RiskIT Logo

Issue 52                                             Friday, December 9, 2011 

 

2011's Biggest Breaches: What We've Learned

 

 

In the IT Security school of hard kocks, 2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"

 

 

To read this article in its entirety, please click:

2011's Biggest Breaches: What We've Learned

Breach Notification Planning Tips

 

Walgreen's Privacy Officer Stresses Documentation, Training

 

Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, provacy official at the Walgreens national drugstore chain.

 

  

To read this article in its entirety, please click:

Breach Notification Planning Tips

 

 

Data Loss Prevention - Without the New Blinky Boxes

 

I can't help but notice that amongst the Information Security professionals I've talked to lately at various conferences and venues acoss the country there is a very serious push to return to basics.

 

There is a backlash against vendors selling an appliance of a quick fix to point-in-time problem.

 

 

 

To read this article in its entirety, please click:  

Data Loss Prevention - Without the New Blinky Boxes

    

Organizing a Breach Notification Team

 

It's Not Enough to Have a Team; You Also Must Test it

It's one thing to have a data breach response team. It's wuite another to ensure that team is made up of savvy personnel, says Brian Dean, a former privacy executive for KeyBank.

"You need people at the table who understand the organizational structure and are savvy enough to know who needs to be at the table in the event of a breach."

To read this article in its entirety, please click: 

 Organizing a Breach Notification Team

 

Common Errors in Firewall Configurations
  

A firewall is worse than useless of improperly configured because of the false sense of security; however, a properly configured firewall is a cornerstone asset of perimeter security.

 

Two of the most common errors found on a firewall configuration are "Rules Allows Access to "ANY" Port" and "Simple Network Management Protocol."

 

 

  

To read this article in its entirety, please click:

 

 
RiskIT Logo 
is an email publication provided by

 

Eminere Group Logo 

 

Disaster Recovery Journal

 

 

 

ISACA Logo

 

 

 

 HIMSS Logo

 

 

More Useful Links...
  
  
  
  
  
  
  
  
  
Join Our Mailing List