2)
- firewalls (5)
- fiscal stimulus (1)
- FISMA (1)
- Flash (3)
- flash drive (1)
- flash drives (1)
- foreign relations (1)
- forensic analysis (1)
- forensics (7)
- form grabber (1)
- Fortune 100 (1)
- Fortune 500 (1)
- fraud (33)
- free credit monitoring (1)
- free market (1)
- free WiFi (1)
- FreeBSD (1)
- FTC (1)
- ftp (1)
- full disk encryption (6)
- G Data (1)
- gaming (1)
- gaming assets (1)
- gaming inventory (1)
- GAO (2)
- GDI (1)
- GE (1)
- Geert Wilders (1)
- genetic engineering (1)
- Geogia (1)
- Georgia Tech (1)
- Germany (1)
- globalization (1)
- GMail (2)
- gmail (1)
- Gmail (10)
- Goggle phone (1)
- Goodmail Systems (1)
- Google (61)
- google (1)
- Google ads (1)
- Google Applications (2)
- Google Apps (10)
- Google apps (1)
- Google Apps Engine (1)
- Google Blogger (1)
- Google Books (1)
- Google Calendar (1)
- Google Chrome (2)
- Google Desktop (1)
- Google desktop (2)
- Google Docs (4)
- Google email (1)
- Google Gears (3)
- Google Goggles (2)
- Google Groups (2)
- Google mail (1)
- Google operating system (1)
- Google Pack (1)
- Google Phone (2)
- Google phone (10)
- Google Toolbar (1)
- Goolag (1)
- Governance (1)
- governance (4)
- Gphone (2)
- gPhone (1)
- Grand Prix (1)
- Great Britan (1)
- green bar (2)
- Greenborder (1)
- greenhouse gases (1)
- GroupWise (1)
- hack (3)
- hackers (1)
- hackikng (1)
- hacking (48)
- HAL (1)
- Hannaford (3)
- harassment (1)
- hard drives (1)
- hardware error (1)
- Harvard Business Review (1)
- hash functions (1)
- HD-DVD (2)
- health care records management (1)
- Heartland (1)
- Heather Mills (1)
- HerbalKing (1)
- hijacked (1)
- Hillary Clinton (4)
- HIPAA (1)
- Hitachi (1)
- hoax (1)
- holiday (1)
- Homeland Security (2)
- homeland security (1)
- honeypot (1)
- honeypots (1)
- honypots (1)
- host (1)
- host integrity (2)
- host intrusion prevention (2)
- host intrusion prevetions system (1)
- host security (1)
- hosted malware (1)
- hostile workplace (1)
- hotel security (1)
- housing and urban development (1)
- HP (2)
- HP Info Center (1)
- HPMini-Note PC (1)
- HTML (1)
- HTML Injection (1)
- HTML injection (1)
- HTTP (1)
- HUD (1)
- human factors (2)
- human resources (1)
- Hushmail (1)
- hypervisor (1)
- IBM (11)
- IBM DB2 (1)
- IBM Websphere Portal (1)
- ICANN (1)
- identity management (8)
- Identity theft (1)
- identity theft (45)
- IE (4)
- IE 7 (2)
- IE7 (1)
- IE8 (1)
- IEEE Computer (1)
- iFrame exploit (1)
- illegal downloading (2)
- illegal software (1)
- IM (4)
- image analysis (1)
- image spam (3)
- Imeem (1)
- incident management (2)
- incident response (4)
- Indiana Jones (1)
- industrial espionage (1)
- industry regulation (1)
- information classifictaion (1)
- information leaks (4)
- information security (8)
- information technology (2)
- information theft (1)
- infrastructure (1)
- infrastructure protection (1)
- ING (1)
- ING Direct (1)
- Injection attack (1)
- injection attack (4)
- injection attacks (2)
- insider abuse (10)
- insider attack (4)
- insider threat (3)
- insider trading (1)
- instant messaging (3)
- insurance (1)
- Intel (4)
- Intel Dual Core (1)
- intellectual property (9)
- intellectual property theft (1)
