User Blogs

User Blogs

Discussions and Blogs
Tags >> Information Security
Mar 18
2012

Protecting Your Customer Data from Hackers

Posted by Robert Siciliano in Information Security

Robert Siciliano

Criminal hackers hack for fun, fame, revenge, trade secrets, or terror, but mostly they hack for financial gain. According to a data breach study, based on 75 incidents in the second half of 2010, 13% of web hacking cases involved leaked client data leading to financial fraud. (The top two reasons hackers attacked websites were site defacement at 15% and site downtime at 33%.)

Mar 07
2012

5 Must Have Small Business Security Tools

Posted by Robert Siciliano in Information Security

Robert Siciliano

Security Alarm System: No matter what kind of business you are in, there is something of value within your facility that a criminal will fence for drugs. Everything from products you sell, to warehouse items, maintenance tools, phone systems, office furniture, computers and the company safe.

Feb 24
2012

Almost 5% of Smartphones Lost Every Year

Posted by Robert Siciliano in Mobile Device Management , Information Security

Robert Siciliano

McAfee and Ponemon Institute recently released “The Lost Smartphone Problem,” a study that attempts to determine how many employees’ smartphones are lost or stolen, and the consequences of these lost cell phones on various organizations. Among the 439 sample organizations, the number of missing smartphones is significant: 142,708 in one year.

Nov 09
2011

Something is rotten in my kingdom

Posted by Didier Godart in Information Security , Compliance

Didier Godart

Ten years ago, self-regulation through the implementation of good security practices was thought to be the way organizations would protect their, and our, sensitive data but the number of reported security incidents demonstrates that self-regulation doesn't actually work. It's like hoping that a kid does his home work only because he fully understands all the benefit for himself. Actually, this kind of self-governing behaviour requires some level of maturity and a deep self-consciousness of the risks faced.

Oct 03
2011

My thoughts on the 2011 Verizon PCI Compliance Report

Posted by Didier Godart in PCI , Information Security , Compliance

Didier Godart

If you ever endeavour getting data about the compliance rate from PCIco or the Payment Brands you would know how challenging it is, probably more challenging than finding the Holy Grail. So in this context the release of the Verizon 2011 Payment Card Industry Compliance Report is quite enlightening for the security industry and merchant community. It gives us a good sense of reality of the field.

Jul 29
2011

5 Security Considerations for a Mobile Phone

Posted by Robert Siciliano in Information Security

Robert Siciliano

Nielsen reports “We are just at the beginning of a new wireless era where smartphones will become the standard device consumers will use to connect to friends, the internet and the world at large. The share of smartphones as a proportion of overall device sales has increased 29% for phone purchasers in the last six months; and 45% of respondents indicated that their next device will be a smartphone.”

Jul 14
2011

Security Threat Concerns ATM Industry

Posted by Robert Siciliano in Information Security , ATM Skimming

Robert Siciliano

Today, there are over 2.2 million ATMs worldwide, and by 2015 there will be around 3 million. ATM skimming accounts for as much as 30% of all data theft. That’s about $350,000 in fraud every day in the United States alone, or more than a billion dollars a year.

May 16
2011

Breaches Upon Breaches, Sony, X-Factor, LastPass, bin Laden Scams

Posted by Robert Siciliano in Information Security

Robert Siciliano

When a major corporation like Sony gets hit then you know we are all vulnerable. Sony is a great company and like many great corporations is under constant attack. The landscape of information security is changing every day and criminals are aiming their cyber-weapons at the biggest targets in the world.

Mar 22
2011

US Government anticipates spending $79 billion on IT in 2011

Posted by Cinthia Pilar in IT Security , it governance , Information Security , Federal Government

Cinthia Pilar

The federal government anticipates spending $79 billion on information technology (IT) in fiscal year 2011. The Office of Management and Budget (OMB) plays a key role in overseeing the implementation and management of federal IT investments.

