New IT Auditor Needs Help!

A new IT auditor needs some help dealing with database patching issues and how far you need to dive into technology during an IT audit.

Take a moment to read his comment and add your thoughts. I’ve put in my 2 cents. Let’s get a good discussion going.

I think any auditor can chime in, as audit scope and audit limitations are not unique to IT audit.

Dinesh’s comment appears in What IT Auditors Ought to Know – and Don’t!

Advertisement

Creating and Selling Zero-day Exploits

Bruce Schneier has written about and compiled some great info and links regarding the market for creating and selling zero-day exploits in his Crypto-Gram newsletter.

Here’s some highlights:

Continue reading →

How Bot Net Trends are Changing

Bot net trends are changing, according to an Information Week article.  Tim Wilson notes the following:

• Overall, bot net activity is picking up after a late 2010 lull.
• Large bot nets will be aggressive in capturing more computers for their kingdom.  Bot  nets will attempt to steal seats from their competition, patching the computers they take over so to defend themselves against other thieves.
• Social networks are becoming the command points for bot nets.
• Similar to the SETI programs where you can donate some of your computer’s processing capacity to search for alien intelligence, some bot nets are becoming opt-in so that you can participate in politically-based bot net activity.
• Small botnets are becoming used more effectively, as they are harder to detect.

Read all about it at Botnets Coming Roaring Back in New Year.

Leave a Comment

Shipley on Security Spend

Greg Shipley, founder of Neohapsis, wrote an article in Information Week magazine, this time about how ineffective most of the money spent on security defenses is against the attacks we’re facing.  It’s not a short article, but as I’ve said before, Shipley is always worth reading. Here’s what I found most interesting in the article:

• “Deficiencies, even in our security technologies, are an unfortunate fact of life,” says Shipley.

Continue reading →

Conclusion: Audit Server Disappeared

In Case File: Audit Server Disappeared, I noted that a friend of mine learned that  IT had, on its own prerogative, wiped a server belonging to Internal Audit because “it never appeared to be used.”

Some of you already commented on some of the issues involved in this incident and the normal IT activities that should have prevented this incident (or at least alerted IT that something was wrong). Let’s review those comments and I’ll add some other details and comments.

Continue reading →

Case File: Trouble Bites Auditor

As an auditor, I’ve been accused many times of looking for trouble. I have to admit that it’s true, because that’s my job. But too often, trouble comes looking for me. Sure it makes my job easier, but it also makes me scratch my head.

When I was in IT operations, before I got into security and audit, I was always thorough and followed common sense and company policy. However, any projects that I was doing that might draw the eyes of either of those departments, I double-checked prior to delivery. Most bosses don’t like surprises, and I was always a details guy. Besides, why poke the bear?

Continue reading →

5 Security Steps for Non-Big Businesses

Lenny Zeltser suggest 5 steps that mid-market organizations can take down the security path:

1. Identify key data flows
2. Understand user interactions
3. Examine the network perimeter
4. Assess the servers and workstations
5. Look at the applications

Continue reading →