- intelligence (1)
- intelligence agency (1)
- intelligence gathering (1)
- Interent Explorer (1)
- interface design (1)
- Internet (4)
- Internet access (1)
- Internet Explorer (16)
- Internet Explorer 7 (1)
- Internet rumor (1)
- Internet security (1)
- intrusion detection (1)
- intrusion prevention (7)
- intrustion detection (1)
- intrustion prevention (1)
- IP address (1)
- IP reputation filter (1)
- IP spoofing (1)
- iPhone (15)
- iphone (3)
- iPhone 2.0 (1)
- iPod (2)
- IPOWER (1)
- IPS (4)
- IRC (1)
- Irish Potato Famine (1)
- IRS (3)
- ISO 27002 (1)
- ISO-17799 (1)
- ISP (14)
- Isreal (1)
- IT (2)
- IT budget (1)
- IT budgeting (1)
- IT infrastructure (1)
- IT management (2)
- IT security (1)
- IT services (1)
- IT spending (1)
- Italian Job 3 (1)
- Italy (1)
- ITIL (7)
- iTouch (4)
- iTunes (1)
- iTunes update (1)
- IXQuick (1)
- jail break (1)
- Japan (1)
- Java security (1)
- JavaFX (1)
- Javascript (7)
- JavaScript (1)
- JBoss (1)
- Jeremy Clarkson (1)
- John Mcain (1)
- John McCain (4)
- JScript (1)
- JSON (1)
- JSR 168 (1)
- Julius Baer Bank and Trust (1)
- Kaspersky (1)
- key management (2)
- keylogger (6)
- keyloggers (1)
- kiting (1)
- Kmart (1)
- Koobface (1)
- Kraken (1)
- kudzu (1)
- laptop (9)
- laptop security (5)
- laptop theft (5)
- Large Hadron Collider (1)
- least privilege (2)
- least privileges (1)
- legislation (3)
- Lending tree (1)
- Leopard (3)
- LHC (1)
- liability (2)
- Lieberman (2)
- Liferay (1)
- Limewire (2)
- LinkedIn (3)
- LinkedIn porn malware (1)
- Linux (14)
- Linux desktop (2)
- lock down (1)
- lock picking (1)
- locksmith (1)
- log analysis (2)
- log monitoring (1)
- lost laptop; stolen laptop; data loss protection; data leak; identity theft; Best Buy (1)
- Lotus Notes (1)
- Lotus Symphony (2)
- Mac (3)
- Mac OS (7)
- Mac OS X (11)
- mail delivery (1)
- malicious domains (1)
- malicious Web site (1)
- malicious Web sites (2)
- malware (138)
- Malware (3)
- malware detection (1)
- malware Trojans worms viruses defense in depth anti-virus anti-malware Mac OS X iPhone iTouch (1)
- man in the middle attack (3)
- man-in-the-middle attack (1)
- managed devices (1)
- managed security services (1)
- managing security budgets (1)
- market (1)
- mashup (1)
- mashups (1)
- Massachusetts (1)
- massacre (1)
- Mastercard (1)
- McAfee (15)
- McAfee Site Advisor (2)
- McAFee SiteAdvisor (1)
- McAfee SiteAdvisor (1)
- Mcain Palin (1)
- McCain (4)
- MD5 (1)
- Media Defender (1)
- MediaDefender (1)
- medical malpractice (1)
- merger (1)
- message digests (1)
- messaging (1)
- metadata (1)
- Metasploit (2)
- metrics (1)
- MI5 (2)
- MI6 (1)
- Micheal Jackson (1)
- Microsoft (61)
- Microsoft Access (1)
- Microsoft Data Engine 1.0 (1)
- Microsoft Exchange (1)
- Microsoft Host Integration Server (2)
- Microsoft Live (1)
- Microsoft Mobile (1)
- Microsoft Office (6)
- Microsoft Project (1)
- Microsoft security (2)
- Microsoft SQL Server 2000 Desktop Engine (1)
- Microsoft SQL Server 2005 Express Edition (1)
- Microsoft Sync Framework (1)
- Microsoft Threat Analysis and Modeling (1)
- Microsoft Threat Analysis and Modeling Tool (1)
- Microsoft Vista (1)
- Microsoft Windows (1)