Mar 16
2011

3 Things Good Security Processes Won't Do

Posted by Brent Huston in IT Security , Information Security , BPM

Brent Huston

We hear a lot of talk about needing good information security processes, but why are they so important? Well, besides being the basis for a strong security program and compliance with regulatory guidance, they also represent the best way to get consistency across the security initiative and between silos of knowledge. Done right, good security processes halt infosec by "cult of personality", but they aren't infallible. Here are three things that having good information security processes won't do:

Mar 08
2011

Glad to join the community - Security and Compliance

Posted by Robb Reck in Information Security , Compliance

Robb Reck

I am very excited to have been invited to participate in the community here at itgrcforum.com. My professional passion is finding the sweet spot where security and compliance work as enablers of the business rather than impediements. I look forward to sharing my thoughts on practical ways that security and compliance professionals become that kind of asset to their business. What follows is the revised version of a piece I wrote in 2010 for my own site, but I believe it will nicely introduce you to my take on security, compliance and business.

Dec 09
2010

G R C, where did the S go?

Posted by Arno Kapteyn in IT Security , Information Security , Governance

Arno Kapteyn

The Blog post “To GRC or not to GRC, that is the question” looked at the integrated function of IT governance, risk and compliance (GRC) and why it is logical to combine these functions. The article ended with a question: “Why not integrate even more functions?” To answer that question we now look at integrating the ‘s’ of IT security.


Subscribe via Email

 Your Email:
Banner

Tag Cloud

2012 abduction Aberdeen Group alarm alarms Android Apple Apps ATM Skimming Audit Bank Fraud Banking Security BillGuard BlackBerry botnet BPM breaches BS 25999 burglar burglary Business Continuity BYOD change management cheating children pictures Cloud Cloud Security Cobit collaboration Community discussion Compliance computer failure Consumer IT Tips contactless credit card credit card breaches Credit Card Fraud credit cards credit fraud Cross-Device Security Cyber gangs cyber monday Cyber Security cyberbullying cybercrime cybercriminal cybercriminals cybersecurity cyberwise data Data Backup Data Breaches data security Data Storage DDOS Device Reputation digital devices Digital Forensics digital life Digital Security digitally secure Disaster Recovery DNS download DPI driver's license dumps E-Commerce eBanking Electronic Discovery Electronic ESI electronic passport EMV Endpoint Security entity theft Epsilon ERM ESI Ethics Events Facebook FCC FCPA FDIC Federal Government FFIEC Financial Crisis firewall FourSquare Fraud gaming Gartner Geo-tagging gold farming Governance GPS grc GRC evaluation GRC Marketplace GRC technology readiness GRChange Green IT grey charges guard dogs Hackers Hackproof Hacktivism holidays home invasion home security Hotspot HP IAM iCloud id ID Theft Identity theft Information Management Information Security Information Supply Insider Threat Internal Audit Internal Controls internet safety iOS app iovation IP address iphone iPhone security ISACA ISO 27000 ISO 27001 ISO 31000 IT Alignment it compliance it governance IT GRC Forum Events it risk management IT Security IT Service Management ITIL jailbreaking Jobs keylogger laptop security Litigation Malware marathon mCommerce Member Discount Mobile Mobile Apps Mobile Banking mobile device Mobile Device Management Mobile Devices Mobile payment mobile phone mobile security Mobile Wallet mSecurity Multi-Regulatory Compliance multifactor authentication myblog Network Security New Years NFC NFC app Online Backup Online Banking online dating online gaming online identity online privacy online safety Online Security online shopping Operational Management OSHA Outsourcing P2P Security Panel Partner Offers passport passwords PCI Performance Management personal data personal device Personal Security pheasting phishing Policy predator Privacy Prize Draw QR Codes ransomeware ransomware Regulation E remote access resume fraud Risk Assessment Risk Management RSA Rules safety tips scam scammer scammers Scams scareware Seasonal Security security apps security tips sext Shopping shredding skimming Skimming Fraud small business smartphone smartphones smishing Social Media social network Social Security SOX spammers spokesman Spyware SSDs Standards strangers Strategy tablets tax scams Tech tech support technology Threat Management Tokenization TQM Twitter typosquatting Virus VPN wallet web Webcast Q&A Wi-Fi WIFI WiFi password wireless
Banner