The role of information security has not been clearly defined in many organizations and these organizations face challenges such as lack of senior management’s commitment to information security initiatives, poor security planning, integration issues between business goals and information security, issues relating to accountability for implementing, monitoring and reporting on information security and so on. Continue reading “Business Model for Information Security – What is it all about?”
IE, Firefox, Safari & iPhone taken down at Pwn2Own
At the CanSecWest security conference held earlier this year, IE, Firefox, Safari & iPhone were taken down within minutes. The fully patched systems went down to remote exploits which only goes to show how insecure internet facing systems are.
Continue reading “IE, Firefox, Safari & iPhone taken down at Pwn2Own”
Banks responsible for hacked customer accounts
A recent ruling by consumer court in Mumbai, India has held the bank responsible if it has not complied with regulations and the account holders money is fraudently transferred. Continue reading “Banks responsible for hacked customer accounts”
Economic Value of a threat
Is it sufficient to just benchmarks threats based on CVSS ratings or do we need to do something more to actually understand the threat better Continue reading “Economic Value of a threat”
Securing Endpoints
Endpoint security has been gaining ground in the IT Security world in the last couple of years, though they have been around for more than a decade and a half. The first product from the Endpoint Security stable was the anti-virus software. Now endpoint security includes personal firewall, host IDS, anti-spyware, client anti-spam, client remote access etc apart from many other tools. This article delves more into the concept of endpoint security.
Another incident and more questions
Network Solutions had an IT Security incident in June this year that compromised more than 573,000 credit and debit cardholders. In what is becoming a very regular post incident debate the issue being asked is – Do certifications such as ISO27001, PCI really beef up IT Security in companies? Continue reading “Another incident and more questions”
7 Basic Steps to Secure Your Wireless Router
Wireless network has become one of the weakest security links in IT infrastructure in recent times. Many security incidents have been linked to weak configuration of the Wi-Fi router at home / office. This article gives a checklist of 7 basic steps to secure your Wi-Fi router. Continue reading “7 Basic Steps to Secure Your Wireless Router”
Employee IT Security behavior turns worse
A new study released by the Ponemon Institute reveals that there is a general lack of awareness and enforcement of computer security policies at many companies. The rate of non-compliant employee behavior appears to be getting worse over time. Continue reading “Employee IT Security behavior turns worse”