- Microsoft Windows 2000 (1)
- Microsoft Word (1)
- Microsoft XP (1)
- midsized business (1)
- MiiVi.com (2)
- military network (1)
- mini notebook (1)
- mini-laptop (1)
- mismanagement (1)
- missle defense (1)
- MIT (1)
- MITM (1)
- Mitt Romney (1)
- MMS (1)
- mob (1)
- mobile (1)
- Mobile Armor (1)
- mobile banking (1)
- mobile computing (2)
- mobile device (1)
- mobile device security (6)
- mobile devices (6)
- mobile devices malware iPhone Blackberry Google Phone (1)
- mobile malware (1)
- mobile messaging services (1)
- mobile operating system (1)
- mobile phone (2)
- mobile phones (1)
- mobile security (4)
- mobile storage devices (1)
- money laundering (1)
- monitor (1)
- monitoring (9)
- Monster.com (1)
- Morris worm (1)
- mortgage lending (1)
- Motion Picture Association of America (2)
- Moziall Firefox (1)
- Mozilla (10)
- Mozilla Fireforx (1)
- Mozilla Firefox (2)
- MPAA (4)
- MPack (1)
- MS Exchange (1)
- MS Jet (1)
- MS SQL Server (1)
- MTV (1)
- multimedia messaging (1)
- multiplayer games (1)
- municipal WiFi (1)
- music download (1)
- music industry (1)
- music piracy (1)
- MySpace (4)
- MySQL (5)
- MySQL security (1)
- myth (1)
- NAC (1)
- NASA (1)
- national defense (1)
- national security (2)
- natural language processing (1)
- NeoSploit (1)
- Nessus (1)
- Net Neutrality (1)
- net neutrality (1)
- Netflix (1)
- network (1)
- network abuse (1)
- network access control (1)
- network access controls (1)
- network appliance (2)
- network engineering (1)
- network intrusion prevention (1)
- network monitoring (1)
- network protocols (1)
- network scanner (1)
- network security (64)
- network vulnerabilities (1)
- network vulnerability scanning (1)
- network worms (1)
- Nicholas Carr (1)
- nickle (1)
- Nigerian scam (1)
- NIST (1)
- NLP (1)
- Nmap (1)
- Novell (2)
- NPR (2)
- NSA (2)
- nuclear secrets (1)
- NV Labs (1)
- oauth (1)
- Obama (8)
- Obama administration (1)
- obfuscation (1)
- Office (1)
- office suite (1)
- Ohio (3)
- olap (1)
- OLAP (1)
- one time passwords (1)
- online (1)
- online activity tracking (1)
- online ads (1)
- online advertising (2)
- online applications (2)
- online banking (16)
- online desktop (1)
- online fraud (1)
- online gaming (6)
- online identity (1)
- online pornography (1)
- online security (1)
- online storage (1)
- online theft (2)
- open access (2)
- open source (3)
- Open Source Security Testing Methodologies Manual (1)
- OpenBSD (1)
- OpenDNS (5)
- OpenFlow (1)
- OpenID (5)
- OpenLaszlo (1)
- OpenOffice (3)
- OpenSocial (1)
- OpenSSH (1)
- OpenSSL (2)
- OpenSSL vulnerability (1)
- Opera (3)
- operatin g system (1)
- operating system (4)
- operating system development (1)
- operating system hardening (1)
- operating system market (1)
- operating system restore (1)
- operating system security (3)
- operating systems (1)
- Oracle (28)
- Oracle Data Vault (1)
- organizational management (1)
- OSSTMM (1)
- OTP (1)
- Outlokk (1)
- Outlook (1)
- outsourcing (1)
- OWASP (2)
- P2P (10)
- p2p (1)
- P2P networks (1)
- Pakistan (1)
- Palin (3)
- Palm (1)
- Palm Centrino (1)
- Palm OS (5)
- paper ballots (1)
- paper trail (2)
- parallel processing (1)
- Paralles (1)
