Can I see your CyberSecurity License # please?

August 29, 2009

There is a bill, S.773, floating around the Senate that will require cybersecurity professionals in the future to be licensed, similar to how a general contractor, electrician etc is licensed. Furthermore, according to CNET News, “[the bill] appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency.”

Will this bill pass? Or even more important, is it a good idea?

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Government Mulls Over P2P Regulation

August 18, 2009

Many companies have already taken this step and banned P2P use by their employees. Businesses have their own sensitive data that they must secure, including customer credit card numbers, private emails, etc. By intentionally allowing file sharing, P2P essentially undoes everything IT security is trying to do.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

SOX May Be Overturned by Supreme Court

August 17, 2009

The lawsuit claims the Sarbanes-Oxley Act violates constitutional requirements since it gives the Public Company Accounting Oversight Board regulatory powers over the accounting industry, and yet its members are not appointed by the President. They argue that this is a violation of the separation of powers specified in the constitution that leaves the President with insufficient control over what could be considered an executive function.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Yes…I am alive!

August 14, 2009

Sorry for the lack of posts the past two weeks, I was in Vegas for  BlackHat and Defcon, took a couple day break, and then Boston but now I am back in action! More posts to come in the next few days.

Share and Enjoy:

Related posts

No related posts.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

3 Reasons Against Patch Tuesday

July 28, 2009

Ultimately, whether you participate in Patch Tuesday or not depends on the nature of your unique enterprise. Some organizations cannot afford the risks of waiting to patch and require more vigilant updating to protect their systems. Other organizations may value the fluidity of operations over security and prefer a monthly scheduled time for patching.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Compliance Complaints: Rethinking PCI

July 27, 2009

Many are unsatisfied with the “checklist” format of PCI compliance. They commonly point out how this switches the goal from overall security and risk management to simply compliance. Some of these standards don’t seem to help security at all, such as configuration management. PCI compliance should not be the goal, but it ought to serve as a jumping off point towards promoting better security practices. But too many organizations either have a purely audit-based mentality while others regard the compliance as a frustrating burden.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Going to Blackhat? Meet me for drinks and receive a signed copy of Hacking Exposed: Malware and Rootkits

July 24, 2009

Going to Blackhat? Meet me for drinks and receive a signed copy of Hacking Exposed: Malware and Rootkits. Register to attend the event to receive your signed copy of Hacking Exposed: Malware and Rootkits

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Only 5 more states left!

July 22, 2009

Missouri has become the 45th state to enact data breach notification legislation, leaving 5 states left.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

Hackers to VAServ: “it was ur own stupidity and excessive passwd reuse”

July 21, 2009

The hackers told Foster that repeated use of the same four passwords made it easy to infiltrate the VPS “thanks to ur mad passwds” – one of which they claim was “f0ster.”

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

The Joys of Security Audits

July 20, 2009

This is why security audits are so important; they inform you on the current level of your security. This knowledge empowers you to make informed decisions regarding data risk analysis. You should conduct your own security audits often and after implementing new security defenses.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Technorati
  • De.lirio.us
  • email
  • Facebook
  • MySpace
  • StumbleUpon
  • LinkedIn
Read the full article →

← Previous Entries

Next Entries →