TrustWave Inc. analyzed data gathered from over 1900 penetration tests and over 200 data breach investigations and concluded that the top 3 ways to sneak into a network in 2009 were via:
Continue reading →
Like this:
Like Loading...
Filed under Security
Tagged as CIO magazine, data breach, marcus ranum, old flaw, patch management, pentration tests, remote access, security survey, sql injection, trusted connection, trustwave
SC Magazine had a good article back in November (I am a bit behind in my reading and my blogging) about industry pioneers in IT security. Listed below are quotes by a select few of the people the mag profiled. If you find their quotes interesting, or you are not familiar with them, I suggest you check out the article and perhaps do some extra reading about some of them.
I thought cryptography was a technique that did not require your trusting other people…” – Whitfield Diffie
Continue reading →
Like this:
Like Loading...
Filed under Security
Tagged as Bruce Schneier, data, encryption, Fyodor, Howard Schmidt, IT, marcus ranum, Paul Sarbanes, Peter Stephenson, Phil Zimmermann, pioneer, SC Magazine, Security, Technology, Whitfield Diffie
Audry Agle, a former CISO, offers 7 practical ideas for increasing security awareness below. I’ve summarized some of the points and added comments of my own in italics:
1. Appeal to personal lives – Helping people deal with security issues at home tells them you care about THEM, not just company systems and data.
Continue reading →
Like this:
Like Loading...
Filed under Security
Tagged as audry agle, celebrate security, clean desk, dumpster diving, intranet, marcus ranum, most popular security questions, newsletter, orientation program, personal security, Security, security awareness, stupid questions, tone at the top, training, wall of shame
ITauditSecurity 