- parental controls (1)
- passsword stealing (1)
- password (5)
- password crackers (1)
- password cracking (3)
- Password Hasher Firefox Extension (1)
- password management (1)
- password manager (1)
- password policy (1)
- Password Safe (1)
- password stealing (1)
- passwords (11)
- patch (13)
- patch management (19)
- Patch Tuesday (3)
- patching (23)
- patent (3)
- Payment Card Industry (1)
- Payment Card Industry Data Standards (1)
- PayPal (5)
- PC (1)
- PC security (4)
- PCI (5)
- PCI Data Security Standard (1)
- PCI Data Standards (1)
- PCI DSS (3)
- PDA (2)
- PDA security (1)
- PDF spam (2)
- peer-to-peer (1)
- Peer-to-Peer (1)
- penatration testing (1)
- penetration testing (3)
- Pennsylvannia primary (1)
- Pentagon (7)
- perimeter defenses (3)
- personal devices (1)
- personal financial services (1)
- personally identifiable information theft (1)
- Pew Internet & American Life (1)
- Pew Research (1)
- Pfizer (2)
- Phalanx (1)
- Phantom (1)
- pharming (4)
- phishing (80)
- Phishing (3)
- phisihing (1)
- PHP (3)
- PHP security (1)
- physical security (3)
- PII (1)
- piracy (4)
- PKI (1)
- planning and organizing (1)
- Playstation 3 (1)
- plug-ins (2)
- point of sale (1)
- Pointsec (1)
- policies (1)
- policies and procedures (1)
- policy (2)
- policy enforcement (3)
- Policy enforcement (1)
- policy frameworks (1)
- policy management (4)
- politics (1)
- polymorphic virus (1)
- pop-ups (2)
- porn (6)
- pornography (4)
- portal security (2)
- Portals (1)
- POS (1)
- Poste Italiane (1)
- Postini (2)
- potentially unwanted program (1)
- potentially unwanted programs (2)
- power grid (1)
- power saving (1)
- PowerPoint (1)
- Premier Election Solutions (1)
- Presidential campaign (1)
- presidential campaign (3)
- presidential candidates (3)
- presidential election (4)
- Presidential elections (1)
- primary election (1)
- privacy (40)
- Privacy (1)
- privacy directive (1)
- privacy directives (1)
- privacy legislation (1)
- privacy protection (1)
- PrivacyFinder.org (1)
- private investigation (1)
- privilege elevation (1)
- product evaluation (1)
- product selection (1)
- productivity (1)
- programming errors (1)
- project management (1)
- property rights (1)
- prosecution (1)
- public key cryptopgraphy (1)
- public policy (1)
- pump and dump (2)
- PUP (2)
- put options (1)
- Qualcomm (1)
- quality control (1)
- query interface (1)
- Radware (1)
- random js toolkit (1)
- randomness (1)
- ransomware (2)
- rash (1)
- RBN (1)
- Reader (1)
- recession (1)
- Reconnex (1)
- recording industry (2)
- recovery (3)
- regulation (4)
- regulation. Obama (1)
- regulations (1)
- Reh Hat (1)
- relational database (1)
- relational databases (1)
- remote access (4)
- remote access security (1)
- remote code execution (2)
- remote exploit (1)
- remote management (1)
- reporting (1)
- reputation (1)
- reputation management (1)
- requirements analysis (1)
- requirements management (1)
- resiliency (1)
- resiliency engineering (1)
- retail (1)
- retailer (1)
- reveneues (1)
- revolt (1)
- reward (1)
- RFID (4)
- Rhapsody (1)
- RIA (2)
- RIAA (6)
- rich internet application (1)
- rich internet applications (1)
- rich Web applications (1)
- Richard Clarke (1)
- Richard Stallman (1)
- risk (2)
- risk analysis (5)
- risk assessment (3)
- risk management (20)
- risk mitigation (3)
- Robert Alan Soloway (1)
- Rolls Royce (1)
- Ron Paul (2)
- root access (1)
- root kits (3)
- rooted (1)
- rootkit (1)
- rootkits (6)
- rotation of duties (3)
- rotation of dutities (1)
- RSA (4)
- RSA 2009 (1)
- Ruby (3)
- Ruby on Rails (3)
- Rudder (1)
- Russia (1)
- Russian Business Network (1)
- SaaS (3)
- Safari (6)
- SafeBoot (1)
- Salesforce.com (2)
- sampling (1)
- San Francisco (2)
- sand box (1)
- sandbox (1)
- SANS (1)
- SANS What Works (1)
- Sarah Palin (1)
- satellite (1)
- Scalia (1)
- scam (1)
- scareware (1)
- Scientific American (1)
- screen grabber (2)
- screen logger (1)
- script (1)
- script kiddie (2)
- scripting (1)
- search (2)
- search and siezure (1)
- search engine (1)
- search engines (1)
- Sears (1)
- Second Life (4)
- Secunia (1)
- Secure Computing (1)
- Secure mashups (1)
- secure programming practices (1)
- secure voting (1)
- SecureWorks (1)
- security (34)
- security appliance (1)
- security as a service (3)
- security audit (1)
- security awareness (11)
- security awareness training (2)
- security baseline (1)
- security best practices (3)
- security breach (1)
- security budget (2)
- security budgeting (1)
- security by obscurity (1)
- security domains (1)
- Security Exchange Commission (1)
- security hardware (1)
- security industry (1)
- security informaiton management (2)
- security information management (1)
- security investment (1)
- security management (114)
- security managment (2)
- security market (2)
- Security market (1)
- security methodologies (1)
- security metrics (1)
- security monitoring (1)
- security policies (9)
- security policy (14)
- security practices (2)
- security professionals (1)
- security reporting (1)
- Security research (1)
- security ROI (1)
- security testing (3)
- security threats (3)
- security training (7)
- security update (1)
- security vendors (5)
- security vulnerability (1)
- semi-managed devices (1)
- Sender Policy Framework (2)
- SenderID (1)
- sendmail (2)
- Sentrigo (1)
- separation of duties (2)
- server hardening (1)
- server management (1)
- server security (6)
- server vulnerability (1)
- servers (2)
- service management (1)
- service oriented architecture (1)
- sex scandal (1)
- shredding (1)
- signature base detection (1)
- signature-based analysis (1)
- Silverlight (2)
- SIM (1)
- simulation (1)
- single sign on (1)
- SIP (1)
- SitAdvisor (1)
- SiteAdvisor (1)
- skills (1)
- Skydrive (1)
- Skype (5)
- small and midsized business (1)
- small and midsized businesses (1)
- small business (1)
- small businesses (1)
- small mid-sized businesses (1)
- small midsized business (3)
- smartphone (10)
- smartphones (19)
- Smash (2)
- smb (1)
- SMB (8)
- SMM (1)
- SMS (3)
- Snort (1)
- SOA (1)
- sobriety tests (1)
- social engineering (26)
- social enterprise (1)
- social networking (8)
- society (1)
- sociological drivers (1)
- Société Générale (1)
- software as a servcies (1)
- software as a service (4)
- software as a services (1)
- software asset management (1)
- software design (1)
- software development (6)
- software development methodologies (3)
- software development methodology (1)
- software engineering (1)
- software life cycle (1)
- software life cycle management (1)
- software policy (1)
- software reliability (1)
- software security (1)
- Sony (1)
- Sophos (1)
- Souter (1)
- SouthPark (1)
- Spam (1)
- spam (60)
- spam filter (1)
- spam filtering (1)
- spam stimulus package porn adult film industry bankikng auto industry IRS (1)
- Spamassasin (1)
- Spamassassin (1)
- Spamhaus (2)
- spammers (2)
- spear phishing (1)
- SPF (2)
- spoofing (1)
- Sprint (1)
- spybot (1)
- spyware (19)
- spyware SpyBot Ad-Aware Mcafee Site Safe OpenDNS (1)
- SQL Injection (8)
- SQL injection (5)
- SQL injection attacks (1)
- sql injection scanner (1)
- SQL Server (5)
- SQL Server 2000 (1)
- SQL Server 2005 (1)
- SQL Server 7.0 (1)
- SQL Slammer (1)
- SQLNinja (1)
- SSH (1)
- SSL (5)
- stability issue (1)
- Star Office (1)
- state sponsored cybercrime (1)
- State Street (1)
- static analysis (2)
- statistical analysis (1)
- statistics (2)
- stealth update (1)
- Stephen Colbert (1)
- stimulus plan (1)
- stolen laptop (2)
- StopBadware (1)
- storage services (1)
- Storm (5)
- Storm bot (1)
- Storm worm (3)
- Sun (4)
- Sun Java System Portal (1)
- Sunbelt (1)
- Super Tuesday (1)
- supercomputing (1)
- superhackers (1)
- Supreme Court (1)
- SURBL (1)
- surveillance (7)
- survey (3)
- SUSE (1)
- Sylvania G Netbook (1)
- Symantec (12)
- Symbain (1)
- Symbian (4)
- Symbion (1)
- system administration (1)
- system resiliency (1)
- systems administration (1)
- systems complexity (1)
- systems reliability (1)
- T-Mobile (2)
- targeted attacks (1)
- taxes (1)
- TCP (6)
- technology (1)
- technology policy (1)
- telecommunications industry (2)
- telephony (1)
- telephony security (1)
- testing (4)
- testing methodology (1)
- testing standards (1)
- text messaging (1)
- text mining (1)
- The Economist (1)
- theft (1)
- ThinkFree (1)
- Thinkfree (1)
- threat analysis (2)
- threat assessment (1)
- threat management (1)
- threat modeling (1)
- threat modelying (1)
- threatening messages (1)
- threats (3)
- Thunderbird (1)
- Tiger (2)
- Time Warner Cable (1)
- timing attack (2)
- TJX (9)
- Tor (1)
- Torpig (1)
- TorrentFreak (1)
- tracking (1)
- training (3)
- transportation (1)
- Trend Micro (2)
- Treo (1)
- Tripwire (1)
- Trojan (17)
- trojan (1)
- Trojan horse (7)
- Trojan horses (3)
- Trojan Horses (1)
- Trojans (9)
- trust model (1)
- trustec computing paltform (1)
- trusted computing (3)
- Trusted Computing Platform (1)
- trusted computing platform (2)
- trusted path (1)
- trusted Web sites (1)
- Turing Test (1)
- Twitter (2)
- twitter (1)
- typosquatting (1)
- UAC (2)
- Ubuntu (6)
- UK (2)
- Ukraine (1)
- ultraportable (1)
- underground economy (1)
- unified communications (1)
- unified threat management (6)
- Unisys (1)
- university (1)
- unlock (2)
- unmanaged devices (2)
- unwanted content (1)
- update (1)
- URIBL (1)
- url blocking (1)
- URL filtering (1)
- URL redirect (1)
- US-Cert (1)
- usability (2)
- USB (1)
- USB flash drive (1)
- user authentication (1)
- user awareness (3)
- user training (2)
- utility computing (1)
- UTM (3)
- VA (2)
- Valentines Day spam (1)
- vandalism (1)
- VBScript (1)
- Verified Voting (1)
- Veritas (1)
- Verizon (4)
- Verizon Wireless (2)
- VerizonWireless (2)
- version control (1)
- Viacom (2)
- video (2)
- video conferencing (1)
- Virginia Tech (2)
- virtual criminology (1)
- virtual currency (1)
- virtual goods (1)
- virtual machine (1)
- virtual private database (2)
- virtual server (2)
- virtual server security (1)
- virtual servers (1)
- virtual theft (1)
- virtual world (1)
- virtual worlds (1)
- virtualizaiton (1)
- virtualization (13)
- virtualization security (1)
- virtualization sprawl (1)
- virus (18)
- Virus (1)
- viruses (4)
- virutalization (1)
- Visa (1)
- vishing (2)
- Vista (26)
- vitrualization (1)
- Viver (1)
- VMWare (4)
- VoIP (7)
- VoIP security (3)
- voter fraud (1)
- voter registration (1)
- voting (2)
- voting fraud (2)
- voting machines (3)
- voting security (1)
- VPD (2)
- vpn (1)
- VPN (2)
- vPro (2)
- VT (1)
- vulnerabilities (34)
- vulnerability (35)
- vulnerability assessment (12)
- vulnerability management (5)
- vulnerability scanner (1)
- vulnerability scanning (16)
- vulnerability testing (1)
- vunlernability scanning (1)
- W-Fi (1)
- Wabisabilabi (1)
- Wall St meltdown (1)
- war (1)
- warrantless wiretapping (1)
- weak encryption keys (1)
- weak keys (1)
- Web (1)
- Web 2.0 (15)
- Web 2.0 security (1)
- Web 2.0. (1)
- Web application (2)
- Web application security (19)
- web application security (4)
- Web browser (1)
- Web crawler (1)
- Web email (1)
- Web filtering (1)
- Web hacking (1)
- Web hosting (1)
- Web meeting (1)
- Web rediret (1)
- web security (1)
- Web security (10)
- Web server security (2)
- Web services (1)
- Web site (1)
- Web site attack (1)
- Web site defacement (1)
- Web site integrity (1)
- Web site security (8)
- Web sites (1)
- Web spoofing (1)
- Web surfing (1)
- WebLogic (1)
- WebOS (1)
- Website security (1)
- Website vulnerability (1)
- WEP (2)
- whistle blowing (1)
- white lists (1)
- whitespace (1)
- WhyFirefoxIsBlocked (1)
- whyfirefoxisblocked (1)
- wi-fi (1)
- Wi-Fi (1)
- WiFi (2)
- WiFi communications industry auto industry (1)
- WiFi security (3)
- wiki (1)
- WikiLeaks (1)
- Wikileaks (1)
- wikis (1)
- WiMax (2)
- Windows (16)
- Windows 7 (1)
- Windows administration (1)
- Windows Internal Database (1)
- Windows Live (1)
- Windows Mobile (3)
- Windows registry (1)
- Windows security (8)
- Windows Server 2003 (1)
- Windows Server Service (1)
- Windows Update (1)
- Windows Vista (6)
- Windows XP (3)
- Wired (1)
- wireless (5)
- wireless auction (1)
- wireless encryption (1)
- wireless network (1)
- wireless security (3)
- wiretapping (2)
- Wordpress (1)
- workflow (1)
- World Bank (1)
- World of Warcraft (3)
- worm (4)
- wormm SIS (1)
- worms (13)
- WoW (1)
- WPA (1)
- XACML (1)
- XDrive (1)
- Xen (1)
- XP (2)
- XSRF (2)
- XSS (5)
- Yahoo (6)
- Yahoo widgets (1)
- YouTube (7)
- Yugma (2)
- ZanghSearch (1)
- zero day (1)
- zero day vulnerability (2)
- zero-day attack (1)
- zero-day theats (3)
- zero-day vulnerability (1)
- Zimbra (1)
- Zoho (12)
- Zoho Meeting (1)
- zombie (1)
- zombies (2)
- Zonbu (2)